Jump to content

My log


ck92

Recommended Posts

Hi, I think this is the right place to post my log.

My log is below but maybe some of the following info is important. Basically I used a website to edit a pdf document and I downloaded the file. After I downloaded the file my laptop started acting up and freezing a lot. I don't know if it was the direct cause but my laptop was working fine before then. Doing a virus scan I deleted two trojans but no other virus is showing up. I have AVG. My laptop is really slow, the start button often freezes and just everything is freezing. I am currently using my laptop in safe mode with networking and things are fine - no freezing. I hope one of you can help me. Thanks.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:40:59, on 08/11/2012

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v9.00 (9.00.8112.16450)

Boot mode: Safe mode with network support

Running processes:

F:\HijackThis.exe

C:\Windows\SysWOW64\DllHost.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSRCAS.DLL (file missing)

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSBAR.DLL

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (file missing)

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.3\AVG Secure Search_toolbar.dll

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)

O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSBAR.DLL

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.3\AVG Secure Search_toolbar.dll

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [ReminderApp] C:\Program Files (x86)\Nova Development\Scrapbook Factory Deluxe 4.0\ReminderApp.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12

O4 - HKCU\..\Run: [Google Update] "C:\Users\Charlene\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/mjss/MJSS.cab109791.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/tr/uno1/GAME_UNO1.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~2\MYWEBS~1\bar\2.bin\mwssvc.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: RtVOsdService Installer (RtVOsdService) - Realtek Semiconductor Corp. - C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 13989 bytes

Link to post
Share on other sites

Hello ck92 and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Please perform the following actions in Normal mode instead of Safe mode:

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites

Thanks Maniac for your help.

I downloaded malwarebytes anti malware programme. However as my laptop is really slow and keeps freezing in normal mode it did not go very well. The scan was running for nearly 3 and half hours and it said 176 infections had been found! I did not get to finish the scan because my laptop just turned itself off. Then I tried again doing a quick scan but I forgot to keep the battery plugged in and after 1 hour my laptop shut down because of low battery! I have had enough of it today so I am going to try again tommorow but I don't know if I will be able to complete it - is there anyway of helping the programme run without my laptop freezing?

Plus I wonder if my hijack this logs are of any use to you?

Link to post
Share on other sites

By the way I scanned also in safe mode just now it was really quick but I know I will have to do it in normal mode too which I plan tomorrow. 240 infections were found in safe mode I don't know if I should delete these things. Here is the log..it is really long sorry.

Malwarebytes Anti-Malware (Trial) 1.65.1.1000

www.malwarebytes.org

Database version: v2012.11.08.03

Windows 7 x64 NTFS (Safe Mode/Networking)

Internet Explorer 9.0.8112.16421

Protection: Disabled

08/11/2012 19:03:33

mbam-log-2012-11-08 (19-40-51).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 214613

Time elapsed: 36 minute(s), 36 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 143

HKLM\SYSTEM\CurrentControlSet\Services\MyWebSearchService (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearchToolBar.SettingsPlugin.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearchToolBar.SettingsPlugin (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.IECookiesManager.1 (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.IECookiesManager (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.DataControl.1 (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.DataControl (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.HTMLMenu.2 (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.HTMLMenu (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearch.HTMLPanel.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearch.HTMLPanel (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearchToolBar.ToolbarPlugin.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearchToolBar.ToolbarPlugin (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.PopSwatterSettingsControl.1 (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.PopSwatterSettingsControl (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearch.PseudoTransparentPlugin.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearch.PseudoTransparentPlugin (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.PopSwatterBarButton.1 (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.PopSwatterBarButton (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.HTMLMenu.1 (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> No action taken.

HKCR\ScreenSaverControl.ScreenSaverInstaller.1 (PUP.MyWebSearch) -> No action taken.

HKCR\ScreenSaverControl.ScreenSaverInstaller (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearch.OutlookAddin.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.KillerObjManager.1 (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.KillerObjManager (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.HistoryKillerScheduler.1 (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.HistoryKillerScheduler (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.HistorySwatterControlBar.1 (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.HistorySwatterControlBar (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearch.ChatSessionPlugin.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearch.ChatSessionPlugin (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> No action taken.

HKCR\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (PUP.MyWebSearch) -> No action taken.

HKCR\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearch.MultipleButton (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearch.MultipleButton.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearch.ThirdPartyInstaller (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearch.ThirdPartyInstaller.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearch.UrlAlertButton (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearch.UrlAlertButton.1 (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\FocusInteractive (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Fun Web Products (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{67FA02C4-AB30-4e77-A640-78EE8EC8673B} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{8FFDF636-0D87-4B33-B9E9-79A53F6E1DAE} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{01947140-417F-46B6-8751-A3A2B8345E1A} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{799391D3-EB86-4bac-9BD3-CBFEA58A0E15} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> No action taken.

HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> No action taken.

HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> No action taken.

HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> No action taken.

Registry Values Detected: 8

HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{00A6FAF6-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Data: -> No action taken.

HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: ©Ž±#¥aI¶»

äG\Ê -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> No action taken.

HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> No action taken.

HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00A6FAF6-072E-44cf-8957-5838F569A31D} (PUP.MyWebSearch) -> Data: -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources|f3PopularScreensavers (PUP.MyWebSearch) -> Data: C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3SCRCTR.DLL -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform|FunWebProducts (PUP.MyWebSearch) -> Data: -> No action taken.

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 17

C:\Program Files (x86)\FunWebProducts (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\FunWebProducts\ScreenSaver (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\FunWebProducts\ScreenSaver\Images (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\1.bin (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\1.bin\chrome (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\chrome (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\Avatar (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\Game (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\History (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\icons (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\Message (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\Notifier (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\Overlay (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\Settings (PUP.MyWebSearch) -> No action taken.

Files Detected: 79

C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSVC.EXE (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSBAR.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3HISTSW.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3DTACTL.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3HTMLMU.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3HTML.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3FFTBPR.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3POPSWT.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3SKIN.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3CJPEG.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3SCRCTR.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3OUTLCN.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3HTTPCT.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3MSG.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3REPROX.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSOEPLG.DLL (PUP.MyWebSearch) -> No action taken.

C:\Windows\System32\f3PSSavr.scr (PUP.FunWebProducts) -> No action taken.

C:\Users\Charlene\Downloads\MyFunCards.exe (PUP.FunWebProducts) -> No action taken.

C:\Windows\System32\f3PSSavr.scr (Trojan.Agent) -> No action taken.

C:\Windows\SysWOW64\f3PSSavr.scr (Trojan.Agent) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\c3IMStub.Dll (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\CHROME.MANIFEST (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3BKGERR.JPG (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3HKSTUB.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3IMSTUB.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3PSSAVR.SCR (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3REGHK.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3RESTUB.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3SCHMON.EXE (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3SPACER.WMV (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3WALLPP.DAT (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\F3WPHOOK.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\FWPBUDDY.PNG (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\INSTALL.RDF (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3AUXSTB.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3DLGHK.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3HIGHIN.EXE (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3IDLE.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3IMPIPE.EXE (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3MEDINT.EXE (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3PATCH.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3PLUGIN.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3SKPLAY.EXE (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3SLSRCH.EXE (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3SRCHMN.EXE (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3TPINST.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\M3UNPAT.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSMLBTN.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSOEMON.EXE (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSOESTB.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSUABTN.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\NPMYWEBS.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\chrome\M3FFXTBR.JAR (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\Avatar\COMMON.F3S (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\Game\CHECKERS.F3S (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\Game\CHESS.F3S (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\Game\REVERSI.F3S (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\icons\CM.ICO (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\icons\MFC.ICO (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\icons\PSS.ICO (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\icons\SMILEY.ICO (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\icons\WB.ICO (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\icons\ZWINKY.ICO (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\Message\COMMON.F3S (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\Notifier\COMMON.F3S (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\Notifier\DOG.F3S (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\Notifier\FISH.F3S (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\Notifier\KUNGFU.F3S (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\Notifier\LIFEGARD.F3S (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\Notifier\MAID.F3S (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\Notifier\MAILBOX.F3S (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\Notifier\OPERA.F3S (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\Notifier\ROBOT.F3S (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\Notifier\SEDUCT.F3S (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\Notifier\SURFER.F3S (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\Overlay\COMMON.F3S (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\Settings\s_pid.dat (PUP.MyWebSearch) -> No action taken.

C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSBAR.DLL (Trojan.BHO) -> No action taken.

(end)

Link to post
Share on other sites

DDS won't work for me. I was able to download it but the green line has not progressed further for the past 2 hours and it worked after like 5 mins in safe mode. I don't know if the results are of any use to you from safe mode though if they are I will paste them. Other than that I don't know what to do because my laptop is so slow and just freezes all the time in normal mode. Is there nothing else I can do?

Link to post
Share on other sites

Ok it just finally stopped now here are the dds things..

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-07.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 26/12/2010 14:25:06

System Uptime: 09/11/2012 21:01:37 (1 hours ago)

.

Motherboard: Hewlett-Packard | | 1439

Processor: Intel® Core i3 CPU M 350 @ 2.27GHz | CPU | 929/1066mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 449 GiB total, 383.348 GiB free.

D: is FIXED (NTFS) - 16 GiB total, 2.09 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}

Description: Deskjet F4500 series

Device ID: ROOT\MULTIFUNCTION\0000

Manufacturer: HP

Name: Deskjet F4500 series

PNP Device ID: ROOT\MULTIFUNCTION\0000

Service:

.

Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}

Description: Deskjet F4500 series

Device ID: ROOT\IMAGE\0000

Manufacturer: HP

Name: Deskjet F4500 series

PNP Device ID: ROOT\IMAGE\0000

Service: StillCam

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

64 Bit HP CIO Components Installer

Acrobat.com

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Reader 9.4.5 MUI

Adobe Shockwave Player 11.5

Adobe Shockwave Player 11.6

Agatha Christie - Death on the Nile

Apple Application Support

Apple Software Update

AVG 2013

AVG Security Toolbar

Bejeweled 2 Deluxe

Bing Bar

Blackhawk Striker 2

Broadcom 802.11 Wireless LAN Adapter

BufferChm

Byki

Byki Express

Chuzzle Deluxe

Cole2k Media - Codec Pack (Standard)

Copy

CyberLink DVD Suite

CyberLink PowerDVD 9

CyberLink YouCam

D3DX10

Destinations

DeviceDiscovery

DivX Setup

DJ_AIO_06_F4500_SW_MIN

Dora's Carnival Adventure

Energy Star Digital Logo

Escape Rosecliff Island

ESU for Microsoft Windows 7

F4500

FATE

Final Drive Nitro

Google Chrome

Google Earth

Google Update Helper

GPBaseService2

Hewlett-Packard ACLM.NET v1.1.2.0

HP Advisor

HP Customer Experience Enhancements

HP Customer Participation Program 13.0

HP Deskjet F4500 Printer Driver Software 13.0 Rel .6

HP Documentation

HP Game Console

HP Games

HP Imaging Device Functions 13.0

HP Photo Creations

HP Power Manager

HP Print Projects 1.0

HP Quick Launch

HP Setup

HP Smart Web Printing 4.5

HP Software Framework

HP Solution Center 13.0

HP Support Assistant

HP Update

HP Wireless Assistant

HPPhotoGadget

hpPrintProjects

HPProductAssistant

HPSSupply

hpWLPGInstaller

Intel® Control Center

Intel® Graphics Media Accelerator Driver

Intel® Management Engine Components

Intel® Rapid Storage Technology

Java 7 Update 7

Java Auto Updater

Java 6 Update 20 (64-bit)

Jewel Quest - Heritage

Junk Mail filter update

LabelPrint

LightScribe System Software

Magic Desktop

Malwarebytes Anti-Malware version 1.65.1.1000

MarketResearch

Messenger Plus! 5

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Default Manager

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office 2010

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Click-to-Run 2010

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Starter 2010 - English

Microsoft Office Word MUI (English) 2007

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

My Web Search

Network64

Penguins!

PhotoNow!

Picasa 3

Plants vs. Zombies

Poker Superstars III

Polar Bowler

Polar Golfer

Power2Go

PowerDirector

QuickTime

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

Realtek Ethernet Controller Driver For Windows 7

Realtek High Definition Audio Driver

Realtek USB 2.0 Card Reader

RealUpgrade 1.1

Recovery Manager

Riyad us Saliheen - Gardens of the Righteous

RtVOsd

Scan

Scrapbook Factory Deluxe 4.0

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition

Shop for HP Supplies

Skype™ 5.10

SmartWebPrinting

SolutionCenter

Status

swMSM

Synaptics Pointing Device Driver

Toolbox

TrayApp

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

VC80CRTRedist - 8.0.50727.6195

Virtual Villagers - The Secret City

Visual Studio 2008 x64 Redistributables

Visual Studio 2010 x64 Redistributables

WebReg

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Media Player Firefox Plugin

WinRAR archiver

Zuma Deluxe

.

==== Event Viewer Messages From Past Week ========

.

09/11/2012 21:41:20, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect.

09/11/2012 21:41:20, Error: Service Control Manager [7000] - The Windows Modules Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

09/11/2012 21:41:20, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service TrustedInstaller with arguments "" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

09/11/2012 21:38:49, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.

09/11/2012 21:35:18, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.

09/11/2012 21:13:51, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.

09/11/2012 21:13:21, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioSrv service.

09/11/2012 21:12:39, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service.

09/11/2012 21:12:09, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IKEEXT service.

09/11/2012 21:11:39, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.

09/11/2012 21:11:09, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SENS service.

09/11/2012 21:10:58, Error: Service Control Manager [7022] - The Windows Update service hung on starting.

09/11/2012 21:04:50, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.

09/11/2012 21:04:50, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

09/11/2012 21:02:26, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.

09/11/2012 21:00:28, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

09/11/2012 20:59:58, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.

09/11/2012 20:29:27, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.

09/11/2012 20:29:27, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

09/11/2012 20:27:29, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.

09/11/2012 20:27:29, Error: Service Control Manager [7000] - The Software Protection service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

09/11/2012 20:26:42, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the RtVOsdService Installer service to connect.

09/11/2012 20:26:42, Error: Service Control Manager [7000] - The RtVOsdService Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

09/11/2012 20:26:10, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intel® Rapid Storage Technology service to connect.

09/11/2012 20:26:10, Error: Service Control Manager [7000] - The Intel® Rapid Storage Technology service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

09/11/2012 20:25:37, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Wireless Assistant Service service to connect.

09/11/2012 20:25:37, Error: Service Control Manager [7000] - The HP Wireless Assistant Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

09/11/2012 20:22:47, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X64 service to connect.

09/11/2012 20:22:17, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.

09/11/2012 20:15:42, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1515.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode

09/11/2012 20:15:42, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

09/11/2012 20:15:41, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:.

09/11/2012 20:06:06, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.

09/11/2012 20:06:05, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

09/11/2012 20:06:04, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

09/11/2012 20:06:04, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

09/11/2012 20:05:59, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

09/11/2012 20:05:49, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

09/11/2012 20:05:41, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21

09/11/2012 20:05:27, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AVGIDSDriver Avgldx64 discache MpFilter spldr Wanarpv6

09/11/2012 20:05:22, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.

09/11/2012 20:05:22, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning.

09/11/2012 19:59:53, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

09/11/2012 19:58:01, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Support Assistant Service service to connect.

09/11/2012 19:58:01, Error: Service Control Manager [7000] - The HP Support Assistant Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

09/11/2012 19:48:53, Error: bowser [8003] - The master browser has received a server announcement from the computer HP-BILGISAYAR that believes that it is the master browser for the domain on transport NetBT_Tcpip_{310843A3-255C-4E42-AF22-CA19A1ABB0E8}. The master browser is stopping or an election is being forced.

09/11/2012 19:48:11, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Application Virtualization Client service to connect.

09/11/2012 19:48:11, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.

09/11/2012 19:48:11, Error: Service Control Manager [7000] - The Application Virtualization Client service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

08/11/2012 19:40:15, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.

08/11/2012 19:03:21, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1515.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode

08/11/2012 18:50:30, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.

08/11/2012 18:34:39, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WMPNetworkSvc service.

08/11/2012 18:05:23, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.

08/11/2012 17:51:34, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service.

08/11/2012 17:48:24, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.

08/11/2012 17:47:24, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPSLPSVC service.

08/11/2012 17:45:54, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MsMpSvc service.

08/11/2012 17:43:24, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgfws service.

08/11/2012 17:17:38, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wuauserv service.

08/11/2012 14:43:51, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.139.1429.0).

08/11/2012 14:41:41, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.139.1623.0).

08/11/2012 14:41:23, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1515.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x80070643 Error description: Fatal error during installation.

08/11/2012 14:28:06, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intel® Management & Security Application User Notification Service service to connect.

08/11/2012 14:28:06, Error: Service Control Manager [7000] - The Intel® Management & Security Application User Notification Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

08/11/2012 12:48:28, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1515.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode

07/11/2012 21:25:12, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service SkypeUpdate with arguments "/ComService" in order to run the server: {CC957078-B838-47C4-A7CF-626E7A82FC58}

07/11/2012 20:57:32, Error: Service Control Manager [7022] - The Windows Defender service hung on starting.

07/11/2012 13:54:30, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

07/11/2012 13:53:32, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

07/11/2012 13:53:32, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

07/11/2012 13:53:08, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Avgfwfd AVGIDSDriver Avgldx64 Avgtdia DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf

07/11/2012 13:53:07, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

07/11/2012 13:53:07, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

07/11/2012 13:53:07, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

07/11/2012 13:53:07, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

07/11/2012 13:53:07, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

07/11/2012 13:53:07, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

07/11/2012 13:53:07, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

07/11/2012 13:53:07, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

07/11/2012 13:53:07, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

07/11/2012 13:53:07, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

07/11/2012 13:38:57, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service.

07/11/2012 13:38:57, Error: Service Control Manager [7000] - The Application Information service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

07/11/2012 08:22:38, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1119.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode

06/11/2012 21:08:53, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1119.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode

06/11/2012 18:53:03, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1119.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode

06/11/2012 18:40:42, Error: Service Control Manager [7024] - The Background Intelligent Transfer Service service terminated with service-specific error %%-2147023544.

06/11/2012 18:40:42, Error: Microsoft-Windows-Bits-Client [16392] - The BITS service failed to start. Error 0x80070548.

06/11/2012 18:40:28, Error: Service Control Manager [7043] - The AVGIDSAgent service did not shut down properly after receiving a preshutdown control.

04/11/2012 23:07:38, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1119.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode

04/11/2012 12:58:42, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1119.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode

03/11/2012 13:41:39, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1119.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode

03/11/2012 12:24:18, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1119.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode

02/11/2012 22:31:18, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.139.1119.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8904.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode

.

==== End Of File ===========================

DDS (Ver_2012-11-07.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16450 BrowserJavaVersion: 10.7.2

Run by Charlene at 21:27:04 on 2012-11-09

.

============== Running Processes ===============

.

C:\PROGRA~2\AVG\AVG2013\avgrsa.exe

C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

C:\Program Files (x86)\AVG\AVG2013\avgfws.exe

C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

C:\Windows\SysWOW64\ezSharedSvcHost.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\PROGRA~2\MYWEBS~1\bar\2.bin\mwssvc.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe

C:\Program Files (x86)\AVG\AVG2013\avgemca.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Users\Charlene\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files (x86)\Nova Development\Scrapbook Factory Deluxe 4.0\ReminderApp.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Windows\system32\SearchIndexer.exe

C:\Users\Charlene\AppData\Local\Google\Chrome\Application\chrome.exe

c:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Windows\system32\svchost.exe -k HPService

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

C:\Users\Charlene\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Charlene\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Users\Charlene\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Charlene\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe

C:\Program Files\Realtek\RtVOsd\RtVOsd.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\system32\RunDll32.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\System32\cscript.exe

C:\Windows\system32\wermgr.exe

.

============== Pseudo HJT Report ===============

.

uURLSearchHooks: <No Name>: {00A6FAF6-072E-44cf-8957-5838F569A31D} -

mWinlogon: Userinit = userinit.exe

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO: mwsBar BHO: {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSBAR.DLL

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} -

BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

TB: My Web Search: {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSBAR.DLL

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -

TB: My Web Search: {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSBAR.DLL

TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

uRun: [Google Update] "C:\Users\Charlene\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe

mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [ReminderApp] C:\Program Files (x86)\Nova Development\Scrapbook Factory Deluxe 4.0\ReminderApp.exe

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

mRun: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-Explorer: EnableShellExecuteHooks = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: HideFastUserSwitching = dword:0

IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/mjss/MJSS.cab109791.cab

DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/tr/uno1/GAME_UNO1.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

TCP: NameServer = 192.168.2.1

TCP: Interfaces\{310843A3-255C-4E42-AF22-CA19A1ABB0E8} : DHCPNameServer = 192.168.2.1

TCP: Interfaces\{310843A3-255C-4E42-AF22-CA19A1ABB0E8}\8456C696870283 : DHCPNameServer = 192.168.8.1

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll

SEH: UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s

x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

x64-DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R? BBSvc;Bing Bar Update Service

R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86

R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64

R? netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit

R? RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader

R? RTL8167;Realtek 8167 NT Driver

R? SkypeUpdate;Skype Updater

R? SrvHsfHDA;SrvHsfHDA

R? SrvHsfV92;SrvHsfV92

R? SrvHsfWinac;SrvHsfWinac

R? WatAdminSvc;Windows Activation Technologies Service

R? yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller

S? AERTFilters;Andrea RT Filters Service

S? Avgfwfd;AVG network filter service

S? avgfws;AVG Firewall

S? AVGIDSAgent;AVGIDSAgent

S? AVGIDSDriver;AVGIDSDriver

S? AVGIDSHA;AVGIDSHA

S? Avgldx64;AVG AVI Loader Driver

S? Avgloga;AVG Logging Driver

S? Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield

S? Avgrkx64;AVG Anti-Rootkit Driver

S? Avgtdia;AVG TDI Driver

S? avgtp;avgtp

S? avgwd;AVG WatchDog

S? cvhsvc;Client Virtualization Handler

S? ezSharedSvc;Easybits Services for Windows

S? HECIx64;Intel® Management Engine Interface

S? HP Support Assistant Service;HP Support Assistant Service

S? HP Wireless Assistant Service;HP Wireless Assistant Service

S? HPDrvMntSvc.exe;HP Quick Synchronization Service

S? HPWMISVC;HPWMISVC

S? IAStorDataMgrSvc;Intel® Rapid Storage Technology

S? IntcDAud;Intel® Display Audio

S? MBAMProtector;MBAMProtector

S? MBAMScheduler;MBAMScheduler

S? MBAMService;MBAMService

S? MpFilter;Microsoft Malware Protection Driver

S? MyWebSearchService;My Web Search Service

S? NisDrv;Microsoft Network Inspection System

S? NisSrv;Microsoft Network Inspection

S? RtVOsdService;RtVOsdService Installer

S? Sftfs;Sftfs

S? sftlist;Application Virtualization Client

S? Sftplay;Sftplay

S? Sftredir;Sftredir

S? Sftvol;Sftvol

S? sftvsa;Application Virtualization Service Agent

S? UNS;Intel® Management & Security Application User Notification Service

S? vToolbarUpdater13.2.0;vToolbarUpdater13.2.0

.

=============== Created Last 30 ================

.

2012-11-08 14:54:27 -------- d-----w- C:\Users\Charlene\AppData\Local\{A9AA6A33-C9AD-4C93-BA3C-4BD200574E43}

2012-11-08 12:41:36 9291768 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll

2012-11-08 11:56:17 -------- d-----w- C:\Users\Charlene\AppData\Roaming\Malwarebytes

2012-11-08 11:56:04 -------- d-----w- C:\ProgramData\Malwarebytes

2012-11-08 11:56:03 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-11-08 11:56:03 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-11-07 06:23:33 9291768 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7BA2E304-C9CA-4192-8487-763FB5A74E7B}\mpengine.dll

2012-11-02 20:09:28 -------- d-----w- C:\Users\Charlene\AppData\Local\{C9E7C5B9-B0B7-432A-BF52-97746CA1183A}

2012-11-01 14:22:52 9291768 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-10-30 17:01:04 -------- d-----w- C:\Users\Charlene\AppData\Local\{2B5EF02A-E5AB-4EBC-920A-E3D608B0CBFF}

2012-10-28 09:07:49 -------- d-----w- C:\Users\Charlene\AppData\Local\{C2DA6556-E132-4692-94E7-1FD58A186A5B}

2012-10-26 10:07:19 -------- d-----w- C:\Users\Charlene\AppData\Local\{E014203F-DAB2-4081-87F4-69D31FABE8A3}

2012-10-24 08:42:17 -------- d-----w- C:\Users\Charlene\AppData\Local\{E4E9007B-ABC8-4D08-BE67-BD2C7F4C1366}

2012-10-23 19:50:17 -------- d-----w- C:\Users\Charlene\AppData\Local\{F1F5A624-55C1-403D-98FD-EF83C157CAE6}

2012-10-22 17:34:27 -------- d-----w- C:\Users\Charlene\AppData\Local\{4499A20E-BB14-45F7-B843-F2403380BCE3}

2012-10-21 08:11:05 -------- d-----w- C:\Users\Charlene\AppData\Local\{581191F8-CFB5-43D1-B9C0-DFA36889EF44}

2012-10-20 10:10:36 972192 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3530ECAD-4FBB-447F-B295-5AB880DC4F4C}\gapaengine.dll

2012-10-20 09:57:37 -------- d-----w- C:\Users\Charlene\AppData\Local\{542E5A86-1599-4184-B736-13BB7E677514}

2012-10-18 10:02:33 -------- d-----w- C:\Users\Charlene\AppData\Roaming\AVG2013

2012-10-18 10:01:31 -------- d-----w- C:\Users\Charlene\AppData\Local\AVG Secure Search

2012-10-18 10:01:28 -------- d-----w- C:\Users\Charlene\AppData\Roaming\TuneUp Software

2012-10-18 10:01:25 -------- d-----w- C:\ProgramData\AVG Secure Search

2012-10-18 10:01:17 30568 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys

2012-10-18 10:01:14 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search

2012-10-18 10:01:13 -------- d-----w- C:\Program Files (x86)\AVG Secure Search

2012-10-18 09:52:27 -------- d--h--w- C:\$AVG

2012-10-18 09:52:27 -------- d-----w- C:\ProgramData\AVG2013

2012-10-18 09:08:04 -------- d-----w- C:\Users\Charlene\AppData\Local\Avg2013

2012-10-18 09:07:59 -------- d-----w- C:\Users\Charlene\AppData\Local\MFAData

2012-10-18 08:58:27 -------- d-----w- C:\Users\Charlene\AppData\Local\{25F59CA2-A68A-4C0C-A1F8-D33E5EF3CD97}

2012-10-17 18:57:45 -------- d-----w- C:\Users\Charlene\AppData\Local\{3E48EBD5-53E7-4DA1-9267-BA8202160306}

2012-10-14 17:07:02 -------- d-----w- C:\Users\Charlene\AppData\Local\{16AA751A-0AC9-4854-86DA-51E78BC60415}

2012-10-13 09:16:36 -------- d-----w- C:\Users\Charlene\AppData\Local\{AEDCF73D-F1BD-4EC1-B357-50C5D0EE818F}

2012-10-12 18:01:08 -------- d-----w- C:\Users\Charlene\AppData\Local\{7AEA803F-8E8E-4089-9196-50B4AEB34B86}

2012-10-12 17:40:30 -------- d-----w- C:\Program Files (x86)\Common Files\Intel Corporation

2012-10-11 14:46:40 -------- d-----w- C:\Users\Charlene\AppData\Local\{8CAB227A-E95A-430D-9C67-41A5D5F9B221}

2012-10-11 08:29:00 1656688 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2012-10-11 08:20:31 1462784 ----a-w- C:\Windows\System32\crypt32.dll

2012-10-11 08:20:31 1157632 ----a-w- C:\Windows\SysWow64\crypt32.dll

2012-10-11 08:20:30 182272 ----a-w- C:\Windows\System32\cryptsvc.dll

2012-10-11 08:20:28 140288 ----a-w- C:\Windows\System32\cryptnet.dll

2012-10-11 08:20:27 139264 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2012-10-11 08:20:27 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2012-10-11 08:14:42 -------- d-----w- C:\Users\Charlene\AppData\Local\{75911146-4206-462E-8B67-4E5A2A1561C1}

.

==================== Find3M ====================

.

2012-10-05 00:26:22 111456 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys

2012-10-02 00:30:38 185696 ----a-w- C:\Windows\System32\drivers\avgldx64.sys

2012-09-21 00:46:04 200032 ----a-w- C:\Windows\System32\drivers\avgtdia.sys

2012-09-21 00:46:00 225120 ----a-w- C:\Windows\System32\drivers\avgloga.sys

2012-09-21 00:45:50 61792 ----a-w- C:\Windows\System32\drivers\avgidsha.sys

2012-09-18 14:40:28 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2012-09-18 14:40:23 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2012-09-18 14:40:23 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-09-14 19:23:40 2048 ----a-w- C:\Windows\System32\tzres.dll

2012-09-14 18:30:38 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2012-09-14 00:05:18 40800 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys

2012-09-13 00:11:18 151904 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys

2012-09-04 07:39:32 50296 ----a-w- C:\Windows\System32\drivers\avgfwd6a.sys

2012-08-30 19:03:48 228768 ----a-w- C:\Windows\System32\drivers\MpFilter.sys

2012-08-30 19:03:48 128456 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys

2012-08-30 18:11:29 5505904 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-08-30 17:18:33 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-08-30 17:18:33 3902832 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-08-24 18:05:28 220160 ----a-w- C:\Windows\System32\wintrust.dll

2012-08-24 17:10:47 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll

2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll

2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-08-20 22:05:26 0 ----a-w- C:\Windows\SysWow64\sho1FB6.tmp

2012-08-18 15:43:05 362496 ----a-w- C:\Windows\System32\wow64win.dll

2012-08-18 15:43:05 243200 ----a-w- C:\Windows\System32\wow64.dll

2012-08-18 15:43:05 13312 ----a-w- C:\Windows\System32\wow64cpu.dll

2012-08-18 15:42:31 215040 ----a-w- C:\Windows\System32\winsrv.dll

2012-08-18 15:40:26 16384 ----a-w- C:\Windows\System32\ntvdm64.dll

2012-08-18 15:37:49 425984 ----a-w- C:\Windows\System32\KernelBase.dll

2012-08-18 15:34:13 338432 ----a-w- C:\Windows\System32\conhost.exe

2012-08-18 11:22:55 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2012-08-18 11:19:45 44032 ----a-w- C:\Windows\apppatch\acwow64.dll

2012-08-18 11:19:22 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2012-08-18 11:17:56 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2012-08-18 11:17:56 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll

2012-08-18 09:12:09 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2012-08-18 09:12:09 2048 ----a-w- C:\Windows\SysWow64\user.exe

2012-08-18 09:07:02 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

2012-08-18 09:07:02 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

2012-08-18 09:07:02 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

2012-08-18 09:07:02 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

.

============= FINISH: 22:17:54.10 ===============

Link to post
Share on other sites

Step 1

Anti-Virus programs take up an enormous amount of your computer's resources when they are actively scanning your computer. Having two anti-virus programs running at the same time can cause your computer to run very slow, become unstable and even, in rare cases, crash. My suggestion is to uninstall AVG 2013 and to keep Microsoft Security Essentials.

Also, uninstall the following applications:

My Web Search

AVG Security Toolbar

Step 2

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Step 3

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Step 4

Download aswMBR.exe to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan

aswMBR2-1.gif

On completion of the scan click save log, save it to your desktop and post in your next reply

aswMBR2.png

In your next reply, post the following log files:

  • JRT log
  • Malwarebytes' Anti-Malware log
  • aswMBR log
  • a new fresh DDS log

Link to post
Share on other sites

Hi' all the things needed are below. My laptop seems to be better than before but it is still definitely slower. Although the persistent freezing seems to have lessened. But I still get these annoying not responding messages when I open things sometimes. Also just looking at the dds files there seems to be things I never installed like blackhawk striker - I just highlighted them in blue to show you. Perhaps they are games or something but I never downloaded them and they also do not appear on my programs list in control panel. There are a few others that I do not recognise but I do not know if they came with the computer or not.

JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 2.9.8 (11.11.2012)

OS: Windows 7 Home Premium x64

Ran by Charlene on 11/11/2012 at 17:19:22.24

Blog: http://thisisudax.blogspot.com

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ Event Viewer Logs were cleared

Malwarebytes log

Charlene :: CHARLENE-HP [administrator]

Protection: Enabled

11/11/2012 18:06:53

mbam-log-2012-11-11 (18-06-53).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 216174

Time elapsed: 3 hour(s), 9 minute(s), 25 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 16

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\Users\Charlene\Downloads\MyFunCards.exe (PUP.FunWebProducts) -> Quarantined and deleted successfully.

(end)

aswMBRlog

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software

Run date: 2012-11-11 21:38:21

-----------------------------

21:38:21.254 OS Version: Windows x64 6.1.7600

21:38:21.254 Number of processors: 4 586 0x2505

21:38:21.254 ComputerName: CHARLENE-HP UserName: Charlene

21:51:33.382 Initialize success

21:52:00.234 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

21:52:00.239 Disk 0 Vendor: ST950032 0005 Size: 476940MB BusType: 3

21:52:00.255 Disk 0 MBR read successfully

21:52:00.259 Disk 0 MBR scan

21:52:00.263 Disk 0 unknown MBR code

21:52:00.275 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048

21:52:00.287 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 459992 MB offset 409600

21:52:00.336 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 16644 MB offset 942473216

21:52:00.405 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128

21:52:00.471 Disk 0 scanning C:\Windows\system32\drivers

21:52:13.149 Service scanning

21:52:34.859 Modules scanning

21:52:34.874 Disk 0 trace - called modules:

21:52:34.896 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll

21:52:34.907 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80051e5060]

21:52:34.915 3 CLASSPNP.SYS[fffff88001b0343f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004f5c050]

21:52:34.923 Scan finished successfully

21:52:44.783 Disk 0 MBR has been saved successfully to "C:\Users\Charlene\Desktop\MBR.dat"

21:52:44.789 The log file has been saved successfully to "C:\Users\Charlene\Desktop\aswMBR.txt"

DDS

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-07.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 26/12/2010 14:25:06

System Uptime: 12/11/2012 10:01:45 (0 hours ago)

.

Motherboard: Hewlett-Packard | | 1439

Processor: Intel® Core i3 CPU M 350 @ 2.27GHz | CPU | 2266/1066mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 449 GiB total, 383.336 GiB free.

D: is FIXED (NTFS) - 16 GiB total, 2.09 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}

Description: Deskjet F4500 series

Device ID: ROOT\MULTIFUNCTION\0000

Manufacturer: HP

Name: Deskjet F4500 series

PNP Device ID: ROOT\MULTIFUNCTION\0000

Service:

.

Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}

Description: Deskjet F4500 series

Device ID: ROOT\IMAGE\0000

Manufacturer: HP

Name: Deskjet F4500 series

PNP Device ID: ROOT\IMAGE\0000

Service: StillCam

.

==== System Restore Points ===================

.

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

64 Bit HP CIO Components Installer

Acrobat.com

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Reader 9.4.5 MUI

Adobe Shockwave Player 11.5

Adobe Shockwave Player 11.6

Agatha Christie - Death on the Nile

Apple Application Support

Apple Software Update

Bejeweled 2 Deluxe

Bing Bar

Blackhawk Striker 2

Broadcom 802.11 Wireless LAN Adapter

BufferChm

Byki

Byki Express

Chuzzle Deluxe

Cole2k Media - Codec Pack (Standard)

Copy

CyberLink DVD Suite

CyberLink PowerDVD 9

CyberLink YouCam

D3DX10

Destinations

DeviceDiscovery

DivX Setup

DJ_AIO_06_F4500_SW_MIN

Dora's Carnival Adventure

Energy Star Digital Logo

Escape Rosecliff Island

ESU for Microsoft Windows 7

F4500

FATE

Final Drive Nitro

Google Chrome

Google Earth

Google Update Helper

GPBaseService2

Hewlett-Packard ACLM.NET v1.1.2.0

HP Advisor

HP Customer Experience Enhancements

HP Customer Participation Program 13.0

HP Deskjet F4500 Printer Driver Software 13.0 Rel .6

HP Documentation

HP Game Console

HP Games

HP Imaging Device Functions 13.0

HP Photo Creations

HP Power Manager

HP Print Projects 1.0

HP Quick Launch

HP Setup

HP Smart Web Printing 4.5

HP Software Framework

HP Solution Center 13.0

HP Support Assistant

HP Update

HP Wireless Assistant

HPPhotoGadget

hpPrintProjects

HPProductAssistant

HPSSupply

hpWLPGInstaller

Intel® Control Center

Intel® Graphics Media Accelerator Driver

Intel® Management Engine Components

Intel® Rapid Storage Technology

Java 7 Update 7

Java Auto Updater

Java 6 Update 20 (64-bit)

Jewel Quest - Heritage

Junk Mail filter update

LabelPrint

LightScribe System Software

Magic Desktop

Malwarebytes Anti-Malware version 1.65.1.1000

MarketResearch

Messenger Plus! 5

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Default Manager

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office 2010

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Click-to-Run 2010

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Starter 2010 - English

Microsoft Office Word MUI (English) 2007

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Network64

Penguins!

PhotoNow!

Picasa 3

Plants vs. Zombies

Poker Superstars III

Polar Bowler

Polar Golfer

Power2Go

PowerDirector

QuickTime

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

Realtek Ethernet Controller Driver For Windows 7

Realtek High Definition Audio Driver

Realtek USB 2.0 Card Reader

RealUpgrade 1.1

Recovery Manager

Riyad us Saliheen - Gardens of the Righteous

RtVOsd

Scan

Scrapbook Factory Deluxe 4.0

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition

Shop for HP Supplies

Skype™ 5.10

SmartWebPrinting

SolutionCenter

Status

swMSM

Synaptics Pointing Device Driver

Toolbox

TrayApp

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

VC80CRTRedist - 8.0.50727.6195

Virtual Villagers - The Secret City

Visual Studio 2008 x64 Redistributables

Visual Studio 2010 x64 Redistributables

WebReg

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Media Player Firefox Plugin

WinRAR archiver

Zuma Deluxe

.

==== End Of File ===========================

DDS (Ver_2012-11-07.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16450 BrowserJavaVersion: 10.7.2

Run by Charlene at 10:04:30 on 2012-11-12

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.353.1033.18.3894.2425 [GMT 2:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}

SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

C:\Windows\SysWOW64\ezSharedSvcHost.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files (x86)\Nova Development\Scrapbook Factory Deluxe 4.0\ReminderApp.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k HPService

c:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

mWinlogon: Userinit = userinit.exe,

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} -

BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

uRun: [Google Update] "C:\Users\Charlene\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe

mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [ReminderApp] C:\Program Files (x86)\Nova Development\Scrapbook Factory Deluxe 4.0\ReminderApp.exe

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12

StartupFolder: C:\Users\Charlene\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-Explorer: EnableShellExecuteHooks = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: HideFastUserSwitching = dword:0

IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/mjss/MJSS.cab109791.cab

DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/tr/uno1/GAME_UNO1.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

TCP: NameServer = 192.168.2.1

TCP: Interfaces\{310843A3-255C-4E42-AF22-CA19A1ABB0E8} : DHCPNameServer = 192.168.2.1

TCP: Interfaces\{310843A3-255C-4E42-AF22-CA19A1ABB0E8}\8456C696870283 : DHCPNameServer = 192.168.8.1

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll

SEH: UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s

x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

x64-DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]

R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-10-18 30568]

R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-11-7 98208]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]

R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]

R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-9-1 227896]

R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-2-15 34872]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-8 399432]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-11-8 676936]

R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 128456]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]

R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-2-3 271872]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-11-8 25928]

R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]

R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]

R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]

R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]

R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]

S2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-19 103992]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-7 13336]

S2 RtVOsdService;RtVOsdService Installer;C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-6-18 315392]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]

S2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-11-7 2320920]

S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]

S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-11-7 225280]

S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-11-7 333928]

S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864]

S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312]

S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-27 1255736]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]

.

=============== Created Last 30 ================

.

2012-11-11 17:28:44 9291768 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2AACE7B9-9E64-4918-8FBA-0222F976E27F}\mpengine.dll

2012-11-11 11:57:45 -------- d-----w- C:\Windows\ERUNT

2012-11-11 11:51:33 -------- d-----w- C:\JRT

2012-11-10 11:07:12 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2012-11-10 11:07:10 9291768 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{00968E63-163A-4F20-89D9-2068DD14C3BD}\mpengine.dll

2012-11-08 14:54:27 -------- d-----w- C:\Users\Charlene\AppData\Local\{A9AA6A33-C9AD-4C93-BA3C-4BD200574E43}

2012-11-08 12:41:36 9291768 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll

2012-11-08 11:56:17 -------- d-----w- C:\Users\Charlene\AppData\Roaming\Malwarebytes

2012-11-08 11:56:04 -------- d-----w- C:\ProgramData\Malwarebytes

2012-11-08 11:56:03 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-11-08 11:56:03 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-11-07 06:23:33 9291768 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-11-02 20:09:28 -------- d-----w- C:\Users\Charlene\AppData\Local\{C9E7C5B9-B0B7-432A-BF52-97746CA1183A}

2012-10-30 17:01:04 -------- d-----w- C:\Users\Charlene\AppData\Local\{2B5EF02A-E5AB-4EBC-920A-E3D608B0CBFF}

2012-10-28 09:07:49 -------- d-----w- C:\Users\Charlene\AppData\Local\{C2DA6556-E132-4692-94E7-1FD58A186A5B}

2012-10-26 10:07:19 -------- d-----w- C:\Users\Charlene\AppData\Local\{E014203F-DAB2-4081-87F4-69D31FABE8A3}

2012-10-24 08:42:17 -------- d-----w- C:\Users\Charlene\AppData\Local\{E4E9007B-ABC8-4D08-BE67-BD2C7F4C1366}

2012-10-23 19:50:17 -------- d-----w- C:\Users\Charlene\AppData\Local\{F1F5A624-55C1-403D-98FD-EF83C157CAE6}

2012-10-22 17:34:27 -------- d-----w- C:\Users\Charlene\AppData\Local\{4499A20E-BB14-45F7-B843-F2403380BCE3}

2012-10-21 08:11:05 -------- d-----w- C:\Users\Charlene\AppData\Local\{581191F8-CFB5-43D1-B9C0-DFA36889EF44}

2012-10-20 10:10:36 972192 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3530ECAD-4FBB-447F-B295-5AB880DC4F4C}\gapaengine.dll

2012-10-20 09:57:37 -------- d-----w- C:\Users\Charlene\AppData\Local\{542E5A86-1599-4184-B736-13BB7E677514}

2012-10-18 10:02:33 -------- d-----w- C:\Users\Charlene\AppData\Roaming\AVG2013

2012-10-18 10:01:28 -------- d-----w- C:\Users\Charlene\AppData\Roaming\TuneUp Software

2012-10-18 10:01:17 30568 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys

2012-10-18 09:52:27 -------- d-----w- C:\ProgramData\AVG2013

2012-10-18 09:08:04 -------- d-----w- C:\Users\Charlene\AppData\Local\Avg2013

2012-10-18 09:07:59 -------- d-----w- C:\Users\Charlene\AppData\Local\MFAData

2012-10-18 08:58:27 -------- d-----w- C:\Users\Charlene\AppData\Local\{25F59CA2-A68A-4C0C-A1F8-D33E5EF3CD97}

2012-10-17 18:57:45 -------- d-----w- C:\Users\Charlene\AppData\Local\{3E48EBD5-53E7-4DA1-9267-BA8202160306}

2012-10-14 17:07:02 -------- d-----w- C:\Users\Charlene\AppData\Local\{16AA751A-0AC9-4854-86DA-51E78BC60415}

2012-10-13 09:16:36 -------- d-----w- C:\Users\Charlene\AppData\Local\{AEDCF73D-F1BD-4EC1-B357-50C5D0EE818F}

.

==================== Find3M ====================

.

2012-09-18 14:40:28 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2012-09-18 14:40:23 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2012-09-18 14:40:23 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-09-14 19:23:40 2048 ----a-w- C:\Windows\System32\tzres.dll

2012-09-14 18:30:38 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2012-08-31 18:02:20 1656688 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2012-08-30 19:03:48 228768 ----a-w- C:\Windows\System32\drivers\MpFilter.sys

2012-08-30 19:03:48 128456 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys

2012-08-30 18:11:29 5505904 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-08-30 17:18:33 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-08-30 17:18:33 3902832 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-08-24 18:05:28 220160 ----a-w- C:\Windows\System32\wintrust.dll

2012-08-24 17:10:47 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll

2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll

2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-08-20 22:05:26 0 ----a-w- C:\Windows\SysWow64\sho1FB6.tmp

2012-08-18 15:43:05 362496 ----a-w- C:\Windows\System32\wow64win.dll

2012-08-18 15:43:05 243200 ----a-w- C:\Windows\System32\wow64.dll

2012-08-18 15:43:05 13312 ----a-w- C:\Windows\System32\wow64cpu.dll

2012-08-18 15:42:31 215040 ----a-w- C:\Windows\System32\winsrv.dll

2012-08-18 15:40:26 16384 ----a-w- C:\Windows\System32\ntvdm64.dll

2012-08-18 15:37:49 425984 ----a-w- C:\Windows\System32\KernelBase.dll

2012-08-18 15:34:13 338432 ----a-w- C:\Windows\System32\conhost.exe

2012-08-18 11:22:55 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2012-08-18 11:19:45 44032 ----a-w- C:\Windows\apppatch\acwow64.dll

2012-08-18 11:19:22 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2012-08-18 11:17:56 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2012-08-18 11:17:56 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll

2012-08-18 09:12:09 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2012-08-18 09:12:09 2048 ----a-w- C:\Windows\SysWow64\user.exe

2012-08-18 09:07:02 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

2012-08-18 09:07:02 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

2012-08-18 09:07:02 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

2012-08-18 09:07:02 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

.

============= FINISH: 10:53:45.15 ===============

Link to post
Share on other sites

They are all legitimates and are installed by you or someone using this system. If you don't need them, I suggest you to uninstall it, because of free hard drive space. :)

Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please post the C:\ComboFix.txt in your next reply for further review.

Note: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

Link to post
Share on other sites

Ok I will do that combo fix thing today.

Also I never downloaded games like about zombies and stuff - I never play games on my laptop so that is strange and I am the only one who uses my laptop. They must have come with the laptop when I bought it. Anyway how do I get rid of them because they do not appear on the unistall programs list and even when I write them in the search box on start menu they don't come up.

Link to post
Share on other sites

  • 3 weeks later...

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.