ck92 Posted November 8, 2012 ID:610678 Share Posted November 8, 2012 Hi, I think this is the right place to post my log. My log is below but maybe some of the following info is important. Basically I used a website to edit a pdf document and I downloaded the file. After I downloaded the file my laptop started acting up and freezing a lot. I don't know if it was the direct cause but my laptop was working fine before then. Doing a virus scan I deleted two trojans but no other virus is showing up. I have AVG. My laptop is really slow, the start button often freezes and just everything is freezing. I am currently using my laptop in safe mode with networking and things are fine - no freezing. I hope one of you can help me. Thanks. Logfile of Trend Micro HijackThis v2.0.4Scan saved at 12:40:59, on 08/11/2012Platform: Windows 7 (WinNT 6.00.3504)MSIE: Internet Explorer v9.00 (9.00.8112.16450)Boot mode: Safe mode with network supportRunning processes:F:\HijackThis.exeC:\Windows\SysWOW64\DllHost.exeR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSRCAS.DLL (file missing)F2 - REG:system.ini: UserInit=userinit.exeO2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dllO2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSBAR.DLLO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (file missing)O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dllO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllO2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.3\AVG Secure Search_toolbar.dllO2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllO2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllO3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSBAR.DLLO3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.3\AVG Secure Search_toolbar.dllO4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeO4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resumeO4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exeO4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exeO4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"O4 - HKLM\..\Run: [ReminderApp] C:\Program Files (x86)\Nova Development\Scrapbook Factory Deluxe 4.0\ReminderApp.exeO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exeO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLYO4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12O4 - HKCU\..\Run: [Google Update] "C:\Users\Charlene\AppData\Local\Google\Update\GoogleUpdate.exe" /cO4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunO4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrunO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXEO4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exeO8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLLO9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cabO16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/mjss/MJSS.cab109791.cabO16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/tr/uno1/GAME_UNO1.cabO16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cabO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dllO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLLO18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dllO18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllO23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exeO23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exeO23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exeO23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exeO23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exeO23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exeO23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exeO23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exeO23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exeO23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exeO23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~2\MYWEBS~1\bar\2.bin\mwssvc.exeO23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: RtVOsdService Installer (RtVOsdService) - Realtek Semiconductor Corp. - C:\Program Files\Realtek\RtVOsd\RtVOsdService.exeO23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exeO23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeO23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exeO23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)--End of file - 13989 bytes Link to post Share on other sites More sharing options...
Maniac Posted November 8, 2012 ID:610686 Share Posted November 8, 2012 Hello ck92 and ! My name is Maniac and I will be glad to help you solve your malware problem.Please note:If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.Make sure you read all of the instructions and fixes thoroughly before continuing with them.Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.Please perform the following actions in Normal mode instead of Safe mode:http://forums.malwarebytes.org/index.php?showtopic=9573 Link to post Share on other sites More sharing options...
ck92 Posted November 8, 2012 Author ID:610798 Share Posted November 8, 2012 Thanks Maniac for your help.I downloaded malwarebytes anti malware programme. However as my laptop is really slow and keeps freezing in normal mode it did not go very well. The scan was running for nearly 3 and half hours and it said 176 infections had been found! I did not get to finish the scan because my laptop just turned itself off. Then I tried again doing a quick scan but I forgot to keep the battery plugged in and after 1 hour my laptop shut down because of low battery! I have had enough of it today so I am going to try again tommorow but I don't know if I will be able to complete it - is there anyway of helping the programme run without my laptop freezing?Plus I wonder if my hijack this logs are of any use to you? Link to post Share on other sites More sharing options...
ck92 Posted November 8, 2012 Author ID:610804 Share Posted November 8, 2012 By the way I scanned also in safe mode just now it was really quick but I know I will have to do it in normal mode too which I plan tomorrow. 240 infections were found in safe mode I don't know if I should delete these things. Here is the log..it is really long sorry.Malwarebytes Anti-Malware (Trial) 1.65.1.1000www.malwarebytes.orgDatabase version: v2012.11.08.03Windows 7 x64 NTFS (Safe Mode/Networking)Internet Explorer 9.0.8112.16421Protection: Disabled08/11/2012 19:03:33mbam-log-2012-11-08 (19-40-51).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 214613Time elapsed: 36 minute(s), 36 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 143HKLM\SYSTEM\CurrentControlSet\Services\MyWebSearchService (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.HKCR\MyWebSearchToolBar.SettingsPlugin.1 (PUP.MyWebSearch) -> No action taken.HKCR\MyWebSearchToolBar.SettingsPlugin (PUP.MyWebSearch) -> No action taken.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (PUP.MyWebSearch) -> No action taken.HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} (PUP.MyWebSearch) -> No action taken.HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} (PUP.MyWebSearch) -> No action taken.HKCR\FunWebProducts.IECookiesManager.1 (PUP.MyWebSearch) -> No action taken.HKCR\FunWebProducts.IECookiesManager (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> No action taken.HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} (PUP.MyWebSearch) -> No action taken.HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} (PUP.MyWebSearch) -> No action taken.HKCR\FunWebProducts.DataControl.1 (PUP.MyWebSearch) -> No action taken.HKCR\FunWebProducts.DataControl (PUP.MyWebSearch) -> No action taken.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> No action taken.HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (PUP.MyWebSearch) -> No action taken.HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (PUP.MyWebSearch) -> No action taken.HKCR\FunWebProducts.HTMLMenu.2 (PUP.MyWebSearch) -> No action taken.HKCR\FunWebProducts.HTMLMenu (PUP.MyWebSearch) -> No action taken.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.HKCR\MyWebSearch.HTMLPanel.1 (PUP.MyWebSearch) -> No action taken.HKCR\MyWebSearch.HTMLPanel (PUP.MyWebSearch) -> No action taken.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} (PUP.MyWebSearch) -> No action taken.HKCR\MyWebSearchToolBar.ToolbarPlugin.1 (PUP.MyWebSearch) -> No action taken.HKCR\MyWebSearchToolBar.ToolbarPlugin (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> No action taken.HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> No action taken.HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> No action taken.HKCR\FunWebProducts.PopSwatterSettingsControl.1 (PUP.MyWebSearch) -> No action taken.HKCR\FunWebProducts.PopSwatterSettingsControl (PUP.MyWebSearch) -> No action taken.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.HKCR\MyWebSearch.PseudoTransparentPlugin.1 (PUP.MyWebSearch) -> No action taken.HKCR\MyWebSearch.PseudoTransparentPlugin (PUP.MyWebSearch) -> No action taken.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> No action taken.HKCR\FunWebProducts.PopSwatterBarButton.1 (PUP.MyWebSearch) -> No action taken.HKCR\FunWebProducts.PopSwatterBarButton (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} (PUP.MyWebSearch) -> No action taken.HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} (PUP.MyWebSearch) -> No action taken.HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (PUP.MyWebSearch) -> No action taken.HKCR\FunWebProducts.HTMLMenu.1 (PUP.MyWebSearch) -> No action taken.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> No action taken.HKCR\ScreenSaverControl.ScreenSaverInstaller.1 (PUP.MyWebSearch) -> No action taken.HKCR\ScreenSaverControl.ScreenSaverInstaller (PUP.MyWebSearch) -> No action taken.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17} (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} (PUP.MyWebSearch) -> No action taken.HKCR\MyWebSearch.OutlookAddin.1 (PUP.MyWebSearch) -> No action taken.HKCR\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} (PUP.MyWebSearch) -> No action taken.HKCR\FunWebProducts.KillerObjManager.1 (PUP.MyWebSearch) -> No action taken.HKCR\FunWebProducts.KillerObjManager (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} (PUP.MyWebSearch) -> No action taken.HKCR\FunWebProducts.HistoryKillerScheduler.1 (PUP.MyWebSearch) -> No action taken.HKCR\FunWebProducts.HistoryKillerScheduler (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} (PUP.MyWebSearch) -> No action taken.HKCR\FunWebProducts.HistorySwatterControlBar.1 (PUP.MyWebSearch) -> No action taken.HKCR\FunWebProducts.HistorySwatterControlBar (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} (PUP.MyWebSearch) -> No action taken.HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} (PUP.MyWebSearch) -> No action taken.HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> No action taken.HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> No action taken.HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} (PUP.MyWebSearch) -> No action taken.HKCR\MyWebSearch.ChatSessionPlugin.1 (PUP.MyWebSearch) -> No action taken.HKCR\MyWebSearch.ChatSessionPlugin (PUP.MyWebSearch) -> No action taken.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> No action taken.HKCR\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (PUP.MyWebSearch) -> No action taken.HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (PUP.MyWebSearch) -> No action taken.HKCR\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (PUP.MyWebSearch) -> No action taken.HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (PUP.MyWebSearch) -> No action taken.HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> No action taken.HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> No action taken.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC} (PUP.MyWebSearch) -> No action taken.HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (PUP.MyWebSearch) -> No action taken.HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (PUP.MyWebSearch) -> No action taken.HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (PUP.MyWebSearch) -> No action taken.HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> No action taken.HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (PUP.MyWebSearch) -> No action taken.HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (PUP.MyWebSearch) -> No action taken.HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (PUP.MyWebSearch) -> No action taken.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> No action taken.HKCR\MyWebSearch.MultipleButton (PUP.MyWebSearch) -> No action taken.HKCR\MyWebSearch.MultipleButton.1 (PUP.MyWebSearch) -> No action taken.HKCR\MyWebSearch.ThirdPartyInstaller (PUP.MyWebSearch) -> No action taken.HKCR\MyWebSearch.ThirdPartyInstaller.1 (PUP.MyWebSearch) -> No action taken.HKCR\MyWebSearch.UrlAlertButton (PUP.MyWebSearch) -> No action taken.HKCR\MyWebSearch.UrlAlertButton.1 (PUP.MyWebSearch) -> No action taken.HKCU\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> No action taken.HKLM\SOFTWARE\FocusInteractive (PUP.MyWebSearch) -> No action taken.HKLM\SOFTWARE\Fun Web Products (PUP.MyWebSearch) -> No action taken.HKLM\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> No action taken.HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (PUP.MyWebSearch) -> No action taken.HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (PUP.MyWebSearch) -> No action taken.HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> No action taken.HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> No action taken.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302} (PUP.MyWebSearch) -> No action taken.HKCR\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302} (PUP.MyWebSearch) -> No action taken.HKCR\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302} (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{67FA02C4-AB30-4e77-A640-78EE8EC8673B} (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28} (PUP.MyWebSearch) -> No action taken.HKCR\TypeLib\{8FFDF636-0D87-4B33-B9E9-79A53F6E1DAE} (PUP.MyWebSearch) -> No action taken.HKCR\Interface\{01947140-417F-46B6-8751-A3A2B8345E1A} (PUP.MyWebSearch) -> No action taken.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28} (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{799391D3-EB86-4bac-9BD3-CBFEA58A0E15} (PUP.MyWebSearch) -> No action taken.HKCR\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61} (PUP.MyWebSearch) -> No action taken.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> No action taken.HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> No action taken.HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> No action taken.HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> No action taken.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> No action taken.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> No action taken.Registry Values Detected: 8HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{00A6FAF6-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Data: -> No action taken.HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: ©Ž±#¥aI¶»äG\Ê -> No action taken.HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> No action taken.HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> No action taken.HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00A6FAF6-072E-44cf-8957-5838F569A31D} (PUP.MyWebSearch) -> Data: -> No action taken.HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> No action taken.HKLM\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources|f3PopularScreensavers (PUP.MyWebSearch) -> Data: C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3SCRCTR.DLL -> No action taken.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform|FunWebProducts (PUP.MyWebSearch) -> Data: -> No action taken.Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 17C:\Program Files (x86)\FunWebProducts (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\FunWebProducts\ScreenSaver (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\FunWebProducts\ScreenSaver\Images (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\1.bin (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\1.bin\chrome (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\chrome (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\Avatar (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\Game (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\History (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\icons (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\Message (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\Notifier (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\Overlay (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\Settings (PUP.MyWebSearch) -> No action taken.Files Detected: 79C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSVC.EXE (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSBAR.DLL (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3HISTSW.DLL (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3DTACTL.DLL (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3HTMLMU.DLL (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3HTML.DLL (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3FFTBPR.DLL (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3POPSWT.DLL (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3SKIN.DLL (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3CJPEG.DLL (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3SCRCTR.DLL (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3OUTLCN.DLL (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3HTTPCT.DLL (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3MSG.DLL (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3REPROX.DLL (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSOEPLG.DLL (PUP.MyWebSearch) -> No action taken.C:\Windows\System32\f3PSSavr.scr (PUP.FunWebProducts) -> No action taken.C:\Users\Charlene\Downloads\MyFunCards.exe (PUP.FunWebProducts) -> No action taken.C:\Windows\System32\f3PSSavr.scr (Trojan.Agent) -> No action taken.C:\Windows\SysWOW64\f3PSSavr.scr (Trojan.Agent) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\c3IMStub.Dll (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\CHROME.MANIFEST (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3BKGERR.JPG (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3HKSTUB.DLL (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3IMSTUB.DLL (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3PSSAVR.SCR (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3REGHK.DLL (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3RESTUB.DLL (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3SCHMON.EXE (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3SPACER.WMV (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3WALLPP.DAT (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3WPHOOK.DLL (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\FWPBUDDY.PNG (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\INSTALL.RDF (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3AUXSTB.DLL (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3DLGHK.DLL (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3HIGHIN.EXE (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3IDLE.DLL (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3IMPIPE.EXE (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3MEDINT.EXE (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3PATCH.DLL (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3PLUGIN.DLL (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3SKPLAY.EXE (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3SLSRCH.EXE (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3SRCHMN.EXE (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3TPINST.DLL (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3UNPAT.DLL (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSMLBTN.DLL (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSOEMON.EXE (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSOESTB.DLL (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSUABTN.DLL (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\NPMYWEBS.DLL (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\chrome\M3FFXTBR.JAR (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\Avatar\COMMON.F3S (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\Game\CHECKERS.F3S (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\Game\CHESS.F3S (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\Game\REVERSI.F3S (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\icons\CM.ICO (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\icons\MFC.ICO (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\icons\PSS.ICO (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\icons\SMILEY.ICO (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\icons\WB.ICO (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\icons\ZWINKY.ICO (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\Message\COMMON.F3S (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\Notifier\COMMON.F3S (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\Notifier\DOG.F3S (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\Notifier\FISH.F3S (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\Notifier\KUNGFU.F3S (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\Notifier\LIFEGARD.F3S (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\Notifier\MAID.F3S (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\Notifier\MAILBOX.F3S (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\Notifier\OPERA.F3S (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\Notifier\ROBOT.F3S (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\Notifier\SEDUCT.F3S (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\Notifier\SURFER.F3S (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\Overlay\COMMON.F3S (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\Settings\s_pid.dat (PUP.MyWebSearch) -> No action taken.C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSBAR.DLL (Trojan.BHO) -> No action taken.(end) Link to post Share on other sites More sharing options...
Maniac Posted November 8, 2012 ID:610893 Share Posted November 8, 2012 Don't remove them, just proceed with DDS. Link to post Share on other sites More sharing options...
ck92 Posted November 9, 2012 Author ID:611230 Share Posted November 9, 2012 DDS won't work for me. I was able to download it but the green line has not progressed further for the past 2 hours and it worked after like 5 mins in safe mode. I don't know if the results are of any use to you from safe mode though if they are I will paste them. Other than that I don't know what to do because my laptop is so slow and just freezes all the time in normal mode. Is there nothing else I can do? Link to post Share on other sites More sharing options...
ck92 Posted November 9, 2012 Author ID:611241 Share Posted November 9, 2012 Ok it just finally stopped now here are the dds things...UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-07.01).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1Install Date: 26/12/2010 14:25:06System Uptime: 09/11/2012 21:01:37 (1 hours ago).Motherboard: Hewlett-Packard | | 1439Processor: Intel® Core i3 CPU M 350 @ 2.27GHz | CPU | 929/1066mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 449 GiB total, 383.348 GiB free.D: is FIXED (NTFS) - 16 GiB total, 2.09 GiB free.E: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}Description: Deskjet F4500 seriesDevice ID: ROOT\MULTIFUNCTION\0000Manufacturer: HPName: Deskjet F4500 seriesPNP Device ID: ROOT\MULTIFUNCTION\0000Service: .Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}Description: Deskjet F4500 seriesDevice ID: ROOT\IMAGE\0000Manufacturer: HPName: Deskjet F4500 seriesPNP Device ID: ROOT\IMAGE\0000Service: StillCam.==== System Restore Points ===================.No restore point in system..==== Installed Programs ======================. Update for Microsoft Office 2007 (KB2508958)64 Bit HP CIO Components InstallerAcrobat.comAdobe AIRAdobe Flash Player 10 ActiveXAdobe Reader 9.4.5 MUIAdobe Shockwave Player 11.5Adobe Shockwave Player 11.6Agatha Christie - Death on the NileApple Application SupportApple Software UpdateAVG 2013AVG Security ToolbarBejeweled 2 DeluxeBing BarBlackhawk Striker 2Broadcom 802.11 Wireless LAN AdapterBufferChmBykiByki ExpressChuzzle DeluxeCole2k Media - Codec Pack (Standard)CopyCyberLink DVD SuiteCyberLink PowerDVD 9CyberLink YouCamD3DX10DestinationsDeviceDiscoveryDivX SetupDJ_AIO_06_F4500_SW_MINDora's Carnival AdventureEnergy Star Digital LogoEscape Rosecliff IslandESU for Microsoft Windows 7F4500FATEFinal Drive NitroGoogle ChromeGoogle EarthGoogle Update HelperGPBaseService2Hewlett-Packard ACLM.NET v1.1.2.0HP AdvisorHP Customer Experience EnhancementsHP Customer Participation Program 13.0HP Deskjet F4500 Printer Driver Software 13.0 Rel .6HP DocumentationHP Game ConsoleHP GamesHP Imaging Device Functions 13.0HP Photo CreationsHP Power ManagerHP Print Projects 1.0HP Quick LaunchHP SetupHP Smart Web Printing 4.5HP Software FrameworkHP Solution Center 13.0HP Support AssistantHP UpdateHP Wireless AssistantHPPhotoGadgethpPrintProjectsHPProductAssistantHPSSupplyhpWLPGInstallerIntel® Control CenterIntel® Graphics Media Accelerator DriverIntel® Management Engine ComponentsIntel® Rapid Storage TechnologyJava 7 Update 7Java Auto UpdaterJava 6 Update 20 (64-bit)Jewel Quest - HeritageJunk Mail filter updateLabelPrintLightScribe System SoftwareMagic DesktopMalwarebytes Anti-Malware version 1.65.1.1000MarketResearchMessenger Plus! 5Microsoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Default ManagerMicrosoft Office 2007 Service Pack 3 (SP3)Microsoft Office 2010Microsoft Office Access MUI (English) 2007Microsoft Office Access Setup Metadata MUI (English) 2007Microsoft Office Click-to-Run 2010Microsoft Office Enterprise 2007Microsoft Office Excel MUI (English) 2007Microsoft Office Groove MUI (English) 2007Microsoft Office Groove Setup Metadata MUI (English) 2007Microsoft Office InfoPath MUI (English) 2007Microsoft Office Office 64-bit Components 2007Microsoft Office OneNote MUI (English) 2007Microsoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Publisher MUI (English) 2007Microsoft Office Shared 64-bit MUI (English) 2007Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Starter 2010 - EnglishMicrosoft Office Word MUI (English) 2007Microsoft Security ClientMicrosoft Security EssentialsMicrosoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219MSVCRTMSVCRT_amd64MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)My Web SearchNetwork64Penguins!PhotoNow!Picasa 3Plants vs. ZombiesPoker Superstars IIIPolar BowlerPolar GolferPower2GoPowerDirectorQuickTimeRealNetworks - Microsoft Visual C++ 2008 RuntimeRealPlayerRealtek Ethernet Controller Driver For Windows 7Realtek High Definition Audio DriverRealtek USB 2.0 Card ReaderRealUpgrade 1.1Recovery ManagerRiyad us Saliheen - Gardens of the RighteousRtVOsdScanScrapbook Factory Deluxe 4.0Security Update for CAPICOM (KB931906)Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596792) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSecurity Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit EditionSecurity Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition Shop for HP SuppliesSkype™ 5.10SmartWebPrintingSolutionCenterStatusswMSMSynaptics Pointing Device DriverToolboxTrayAppUpdate for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2473228)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office Access 2007 Help (KB963663)Update for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office Infopath 2007 Help (KB963662)Update for Microsoft Office OneNote 2007 Help (KB963670)Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit EditionUpdate for Microsoft Office Outlook 2007 Help (KB963677)Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit EditionUpdate for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Publisher 2007 Help (KB963667)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)VC80CRTRedist - 8.0.50727.6195Virtual Villagers - The Secret CityVisual Studio 2008 x64 RedistributablesVisual Studio 2010 x64 RedistributablesWebRegWindows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MessengerWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live SOXEWindows Live SOXE DefinitionsWindows Live SyncWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWindows Media Player Firefox PluginWinRAR archiverZuma Deluxe.==== Event Viewer Messages From Past Week ========.09/11/2012 21:41:20, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect.09/11/2012 21:41:20, Error: Service Control Manager [7000] - The Windows Modules Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.09/11/2012 21:41:20, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service TrustedInstaller with arguments "" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}09/11/2012 21:38:49, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.09/11/2012 21:35:18, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.09/11/2012 21:13:51, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.09/11/2012 21:13:21, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioSrv service.09/11/2012 21:12:39, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service.09/11/2012 21:12:09, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IKEEXT service.09/11/2012 21:11:39, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.09/11/2012 21:11:09, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SENS service.09/11/2012 21:10:58, Error: Service Control Manager [7022] - The Windows Update service hung on starting.09/11/2012 21:04:50, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.09/11/2012 21:04:50, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.09/11/2012 21:02:26, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.09/11/2012 21:00:28, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.09/11/2012 20:59:58, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.09/11/2012 20:29:27, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.09/11/2012 20:29:27, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.09/11/2012 20:27:29, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.09/11/2012 20:27:29, Error: Service Control Manager [7000] - The Software Protection service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.09/11/2012 20:26:42, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the RtVOsdService Installer service to connect.09/11/2012 20:26:42, Error: Service Control Manager [7000] - The RtVOsdService Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.09/11/2012 20:26:10, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intel® Rapid Storage Technology service to connect.09/11/2012 20:26:10, Error: Service Control Manager [7000] - The Intel® Rapid Storage Technology service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.09/11/2012 20:25:37, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Wireless Assistant Service service to connect.09/11/2012 20:25:37, Error: Service Control Manager [7000] - The HP Wireless Assistant Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.09/11/2012 20:22:47, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X64 service to connect.09/11/2012 20:22:17, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.09/11/2012 20:15:42, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1515.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode 09/11/2012 20:15:42, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}09/11/2012 20:15:41, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:.09/11/2012 20:06:06, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.09/11/2012 20:06:05, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.09/11/2012 20:06:04, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}09/11/2012 20:06:04, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}09/11/2012 20:05:59, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}09/11/2012 20:05:49, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}09/11/2012 20:05:41, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 2109/11/2012 20:05:27, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AVGIDSDriver Avgldx64 discache MpFilter spldr Wanarpv609/11/2012 20:05:22, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.09/11/2012 20:05:22, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning.09/11/2012 19:59:53, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.09/11/2012 19:58:01, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Support Assistant Service service to connect.09/11/2012 19:58:01, Error: Service Control Manager [7000] - The HP Support Assistant Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.09/11/2012 19:48:53, Error: bowser [8003] - The master browser has received a server announcement from the computer HP-BILGISAYAR that believes that it is the master browser for the domain on transport NetBT_Tcpip_{310843A3-255C-4E42-AF22-CA19A1ABB0E8}. The master browser is stopping or an election is being forced.09/11/2012 19:48:11, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Application Virtualization Client service to connect.09/11/2012 19:48:11, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.09/11/2012 19:48:11, Error: Service Control Manager [7000] - The Application Virtualization Client service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.08/11/2012 19:40:15, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.08/11/2012 19:03:21, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1515.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode 08/11/2012 18:50:30, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.08/11/2012 18:34:39, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WMPNetworkSvc service.08/11/2012 18:05:23, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.08/11/2012 17:51:34, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service.08/11/2012 17:48:24, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.08/11/2012 17:47:24, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPSLPSVC service.08/11/2012 17:45:54, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MsMpSvc service.08/11/2012 17:43:24, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgfws service.08/11/2012 17:17:38, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wuauserv service.08/11/2012 14:43:51, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.139.1429.0).08/11/2012 14:41:41, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.1623.0).08/11/2012 14:41:23, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1515.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070643 Error description: Fatal error during installation. 08/11/2012 14:28:06, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intel® Management & Security Application User Notification Service service to connect.08/11/2012 14:28:06, Error: Service Control Manager [7000] - The Intel® Management & Security Application User Notification Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.08/11/2012 12:48:28, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1515.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode 07/11/2012 21:25:12, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service SkypeUpdate with arguments "/ComService" in order to run the server: {CC957078-B838-47C4-A7CF-626E7A82FC58}07/11/2012 20:57:32, Error: Service Control Manager [7022] - The Windows Defender service hung on starting.07/11/2012 13:54:30, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.07/11/2012 13:53:32, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}07/11/2012 13:53:32, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}07/11/2012 13:53:08, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Avgfwfd AVGIDSDriver Avgldx64 Avgtdia DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf07/11/2012 13:53:07, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.07/11/2012 13:53:07, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.07/11/2012 13:53:07, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.07/11/2012 13:53:07, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.07/11/2012 13:53:07, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.07/11/2012 13:53:07, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.07/11/2012 13:53:07, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.07/11/2012 13:53:07, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.07/11/2012 13:53:07, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.07/11/2012 13:53:07, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.07/11/2012 13:38:57, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service.07/11/2012 13:38:57, Error: Service Control Manager [7000] - The Application Information service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.07/11/2012 08:22:38, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1119.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode 06/11/2012 21:08:53, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1119.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode 06/11/2012 18:53:03, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1119.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode 06/11/2012 18:40:42, Error: Service Control Manager [7024] - The Background Intelligent Transfer Service service terminated with service-specific error %%-2147023544.06/11/2012 18:40:42, Error: Microsoft-Windows-Bits-Client [16392] - The BITS service failed to start. Error 0x80070548.06/11/2012 18:40:28, Error: Service Control Manager [7043] - The AVGIDSAgent service did not shut down properly after receiving a preshutdown control.04/11/2012 23:07:38, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1119.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode 04/11/2012 12:58:42, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1119.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode 03/11/2012 13:41:39, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1119.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode 03/11/2012 12:24:18, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1119.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode 02/11/2012 22:31:18, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1119.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode .==== End Of File ===========================DDS (Ver_2012-11-07.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16450 BrowserJavaVersion: 10.7.2Run by Charlene at 21:27:04 on 2012-11-09.============== Running Processes ===============.C:\PROGRA~2\AVG\AVG2013\avgrsa.exeC:\Program Files (x86)\AVG\AVG2013\avgcsrva.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSc:\Program Files\Microsoft Security Client\MsMpEng.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\WLANExt.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files\Realtek\Audio\HDA\AERTSr64.exeC:\Program Files (x86)\AVG\AVG2013\avgfws.exeC:\Program Files (x86)\AVG\AVG2013\avgidsagent.exeC:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exeC:\Windows\SysWOW64\ezSharedSvcHost.exeC:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exeC:\Windows\SysWOW64\svchost.exe -k hpdevmgmtC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exeC:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\PROGRA~2\MYWEBS~1\bar\2.bin\mwssvc.exeC:\Windows\System32\svchost.exe -k HPZ12C:\Windows\System32\svchost.exe -k HPZ12C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXEC:\Program Files (x86)\AVG\AVG2013\avgnsa.exeC:\Program Files (x86)\AVG\AVG2013\avgemca.exeC:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exeC:\Windows\system32\taskhost.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files\Microsoft Security Client\msseces.exeC:\Users\Charlene\AppData\Local\Google\Update\GoogleUpdate.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files (x86)\Skype\Phone\Skype.exeC:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exeC:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXEC:\Program Files (x86)\AVG\AVG2013\avgcsrva.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXEC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exeC:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exeC:\Program Files (x86)\Nova Development\Scrapbook Factory Deluxe 4.0\ReminderApp.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\AVG\AVG2013\avgui.exeC:\Program Files (x86)\AVG Secure Search\vprot.exeC:\Windows\system32\SearchIndexer.exeC:\Users\Charlene\AppData\Local\Google\Chrome\Application\chrome.exec:\Program Files\Microsoft Security Client\NisSrv.exeC:\Windows\system32\svchost.exe -k HPServiceC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exeC:\Users\Charlene\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Charlene\AppData\Local\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exeC:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exeC:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exeC:\Users\Charlene\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Charlene\AppData\Local\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exeC:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files\Realtek\RtVOsd\RtVOsdService.exeC:\Program Files\Realtek\RtVOsd\RtVOsd.exeC:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Windows\system32\RunDll32.exeC:\Windows\system32\SearchProtocolHost.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\System32\cscript.exeC:\Windows\system32\wermgr.exe.============== Pseudo HJT Report ===============.uURLSearchHooks: <No Name>: {00A6FAF6-072E-44cf-8957-5838F569A31D} - mWinlogon: Userinit = userinit.exeBHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dllBHO: mwsBar BHO: {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSBAR.DLLBHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dllBHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dllBHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllBHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllTB: My Web Search: {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSBAR.DLLTB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - TB: My Web Search: {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSBAR.DLLTB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dllEB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dllEB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dlluRun: [Google Update] "C:\Users\Charlene\AppData\Local\Google\Update\GoogleUpdate.exe" /cuRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunuRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrunmRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exemRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resumemRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exemRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exemRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"mRun: [ReminderApp] C:\Program Files (x86)\Nova Development\Scrapbook Factory Deluxe 4.0\ReminderApp.exemRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exemRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLYmRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"mRun: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-Explorer: EnableShellExecuteHooks = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: HideFastUserSwitching = dword:0IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllDPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cabDPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/mjss/MJSS.cab109791.cabDPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/tr/uno1/GAME_UNO1.cabDPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cabTCP: NameServer = 192.168.2.1TCP: Interfaces\{310843A3-255C-4E42-AF22-CA19A1ABB0E8} : DHCPNameServer = 192.168.2.1TCP: Interfaces\{310843A3-255C-4E42-AF22-CA19A1ABB0E8}\8456C696870283 : DHCPNameServer = 192.168.8.1Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dllSEH: UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dllmASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllx64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -sx64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hiddenx64-Run: [igfxTray] C:\Windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkeyx64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cabx64-DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cabx64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cabx64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>.============= SERVICES / DRIVERS ===============.R? BBSvc;Bing Bar Update ServiceR? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64R? netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 BitR? RSUSBSTOR;RtsUStor.Sys Realtek USB Card ReaderR? RTL8167;Realtek 8167 NT DriverR? SkypeUpdate;Skype UpdaterR? SrvHsfHDA;SrvHsfHDAR? SrvHsfV92;SrvHsfV92R? SrvHsfWinac;SrvHsfWinacR? WatAdminSvc;Windows Activation Technologies ServiceR? yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet ControllerS? AERTFilters;Andrea RT Filters ServiceS? Avgfwfd;AVG network filter serviceS? avgfws;AVG FirewallS? AVGIDSAgent;AVGIDSAgentS? AVGIDSDriver;AVGIDSDriverS? AVGIDSHA;AVGIDSHAS? Avgldx64;AVG AVI Loader DriverS? Avgloga;AVG Logging DriverS? Avgmfx64;AVG Mini-Filter Resident Anti-Virus ShieldS? Avgrkx64;AVG Anti-Rootkit DriverS? Avgtdia;AVG TDI DriverS? avgtp;avgtpS? avgwd;AVG WatchDogS? cvhsvc;Client Virtualization HandlerS? ezSharedSvc;Easybits Services for WindowsS? HECIx64;Intel® Management Engine InterfaceS? HP Support Assistant Service;HP Support Assistant ServiceS? HP Wireless Assistant Service;HP Wireless Assistant ServiceS? HPDrvMntSvc.exe;HP Quick Synchronization ServiceS? HPWMISVC;HPWMISVCS? IAStorDataMgrSvc;Intel® Rapid Storage TechnologyS? IntcDAud;Intel® Display AudioS? MBAMProtector;MBAMProtectorS? MBAMScheduler;MBAMSchedulerS? MBAMService;MBAMServiceS? MpFilter;Microsoft Malware Protection DriverS? MyWebSearchService;My Web Search ServiceS? NisDrv;Microsoft Network Inspection SystemS? NisSrv;Microsoft Network InspectionS? RtVOsdService;RtVOsdService InstallerS? Sftfs;SftfsS? sftlist;Application Virtualization ClientS? Sftplay;SftplayS? Sftredir;SftredirS? Sftvol;SftvolS? sftvsa;Application Virtualization Service AgentS? UNS;Intel® Management & Security Application User Notification ServiceS? vToolbarUpdater13.2.0;vToolbarUpdater13.2.0.=============== Created Last 30 ================.2012-11-08 14:54:27 -------- d-----w- C:\Users\Charlene\AppData\Local\{A9AA6A33-C9AD-4C93-BA3C-4BD200574E43}2012-11-08 12:41:36 9291768 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll2012-11-08 11:56:17 -------- d-----w- C:\Users\Charlene\AppData\Roaming\Malwarebytes2012-11-08 11:56:04 -------- d-----w- C:\ProgramData\Malwarebytes2012-11-08 11:56:03 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2012-11-08 11:56:03 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2012-11-07 06:23:33 9291768 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7BA2E304-C9CA-4192-8487-763FB5A74E7B}\mpengine.dll2012-11-02 20:09:28 -------- d-----w- C:\Users\Charlene\AppData\Local\{C9E7C5B9-B0B7-432A-BF52-97746CA1183A}2012-11-01 14:22:52 9291768 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2012-10-30 17:01:04 -------- d-----w- C:\Users\Charlene\AppData\Local\{2B5EF02A-E5AB-4EBC-920A-E3D608B0CBFF}2012-10-28 09:07:49 -------- d-----w- C:\Users\Charlene\AppData\Local\{C2DA6556-E132-4692-94E7-1FD58A186A5B}2012-10-26 10:07:19 -------- d-----w- C:\Users\Charlene\AppData\Local\{E014203F-DAB2-4081-87F4-69D31FABE8A3}2012-10-24 08:42:17 -------- d-----w- C:\Users\Charlene\AppData\Local\{E4E9007B-ABC8-4D08-BE67-BD2C7F4C1366}2012-10-23 19:50:17 -------- d-----w- C:\Users\Charlene\AppData\Local\{F1F5A624-55C1-403D-98FD-EF83C157CAE6}2012-10-22 17:34:27 -------- d-----w- C:\Users\Charlene\AppData\Local\{4499A20E-BB14-45F7-B843-F2403380BCE3}2012-10-21 08:11:05 -------- d-----w- C:\Users\Charlene\AppData\Local\{581191F8-CFB5-43D1-B9C0-DFA36889EF44}2012-10-20 10:10:36 972192 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3530ECAD-4FBB-447F-B295-5AB880DC4F4C}\gapaengine.dll2012-10-20 09:57:37 -------- d-----w- C:\Users\Charlene\AppData\Local\{542E5A86-1599-4184-B736-13BB7E677514}2012-10-18 10:02:33 -------- d-----w- C:\Users\Charlene\AppData\Roaming\AVG20132012-10-18 10:01:31 -------- d-----w- C:\Users\Charlene\AppData\Local\AVG Secure Search2012-10-18 10:01:28 -------- d-----w- C:\Users\Charlene\AppData\Roaming\TuneUp Software2012-10-18 10:01:25 -------- d-----w- C:\ProgramData\AVG Secure Search2012-10-18 10:01:17 30568 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys2012-10-18 10:01:14 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search2012-10-18 10:01:13 -------- d-----w- C:\Program Files (x86)\AVG Secure Search2012-10-18 09:52:27 -------- d--h--w- C:\$AVG2012-10-18 09:52:27 -------- d-----w- C:\ProgramData\AVG20132012-10-18 09:08:04 -------- d-----w- C:\Users\Charlene\AppData\Local\Avg20132012-10-18 09:07:59 -------- d-----w- C:\Users\Charlene\AppData\Local\MFAData2012-10-18 08:58:27 -------- d-----w- C:\Users\Charlene\AppData\Local\{25F59CA2-A68A-4C0C-A1F8-D33E5EF3CD97}2012-10-17 18:57:45 -------- d-----w- C:\Users\Charlene\AppData\Local\{3E48EBD5-53E7-4DA1-9267-BA8202160306}2012-10-14 17:07:02 -------- d-----w- C:\Users\Charlene\AppData\Local\{16AA751A-0AC9-4854-86DA-51E78BC60415}2012-10-13 09:16:36 -------- d-----w- C:\Users\Charlene\AppData\Local\{AEDCF73D-F1BD-4EC1-B357-50C5D0EE818F}2012-10-12 18:01:08 -------- d-----w- C:\Users\Charlene\AppData\Local\{7AEA803F-8E8E-4089-9196-50B4AEB34B86}2012-10-12 17:40:30 -------- d-----w- C:\Program Files (x86)\Common Files\Intel Corporation2012-10-11 14:46:40 -------- d-----w- C:\Users\Charlene\AppData\Local\{8CAB227A-E95A-430D-9C67-41A5D5F9B221}2012-10-11 08:29:00 1656688 ----a-w- C:\Windows\System32\drivers\ntfs.sys2012-10-11 08:20:31 1462784 ----a-w- C:\Windows\System32\crypt32.dll2012-10-11 08:20:31 1157632 ----a-w- C:\Windows\SysWow64\crypt32.dll2012-10-11 08:20:30 182272 ----a-w- C:\Windows\System32\cryptsvc.dll2012-10-11 08:20:28 140288 ----a-w- C:\Windows\System32\cryptnet.dll2012-10-11 08:20:27 139264 ----a-w- C:\Windows\SysWow64\cryptsvc.dll2012-10-11 08:20:27 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll2012-10-11 08:14:42 -------- d-----w- C:\Users\Charlene\AppData\Local\{75911146-4206-462E-8B67-4E5A2A1561C1}.==================== Find3M ====================.2012-10-05 00:26:22 111456 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys2012-10-02 00:30:38 185696 ----a-w- C:\Windows\System32\drivers\avgldx64.sys2012-09-21 00:46:04 200032 ----a-w- C:\Windows\System32\drivers\avgtdia.sys2012-09-21 00:46:00 225120 ----a-w- C:\Windows\System32\drivers\avgloga.sys2012-09-21 00:45:50 61792 ----a-w- C:\Windows\System32\drivers\avgidsha.sys2012-09-18 14:40:28 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2012-09-18 14:40:23 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll2012-09-18 14:40:23 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll2012-09-14 19:23:40 2048 ----a-w- C:\Windows\System32\tzres.dll2012-09-14 18:30:38 2048 ----a-w- C:\Windows\SysWow64\tzres.dll2012-09-14 00:05:18 40800 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys2012-09-13 00:11:18 151904 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys2012-09-04 07:39:32 50296 ----a-w- C:\Windows\System32\drivers\avgfwd6a.sys2012-08-30 19:03:48 228768 ----a-w- C:\Windows\System32\drivers\MpFilter.sys2012-08-30 19:03:48 128456 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys2012-08-30 18:11:29 5505904 ----a-w- C:\Windows\System32\ntoskrnl.exe2012-08-30 17:18:33 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2012-08-30 17:18:33 3902832 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2012-08-24 18:05:28 220160 ----a-w- C:\Windows\System32\wintrust.dll2012-08-24 17:10:47 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb2012-08-20 22:05:26 0 ----a-w- C:\Windows\SysWow64\sho1FB6.tmp2012-08-18 15:43:05 362496 ----a-w- C:\Windows\System32\wow64win.dll2012-08-18 15:43:05 243200 ----a-w- C:\Windows\System32\wow64.dll2012-08-18 15:43:05 13312 ----a-w- C:\Windows\System32\wow64cpu.dll2012-08-18 15:42:31 215040 ----a-w- C:\Windows\System32\winsrv.dll2012-08-18 15:40:26 16384 ----a-w- C:\Windows\System32\ntvdm64.dll2012-08-18 15:37:49 425984 ----a-w- C:\Windows\System32\KernelBase.dll2012-08-18 15:34:13 338432 ----a-w- C:\Windows\System32\conhost.exe2012-08-18 11:22:55 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2012-08-18 11:19:45 44032 ----a-w- C:\Windows\apppatch\acwow64.dll2012-08-18 11:19:22 25600 ----a-w- C:\Windows\SysWow64\setup16.exe2012-08-18 11:17:56 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2012-08-18 11:17:56 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll2012-08-18 09:12:09 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2012-08-18 09:12:09 2048 ----a-w- C:\Windows\SysWow64\user.exe2012-08-18 09:07:02 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll2012-08-18 09:07:02 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll2012-08-18 09:07:02 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll2012-08-18 09:07:02 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll.============= FINISH: 22:17:54.10 =============== Link to post Share on other sites More sharing options...
Maniac Posted November 9, 2012 ID:611290 Share Posted November 9, 2012 Step 1Anti-Virus programs take up an enormous amount of your computer's resources when they are actively scanning your computer. Having two anti-virus programs running at the same time can cause your computer to run very slow, become unstable and even, in rare cases, crash. My suggestion is to uninstall AVG 2013 and to keep Microsoft Security Essentials.Also, uninstall the following applications:My Web SearchAVG Security ToolbarStep 2Please download Junkware Removal Tool to your desktop.Shut down your protection software now to avoid potential conflicts.Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.The tool will open and start scanning your system.Please be patient as this can take a while to complete depending on your system's specifications.On completion, a log (JRT.txt) is saved to your desktop and will automatically open.Post the contents of JRT.txt into your next message.Step 3Launch Malwarebytes' Anti-MalwareGo to Update tab and select Check for Updates. If an update is found, it will download and install the latest version. Go to Scanner tab and select Perform Quick Scan, then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.Step 4Download aswMBR.exe to your desktop. Double click the aswMBR.exe to run it Click the "Scan" button to start scan On completion of the scan click save log, save it to your desktop and post in your next reply In your next reply, post the following log files:JRT logMalwarebytes' Anti-Malware logaswMBR loga new fresh DDS log Link to post Share on other sites More sharing options...
ck92 Posted November 12, 2012 Author ID:612339 Share Posted November 12, 2012 Hi' all the things needed are below. My laptop seems to be better than before but it is still definitely slower. Although the persistent freezing seems to have lessened. But I still get these annoying not responding messages when I open things sometimes. Also just looking at the dds files there seems to be things I never installed like blackhawk striker - I just highlighted them in blue to show you. Perhaps they are games or something but I never downloaded them and they also do not appear on my programs list in control panel. There are a few others that I do not recognise but I do not know if they came with the computer or not.JRT~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 2.9.8 (11.11.2012)OS: Windows 7 Home Premium x64Ran by Charlene on 11/11/2012 at 17:19:22.24Blog: http://thisisudax.blogspot.com~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Services~~~ Registry Values~~~ Registry Keys~~~ Files~~~ Folders~~~ Event Viewer Logs were clearedMalwarebytes logCharlene :: CHARLENE-HP [administrator]Protection: Enabled11/11/2012 18:06:53mbam-log-2012-11-11 (18-06-53).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 216174Time elapsed: 3 hour(s), 9 minute(s), 25 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 16HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC} (PUP.MyWebSearch) -> Quarantined and deleted successfully.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (PUP.MyWebSearch) -> Quarantined and deleted successfully.HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (PUP.MyWebSearch) -> Quarantined and deleted successfully.HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (PUP.MyWebSearch) -> Quarantined and deleted successfully.HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (PUP.MyWebSearch) -> Quarantined and deleted successfully.HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (PUP.MyWebSearch) -> Quarantined and deleted successfully.HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 1C:\Users\Charlene\Downloads\MyFunCards.exe (PUP.FunWebProducts) -> Quarantined and deleted successfully.(end)aswMBRlogaswMBR version 0.9.9.1707 Copyright© 2011 AVAST SoftwareRun date: 2012-11-11 21:38:21-----------------------------21:38:21.254 OS Version: Windows x64 6.1.7600 21:38:21.254 Number of processors: 4 586 0x250521:38:21.254 ComputerName: CHARLENE-HP UserName: Charlene21:51:33.382 Initialize success21:52:00.234 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-121:52:00.239 Disk 0 Vendor: ST950032 0005 Size: 476940MB BusType: 321:52:00.255 Disk 0 MBR read successfully21:52:00.259 Disk 0 MBR scan21:52:00.263 Disk 0 unknown MBR code21:52:00.275 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 204821:52:00.287 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 459992 MB offset 40960021:52:00.336 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 16644 MB offset 94247321621:52:00.405 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 97656012821:52:00.471 Disk 0 scanning C:\Windows\system32\drivers21:52:13.149 Service scanning21:52:34.859 Modules scanning21:52:34.874 Disk 0 trace - called modules:21:52:34.896 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll 21:52:34.907 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80051e5060]21:52:34.915 3 CLASSPNP.SYS[fffff88001b0343f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004f5c050]21:52:34.923 Scan finished successfully21:52:44.783 Disk 0 MBR has been saved successfully to "C:\Users\Charlene\Desktop\MBR.dat"21:52:44.789 The log file has been saved successfully to "C:\Users\Charlene\Desktop\aswMBR.txt"DDS.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-07.01).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1Install Date: 26/12/2010 14:25:06System Uptime: 12/11/2012 10:01:45 (0 hours ago).Motherboard: Hewlett-Packard | | 1439Processor: Intel® Core i3 CPU M 350 @ 2.27GHz | CPU | 2266/1066mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 449 GiB total, 383.336 GiB free.D: is FIXED (NTFS) - 16 GiB total, 2.09 GiB free.E: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}Description: Deskjet F4500 seriesDevice ID: ROOT\MULTIFUNCTION\0000Manufacturer: HPName: Deskjet F4500 seriesPNP Device ID: ROOT\MULTIFUNCTION\0000Service: .Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}Description: Deskjet F4500 seriesDevice ID: ROOT\IMAGE\0000Manufacturer: HPName: Deskjet F4500 seriesPNP Device ID: ROOT\IMAGE\0000Service: StillCam.==== System Restore Points ===================..==== Installed Programs ======================. Update for Microsoft Office 2007 (KB2508958)64 Bit HP CIO Components InstallerAcrobat.comAdobe AIRAdobe Flash Player 10 ActiveXAdobe Reader 9.4.5 MUIAdobe Shockwave Player 11.5Adobe Shockwave Player 11.6Agatha Christie - Death on the NileApple Application SupportApple Software UpdateBejeweled 2 DeluxeBing BarBlackhawk Striker 2Broadcom 802.11 Wireless LAN AdapterBufferChmBykiByki ExpressChuzzle DeluxeCole2k Media - Codec Pack (Standard)CopyCyberLink DVD SuiteCyberLink PowerDVD 9CyberLink YouCamD3DX10DestinationsDeviceDiscoveryDivX SetupDJ_AIO_06_F4500_SW_MINDora's Carnival AdventureEnergy Star Digital LogoEscape Rosecliff IslandESU for Microsoft Windows 7F4500FATEFinal Drive NitroGoogle ChromeGoogle EarthGoogle Update HelperGPBaseService2Hewlett-Packard ACLM.NET v1.1.2.0HP AdvisorHP Customer Experience EnhancementsHP Customer Participation Program 13.0HP Deskjet F4500 Printer Driver Software 13.0 Rel .6HP DocumentationHP Game ConsoleHP GamesHP Imaging Device Functions 13.0HP Photo CreationsHP Power ManagerHP Print Projects 1.0HP Quick LaunchHP SetupHP Smart Web Printing 4.5HP Software FrameworkHP Solution Center 13.0HP Support AssistantHP UpdateHP Wireless AssistantHPPhotoGadgethpPrintProjectsHPProductAssistantHPSSupplyhpWLPGInstallerIntel® Control CenterIntel® Graphics Media Accelerator DriverIntel® Management Engine ComponentsIntel® Rapid Storage TechnologyJava 7 Update 7Java Auto UpdaterJava 6 Update 20 (64-bit)Jewel Quest - HeritageJunk Mail filter updateLabelPrintLightScribe System SoftwareMagic DesktopMalwarebytes Anti-Malware version 1.65.1.1000MarketResearchMessenger Plus! 5Microsoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Default ManagerMicrosoft Office 2007 Service Pack 3 (SP3)Microsoft Office 2010Microsoft Office Access MUI (English) 2007Microsoft Office Access Setup Metadata MUI (English) 2007Microsoft Office Click-to-Run 2010Microsoft Office Enterprise 2007Microsoft Office Excel MUI (English) 2007Microsoft Office Groove MUI (English) 2007Microsoft Office Groove Setup Metadata MUI (English) 2007Microsoft Office InfoPath MUI (English) 2007Microsoft Office Office 64-bit Components 2007Microsoft Office OneNote MUI (English) 2007Microsoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Publisher MUI (English) 2007Microsoft Office Shared 64-bit MUI (English) 2007Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Starter 2010 - EnglishMicrosoft Office Word MUI (English) 2007Microsoft Security ClientMicrosoft Security EssentialsMicrosoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219MSVCRTMSVCRT_amd64MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)Network64Penguins!PhotoNow!Picasa 3Plants vs. ZombiesPoker Superstars IIIPolar BowlerPolar GolferPower2GoPowerDirectorQuickTimeRealNetworks - Microsoft Visual C++ 2008 RuntimeRealPlayerRealtek Ethernet Controller Driver For Windows 7Realtek High Definition Audio DriverRealtek USB 2.0 Card ReaderRealUpgrade 1.1Recovery ManagerRiyad us Saliheen - Gardens of the RighteousRtVOsdScanScrapbook Factory Deluxe 4.0Security Update for CAPICOM (KB931906)Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596792) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSecurity Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit EditionSecurity Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition Shop for HP SuppliesSkype™ 5.10SmartWebPrintingSolutionCenterStatusswMSMSynaptics Pointing Device DriverToolboxTrayAppUpdate for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2473228)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office Access 2007 Help (KB963663)Update for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office Infopath 2007 Help (KB963662)Update for Microsoft Office OneNote 2007 Help (KB963670)Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit EditionUpdate for Microsoft Office Outlook 2007 Help (KB963677)Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit EditionUpdate for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Publisher 2007 Help (KB963667)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)VC80CRTRedist - 8.0.50727.6195Virtual Villagers - The Secret CityVisual Studio 2008 x64 RedistributablesVisual Studio 2010 x64 RedistributablesWebRegWindows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MessengerWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live SOXEWindows Live SOXE DefinitionsWindows Live SyncWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWindows Media Player Firefox PluginWinRAR archiverZuma Deluxe.==== End Of File ===========================DDS (Ver_2012-11-07.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16450 BrowserJavaVersion: 10.7.2Run by Charlene at 10:04:30 on 2012-11-12Microsoft Windows 7 Home Premium 6.1.7600.0.1252.353.1033.18.3894.2425 [GMT 2:00].AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSc:\Program Files\Microsoft Security Client\MsMpEng.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\WLANExt.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files\Realtek\Audio\HDA\AERTSr64.exeC:\Windows\SysWOW64\ezSharedSvcHost.exeC:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exeC:\Windows\SysWOW64\svchost.exe -k hpdevmgmtC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exeC:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Windows\System32\svchost.exe -k HPZ12C:\Windows\System32\svchost.exe -k HPZ12C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXEC:\Windows\system32\taskhost.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Windows\system32\taskeng.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exeC:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files\Microsoft Security Client\msseces.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files (x86)\Skype\Phone\Skype.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exeC:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exeC:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exeC:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exeC:\Program Files (x86)\Nova Development\Scrapbook Factory Deluxe 4.0\ReminderApp.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXEC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exeC:\Windows\system32\SearchIndexer.exeC:\Windows\system32\svchost.exe -k HPServicec:\Program Files\Microsoft Security Client\NisSrv.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k WerSvcGroupC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXEC:\Windows\system32\SearchProtocolHost.exeC:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exeC:\Windows\system32\SearchFilterHost.exeC:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\igfxsrvc.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.mWinlogon: Userinit = userinit.exe,BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dllBHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dllBHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllBHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllTB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dllEB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dlluRun: [Google Update] "C:\Users\Charlene\AppData\Local\Google\Update\GoogleUpdate.exe" /cuRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunuRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrunmRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exemRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resumemRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exemRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exemRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"mRun: [ReminderApp] C:\Program Files (x86)\Nova Development\Scrapbook Factory Deluxe 4.0\ReminderApp.exemRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exemRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12StartupFolder: C:\Users\Charlene\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXEStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exemPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-Explorer: EnableShellExecuteHooks = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: HideFastUserSwitching = dword:0IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllDPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cabDPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/mjss/MJSS.cab109791.cabDPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/tr/uno1/GAME_UNO1.cabDPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cabTCP: NameServer = 192.168.2.1TCP: Interfaces\{310843A3-255C-4E42-AF22-CA19A1ABB0E8} : DHCPNameServer = 192.168.2.1TCP: Interfaces\{310843A3-255C-4E42-AF22-CA19A1ABB0E8}\8456C696870283 : DHCPNameServer = 192.168.8.1Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dllSEH: UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dllmASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllx64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -sx64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hiddenx64-Run: [igfxTray] C:\Windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkeyx64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cabx64-DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cabx64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cabx64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>.============= SERVICES / DRIVERS ===============.R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-10-18 30568]R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-11-7 98208]R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-9-1 227896]R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-2-15 34872]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-8 399432]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-11-8 676936]R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 128456]R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-2-3 271872]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-11-8 25928]R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]S2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-19 103992]S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-7 13336]S2 RtVOsdService;RtVOsdService Installer;C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-6-18 315392]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]S2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-11-7 2320920]S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-11-7 225280]S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-11-7 333928]S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864]S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312]S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-27 1255736]S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120].=============== Created Last 30 ================.2012-11-11 17:28:44 9291768 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2AACE7B9-9E64-4918-8FBA-0222F976E27F}\mpengine.dll2012-11-11 11:57:45 -------- d-----w- C:\Windows\ERUNT2012-11-11 11:51:33 -------- d-----w- C:\JRT2012-11-10 11:07:12 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll2012-11-10 11:07:10 9291768 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{00968E63-163A-4F20-89D9-2068DD14C3BD}\mpengine.dll2012-11-08 14:54:27 -------- d-----w- C:\Users\Charlene\AppData\Local\{A9AA6A33-C9AD-4C93-BA3C-4BD200574E43}2012-11-08 12:41:36 9291768 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll2012-11-08 11:56:17 -------- d-----w- C:\Users\Charlene\AppData\Roaming\Malwarebytes2012-11-08 11:56:04 -------- d-----w- C:\ProgramData\Malwarebytes2012-11-08 11:56:03 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2012-11-08 11:56:03 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2012-11-07 06:23:33 9291768 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2012-11-02 20:09:28 -------- d-----w- C:\Users\Charlene\AppData\Local\{C9E7C5B9-B0B7-432A-BF52-97746CA1183A}2012-10-30 17:01:04 -------- d-----w- C:\Users\Charlene\AppData\Local\{2B5EF02A-E5AB-4EBC-920A-E3D608B0CBFF}2012-10-28 09:07:49 -------- d-----w- C:\Users\Charlene\AppData\Local\{C2DA6556-E132-4692-94E7-1FD58A186A5B}2012-10-26 10:07:19 -------- d-----w- C:\Users\Charlene\AppData\Local\{E014203F-DAB2-4081-87F4-69D31FABE8A3}2012-10-24 08:42:17 -------- d-----w- C:\Users\Charlene\AppData\Local\{E4E9007B-ABC8-4D08-BE67-BD2C7F4C1366}2012-10-23 19:50:17 -------- d-----w- C:\Users\Charlene\AppData\Local\{F1F5A624-55C1-403D-98FD-EF83C157CAE6}2012-10-22 17:34:27 -------- d-----w- C:\Users\Charlene\AppData\Local\{4499A20E-BB14-45F7-B843-F2403380BCE3}2012-10-21 08:11:05 -------- d-----w- C:\Users\Charlene\AppData\Local\{581191F8-CFB5-43D1-B9C0-DFA36889EF44}2012-10-20 10:10:36 972192 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3530ECAD-4FBB-447F-B295-5AB880DC4F4C}\gapaengine.dll2012-10-20 09:57:37 -------- d-----w- C:\Users\Charlene\AppData\Local\{542E5A86-1599-4184-B736-13BB7E677514}2012-10-18 10:02:33 -------- d-----w- C:\Users\Charlene\AppData\Roaming\AVG20132012-10-18 10:01:28 -------- d-----w- C:\Users\Charlene\AppData\Roaming\TuneUp Software2012-10-18 10:01:17 30568 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys2012-10-18 09:52:27 -------- d-----w- C:\ProgramData\AVG20132012-10-18 09:08:04 -------- d-----w- C:\Users\Charlene\AppData\Local\Avg20132012-10-18 09:07:59 -------- d-----w- C:\Users\Charlene\AppData\Local\MFAData2012-10-18 08:58:27 -------- d-----w- C:\Users\Charlene\AppData\Local\{25F59CA2-A68A-4C0C-A1F8-D33E5EF3CD97}2012-10-17 18:57:45 -------- d-----w- C:\Users\Charlene\AppData\Local\{3E48EBD5-53E7-4DA1-9267-BA8202160306}2012-10-14 17:07:02 -------- d-----w- C:\Users\Charlene\AppData\Local\{16AA751A-0AC9-4854-86DA-51E78BC60415}2012-10-13 09:16:36 -------- d-----w- C:\Users\Charlene\AppData\Local\{AEDCF73D-F1BD-4EC1-B357-50C5D0EE818F}.==================== Find3M ====================.2012-09-18 14:40:28 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2012-09-18 14:40:23 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll2012-09-18 14:40:23 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll2012-09-14 19:23:40 2048 ----a-w- C:\Windows\System32\tzres.dll2012-09-14 18:30:38 2048 ----a-w- C:\Windows\SysWow64\tzres.dll2012-08-31 18:02:20 1656688 ----a-w- C:\Windows\System32\drivers\ntfs.sys2012-08-30 19:03:48 228768 ----a-w- C:\Windows\System32\drivers\MpFilter.sys2012-08-30 19:03:48 128456 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys2012-08-30 18:11:29 5505904 ----a-w- C:\Windows\System32\ntoskrnl.exe2012-08-30 17:18:33 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2012-08-30 17:18:33 3902832 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2012-08-24 18:05:28 220160 ----a-w- C:\Windows\System32\wintrust.dll2012-08-24 17:10:47 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb2012-08-20 22:05:26 0 ----a-w- C:\Windows\SysWow64\sho1FB6.tmp2012-08-18 15:43:05 362496 ----a-w- C:\Windows\System32\wow64win.dll2012-08-18 15:43:05 243200 ----a-w- C:\Windows\System32\wow64.dll2012-08-18 15:43:05 13312 ----a-w- C:\Windows\System32\wow64cpu.dll2012-08-18 15:42:31 215040 ----a-w- C:\Windows\System32\winsrv.dll2012-08-18 15:40:26 16384 ----a-w- C:\Windows\System32\ntvdm64.dll2012-08-18 15:37:49 425984 ----a-w- C:\Windows\System32\KernelBase.dll2012-08-18 15:34:13 338432 ----a-w- C:\Windows\System32\conhost.exe2012-08-18 11:22:55 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2012-08-18 11:19:45 44032 ----a-w- C:\Windows\apppatch\acwow64.dll2012-08-18 11:19:22 25600 ----a-w- C:\Windows\SysWow64\setup16.exe2012-08-18 11:17:56 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2012-08-18 11:17:56 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll2012-08-18 09:12:09 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2012-08-18 09:12:09 2048 ----a-w- C:\Windows\SysWow64\user.exe2012-08-18 09:07:02 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll2012-08-18 09:07:02 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll2012-08-18 09:07:02 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll2012-08-18 09:07:02 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll.============= FINISH: 10:53:45.15 =============== Link to post Share on other sites More sharing options...
Maniac Posted November 12, 2012 ID:612341 Share Posted November 12, 2012 They are all legitimates and are installed by you or someone using this system. If you don't need them, I suggest you to uninstall it, because of free hard drive space. Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look herePlease visit this webpage for download links, and instructions for running the tool:http://www.bleepingc...to-use-combofix* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Please post the C:\ComboFix.txt in your next reply for further review.Note: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error. Link to post Share on other sites More sharing options...
ck92 Posted November 12, 2012 Author ID:612355 Share Posted November 12, 2012 Ok I will do that combo fix thing today. Also I never downloaded games like about zombies and stuff - I never play games on my laptop so that is strange and I am the only one who uses my laptop. They must have come with the laptop when I bought it. Anyway how do I get rid of them because they do not appear on the unistall programs list and even when I write them in the search box on start menu they don't come up. Link to post Share on other sites More sharing options...
Maniac Posted November 12, 2012 ID:612358 Share Posted November 12, 2012 Do you have other accounts? Link to post Share on other sites More sharing options...
LDTate Posted November 27, 2012 ID:617706 Share Posted November 27, 2012 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts