Firefox redirecting-- virus? please help.

[kl212604]

Hi. I think I have a virus and I need some help getting rid of it. I have AVG 2012, run with no results. Malwarebytes was run with no results. This seems to only be affecting firefox and not chrome or IE. Here are the logs that I guess I'm supposed to post. Thanks for any help somebody can give!

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 8.0.7600.17256 BrowserJavaVersion: 1.6.0_26

Run by Moneywinks at 19:11:08 on 2013-03-15

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3831.1653 [GMT -4:00]

.

AV: AVG Internet Security 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Internet Security 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: AVG Internet Security 2012 *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}

.

============== Running Processes ===============

.

C:\PROGRA~2\AVG\AVG2012\avgrsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\SYSTEM32\WISPTIS.EXE

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe

C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE

C:\Windows\SysWOW64\svchost.exe -k Akamai

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Windows\system32\taskhost.exe

C:\Windows\SYSTEM32\WISPTIS.EXE

C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

C:\Windows\system32\Dwm.exe

C:\Program Files (x86)\AVG\AVG2012\avgfws.exe

C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

C:\Windows\Explorer.EXE

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe

C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe

C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\PDF Complete\pdfsvc.exe

c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe

C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\AVG\AVG2012\avgemca.exe

C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe

C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\WUDFHost.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Users\Moneywinks\AppData\Local\Akamai\netsession_win.exe

C:\Users\Moneywinks\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Users\Moneywinks\AppData\Local\Akamai\netsession_win.exe

C:\Program Files\SIMU\SGE\SGETask.Exe

C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE

C:\Program Files (x86)\Hewlett-Packard\Buttons & OSDs control application gen3\FastUserSwitching.exe

C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe

C:\Program Files (x86)\Hewlett-Packard\Buttons & OSDs control application gen3\JAN2OSD.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\wuauclt.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

C:\Users\Moneywinks\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Moneywinks\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Moneywinks\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Moneywinks\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Moneywinks\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\taskeng.exe

C:\Users\Moneywinks\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Moneywinks\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://search.coupons.com/

mStart Page = hxxp://search.coupons.com/

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll

BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll

BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

TB: Coupons.com CouponBar: {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll

TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -

TB: Coupons.com CouponBar: {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll

EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

uRun: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [Akamai NetSession Interface] "C:\Users\Moneywinks\AppData\Local\Akamai\netsession_win.exe"

uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"

uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

uRun: [spotify Web Helper] "C:\Users\Moneywinks\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

uRun: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe

mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [HP KEYBOARDx] "C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE"

mRun: [buttons & OSDs control application gen3] c:\Program Files (x86)\Hewlett-Packard\Buttons & OSDs control application gen3\FastUserSwitching.exe

mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

mRun: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

StartupFolder: C:\Users\MONEYW~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SGETask.lnk - C:\Program Files\SIMU\SGE\SGETask.Exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAPFI~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

DPF: {1D082E71-DF20-4AAF-863B-596428C49874} - hxxp://www.worldwinner.com/games/v50/tpir/tpir.cab

DPF: {5721FA68-5ABD-40A8-81F1-4136691194BF} - hxxps://www.play.net/components/activex/AXSAL.ocx

DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} - hxxp://www.worldwinner.com/games/launcher/ie/v2.23.01.0/iewwload.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

TCP: Interfaces\{1CFF0019-5554-4A95-B0FF-E6C74721FAF4} : NameServer = 209.18.47.61,209.18.47.62

TCP: Interfaces\{1CFF0019-5554-4A95-B0FF-E6C74721FAF4}\4497E65687 : DHCPNameServer = 192.168.2.1 209.18.47.61 209.18.47.62

TCP: Interfaces\{1CFF0019-5554-4A95-B0FF-E6C74721FAF4}\B41636965637D20786F6E65602D4977596 : DHCPNameServer = 192.168.1.1 8.8.8.8

TCP: Interfaces\{C57E19E2-8FDA-47B8-B010-B156B7A6D3DB} : DHCPNameServer = 172.26.38.1 172.26.38.2 8.8.8.8

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

x64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll

x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

x64-Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon

x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

x64-DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Moneywinks\AppData\Roaming\Mozilla\Firefox\Profiles\m9eeijdp.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll

FF - plugin: c:\Program Files (x86)\Virtual Earth 3D\npVE3D.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Moneywinks\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll

FF - plugin: C:\Users\Moneywinks\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll

FF - plugin: C:\Users\Moneywinks\AppData\Roaming\Mozilla\Firefox\Profiles\m9eeijdp.default\extensions\2020Player_IKEA@2020Technologies.com\plugins\NP_2020Player_IKEA.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-4-19 28480]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-1-31 36944]

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-9-19 55856]

R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2011-5-23 48992]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-11-8 307040]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2011-12-23 47696]

R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2012-8-24 384352]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-6-15 283200]

R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-9-30 169408]

R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-9-16 98208]

R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 27136]

R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2012-12-5 2321560]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-11-2 5174392]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]

R2 CalendarSynchService;CalendarSynchService;C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [2010-7-14 22072]

R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-6-12 400368]

R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2010-9-16 635416]

R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2013-2-26 1153368]

R2 TVCapSvc;TV Background Capture Service (TVBCS);C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe [2010-6-17 345512]

R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-9-16 2320920]

R3 AVerAVF2;AVerAVF2;C:\Windows\System32\drivers\AVerAVF2.sys [2010-9-16 1212160]

R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2012-12-10 127328]

R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\avgidsfiltera.sys [2011-12-23 29776]

R3 clwvd;HP Webcam Splitter;C:\Windows\System32\drivers\clwvd.sys [2010-6-18 32880]

R3 FintekCIR;Fintek eHome Transceiver;C:\Windows\System32\drivers\FintekCIR.sys [2010-9-16 30248]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-9-16 56344]

R3 hidkmdf;Microsoft HID Class Shim for KMDF;C:\Windows\System32\drivers\hidkmdf.sys [2010-9-16 14328]

R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-9-16 158976]

R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2010-9-16 852256]

R3 NW1950;NextWindow 1950 Touch Screen;C:\Windows\System32\drivers\NW1950.sys [2010-9-16 25080]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-9-16 239616]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]

S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]

S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2010-4-19 22528]

S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]

S3 UsbFltr;WayTech USB Filter Driver;C:\Windows\System32\drivers\UsbFltr.sys [2007-4-9 12288]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-1-31 1255736]

.

=============== Created Last 30 ================

.

2013-03-15 22:47:28 -------- d-----w- C:\$RECYCLE.BIN

2013-03-15 22:35:13 -------- d-----w- C:\ComboFix

2013-03-12 05:10:39 -------- d-----w- C:\Program Files\iPod

2013-03-12 05:10:38 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-03-12 05:10:38 -------- d-----w- C:\Program Files\iTunes

2013-03-12 05:10:38 -------- d-----w- C:\Program Files (x86)\iTunes

2013-02-27 02:38:17 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

2013-02-27 02:38:17 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy

.

==================== Find3M ====================

.

2013-03-13 18:06:22 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-03-13 18:06:22 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-02-28 16:34:37 1198080 ----a-w- C:\Windows\System32\wininet.dll

2013-02-28 16:34:03 57856 ----a-w- C:\Windows\System32\licmgr10.dll

2013-02-28 16:16:46 981504 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-02-28 16:16:10 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll

2013-02-28 15:12:49 482816 ----a-w- C:\Windows\System32\html.iec

2013-02-28 14:51:56 386048 ----a-w- C:\Windows\SysWow64\html.iec

2013-02-28 13:55:02 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2013-02-28 13:26:56 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-01-05 05:57:43 5500776 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-01-05 05:02:17 3957608 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2013-01-05 05:02:17 3902312 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2013-01-04 05:41:01 1893224 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-01-04 05:40:54 287576 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS

2013-01-04 05:37:01 362496 ----a-w- C:\Windows\System32\wow64win.dll

2013-01-04 05:37:00 243200 ----a-w- C:\Windows\System32\wow64.dll

2013-01-04 05:37:00 13312 ----a-w- C:\Windows\System32\wow64cpu.dll

2013-01-04 05:36:33 215040 ----a-w- C:\Windows\System32\winsrv.dll

2013-01-04 05:33:49 16384 ----a-w- C:\Windows\System32\ntvdm64.dll

2013-01-04 05:30:34 424960 ----a-w- C:\Windows\System32\KernelBase.dll

2013-01-04 05:27:03 6144 ---ha-w- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll

2013-01-04 05:27:03 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll

2013-01-04 05:27:03 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll

2013-01-04 05:27:02 4608 ---ha-w- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll

2013-01-04 05:27:02 4096 ---ha-w- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll

2013-01-04 05:27:02 4096 ---ha-w- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll

2013-01-04 05:27:01 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll

2013-01-04 05:27:01 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll

2013-01-04 05:27:00 4608 ---ha-w- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll

2013-01-04 05:27:00 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll

2013-01-04 05:27:00 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll

2013-01-04 04:51:09 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2013-01-04 04:51:08 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll

2013-01-04 03:22:49 3150848 ----a-w- C:\Windows\System32\win32k.sys

2013-01-04 03:19:55 338432 ----a-w- C:\Windows\System32\conhost.exe

2013-01-04 02:48:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2013-01-04 02:48:34 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2013-01-04 02:48:34 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2013-01-04 02:48:33 2048 ----a-w- C:\Windows\SysWow64\user.exe

2013-01-04 02:43:35 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

2013-01-04 02:43:34 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

2013-01-04 02:43:34 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

2013-01-04 02:43:34 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

2012-12-16 16:52:02 46080 ----a-w- C:\Windows\System32\atmlib.dll

2012-12-16 14:40:45 367616 ----a-w- C:\Windows\System32\atmfd.dll

2012-12-16 14:25:27 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll

2012-12-16 14:25:19 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll

.

============= FINISH: 19:11:20.87 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 1/29/2011 4:54:09 PM

System Uptime: 3/15/2013 6:45:51 PM (1 hours ago)

.

Motherboard: PEGATRON CORPORATION | | 2A9A

Processor: Intel® Core i3 CPU M 370 @ 2.40GHz | CPU 1 | 2400/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 917 GiB total, 662.13 GiB free.

D: is FIXED (NTFS) - 15 GiB total, 1.782 GiB free.

E: is CDROM ()

F: is Removable

G: is CDROM (UDF)

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e97d-e325-11ce-bfc1-08002be10318}

Description: Buttons and OSDs ACPI driver gen2

Device ID: ACPI\JAN0100\1010100

Manufacturer: ACPI

Name: Buttons and OSDs ACPI driver gen2

PNP Device ID: ACPI\JAN0100\1010100

Service: ACPIService

.

==== System Restore Points ===================

.

RP218: 3/1/2013 10:10:50 PM - HPSF Restore Point

RP219: 3/9/2013 12:00:02 AM - Scheduled Checkpoint

RP220: 3/14/2013 3:00:26 AM - Windows Update

.

==== Installed Programs ======================

.

µTorrent

ActiveCheck component for HP Active Support Library

Adobe AIR

Adobe Community Help

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Media Player

Adobe Photoshop CS5

Adobe Photoshop Elements 9

Adobe Photoshop.com Inspiration Browser

Adobe Reader X (10.0.1)

AIM 7

Airport Mania

Akamai NetSession Interface

Akamai NetSession Interface Service

Amazon Kindle

Ancient Hearts

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Aptana Studio 2.0

Audacity 2.0.2

AVerMedia MiniCard Hybrid TV Tuner 1.1.64.55

AVG 2012

Azteca

Bejeweled 2 Deluxe

Bing Bar

Bing Maps 3D

Bob the Builder Can-Do-Zoo

Bonjour

Bounce Symphony

Build-a-lot

Buttons & OSDs control application gen3

calibre

Canon Easy-WebPrint EX

Canon IJ Network Scan Utility

Canon IJ Network Tool

Canon Inkjet Printer/Scanner/Fax Extended Survey Program

Canon MP Navigator EX 3.1

Canon MX340 series MP Drivers

Canon MX340 series User Registration

Canon Speed Dial Utility

Canon Utilities Easy-PhotoPrint EX

Canon Utilities My Printer

Canon Utilities Solution Menu

CCleaner

Chuzzle Deluxe

CinemaNow Media Manager

Corel Paint it! touch - IPM

Coupon Printer for Windows

CouponBar

CyberLink DVD Suite Deluxe

DAEMON Tools Lite

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Diner Dash 2 Restaurant Rescue

DirectX for Managed Code Update (Summer 2004)

Dora's Carnival Adventure

Dora's World Adventure

DVD Menu Pack for HP TouchSmart Video

Elements 9 Organizer

Elements STI Installer

Exact Audio Copy 1.0beta3

Facebook for HP TouchSmart

FATE

Franklin University BlueJ 3.0.0

Gem Shop

Google Calendar Sync

Google Chrome

Google Earth Plug-in

Google Update Helper

HGTV Ultimate Home Design with Landscaping & Decks

HP Advisor

HP AppsCenter 1.00

HP Customer Experience Enhancements

HP Desktop Keyboard

HP Game Console

HP Games

HP MediaSmart CinemaNow 2.0

HP MediaSmart/TouchSmart Netflix

HP Odometer

HP Remote Solution

HP Setup

HP Support Assistant

HP Support Information

HP TouchSmart

HP TouchSmart Background - Beats

HP TouchSmart Browser

HP TouchSmart Calendar

HP TouchSmart Canvas

HP TouchSmart Clock

HP TouchSmart Default Magnets

HP TouchSmart DVD

HP TouchSmart Live TV

HP TouchSmart Music

HP TouchSmart Notes

HP TouchSmart Paint it! by Corel

HP TouchSmart Paint it! by Corel - Content

HP TouchSmart Paint it! by Corel - Core

HP TouchSmart Paint it! by Corel - ICA

HP TouchSmart Paint it! by Corel - Langauge

HP TouchSmart Photo

HP TouchSmart RecipeBox

HP TouchSmart RSS

HP TouchSmart Tutorials

HP TouchSmart Twitter

HP TouchSmart Video

HP TouchSmart Weather

HP TouchSmart Webcam

HP Update

HP Vision Hardware Diagnostics

HPAsset component for HP Active Support Library

Hulu Desktop

iCloud

Intel® Graphics Media Accelerator Driver

Intel® Management Engine Components

Internet TV for Windows Media Center

iTunes

Java Auto Updater

Java 6 Update 23 (64-bit)

Java 6 Update 26

Java SE Development Kit 6 Update 23 (64-bit)

Jewel Quest Solitaire 2

Junk Mail filter update

Kobo

LabelPrint

LAME v3.98.3 for Audacity

LightScribe System Software

Logitech Harmony Remote Software

Mah Jong Medley

Malwarebytes Anti-Malware version 1.70.0.1100

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Default Manager

Microsoft Office 2010

Microsoft Office 2010 Language Pack Service Pack 1 (SP1)

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 64-bit MUI (English) 2010

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Single Image 2010

Microsoft Office Visio 2010

Microsoft Office Visio MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Touch Pack for Windows 7

Microsoft Visio 2010 Service Pack 1 (SP1)

Microsoft Visio Standard 2010

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft WSE 3.0 Runtime

Microsoft XNA Framework Redistributable 3.0

Microsoft XNA Framework Redistributable 3.1

Microsoft_VC80_ATL_x86

Microsoft_VC80_ATL_x86_x64

Microsoft_VC80_CRT_x86

Microsoft_VC80_CRT_x86_x64

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFC_x86_x64

Microsoft_VC80_MFCLOC_x86

Microsoft_VC80_MFCLOC_x86_x64

Microsoft_VC90_ATL_x86

Microsoft_VC90_ATL_x86_x64

Microsoft_VC90_CRT_x86

Microsoft_VC90_CRT_x86_x64

Microsoft_VC90_MFC_x86

Microsoft_VC90_MFC_x86_x64

mIRC

Movie Theme Pack for HP TouchSmart Video

Mozilla Firefox 9.0.1 (x86 en-US)

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

PDF Complete Special Edition

PDF Settings CS5

PeerBlock 1.1 (r518)

Penguins!

PhotoNow!

PictureMover

Plants vs. Zombies

PlayReady PC Runtime amd64

Polar Bowler

Polar Golfer

Power2Go

PowerDirector

PressReader

PS3 Media Server

QuickTime

Ralink RT2860 Wireless LAN Card

Realtek High Definition Audio Driver

Recovery Manager

Roxio CinemaNow 2.0

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition

Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition

Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition

Security Update for Microsoft Visio 2010 (KB2760762) 32-Bit Edition

Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition

Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition

Sid Meier's Civilization 4 Complete

Sid Meier's Civilization IV Colonization

SimCity 4 Deluxe

Simutronics Game Entry

Skip-Bo - Castaway Caper

Skype™ 6.0

Slice Audio File Splitter

Slingo Deluxe

Spotify

Spybot - Search & Destroy

StormFront

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition

Virtual Villagers - The Secret City

Visual Studio 2008 x64 Redistributables

VLC media player 1.1.9

Where's Waldo The Fantastic Journey

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Mail

Windows Live Messenger

Windows Live Photo Gallery

Windows Live Sync

Windows Live Upload Tool

Windows Live Writer

Windows Media Center Add-in for Silverlight

WinRAR 4.00 (64-bit)

WinSCP 4.2.1 beta

Zinio Reader 4

Zuma Deluxe

.

==== Event Viewer Messages From Past Week ========

.

3/15/2013 6:49:04 PM, Error: Service Control Manager [7000] - The HP Health Check Service service failed to start due to the following error: A device attached to the system is not functioning.

3/15/2013 6:45:12 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

3/15/2013 6:44:35 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

3/15/2013 6:35:06 PM, Error: Service Control Manager [7031] - The Akamai NetSession Interface service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

3/15/2013 6:34:41 PM, Error: Service Control Manager [7031] - The Akamai NetSession Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

3/15/2013 6:24:09 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

3/15/2013 6:24:09 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.

3/12/2013 1:08:32 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Apple Mobile Device service, but this action failed with the following error: An instance of the service is already running.

3/12/2013 1:07:32 AM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/12/2013 1:07:10 AM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

.

==== End Of File ===========================

[gringo_pr]

Hello kl212604

Welcome to The Forums!!

Around here they call me Gringo and I'll be glad to help you with your malware problems.

Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

• 
  
• Please do not run any tools unless instructed to do so.
  
  • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.

  [*]Please do not attach logs or use code boxes, just copy and paste the text.

  • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
    

  [*]Please read every post completely before doing anything.

  • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
    

  [*]Please provide feedback about your experience as we go.

  • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
  
  

NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

• Download Security Check by screen317 from

here.

• Save it to your Desktop.
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

• Please download

AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
  
• Double click on AdwCleaner.exe to run the tool.
  
• Click on Delete.
  
• Confirm each time with Ok.
  
• Your computer will be rebooted automatically. A text file will open after the restart.
  
• Please post the content of that logfile with your next answer.
  
• You can find the logfile at C:\AdwCleaner[s1].txt as well.
  

--RogueKiller--

• Download & SAVE to your Desktop RogueKiller or from here
  
  • Quit all programs that you may have started.
    
  • Please disconnect any USB or external drives from the computer before you run this scan!
    
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
    
  • For Windows XP, double-click to start.
    
  • Wait until Prescan has finished ...
    
  • Then Click on "Scan" button
    
  • Wait until the Status box shows "Scan Finished"
    
  • click on "delete"
    
  • Wait until the Status box shows "Deleting Finished"
    
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
    
  • The log should be found in RKreport[1].txt on your Desktop
    
  • Exit/Close RogueKiller+
    

Gringo

[gringo_pr]

Hello

48 Hour bump

It has been more than 48 hours since my last post.

• do you still need help with this?
  
• do you need more time?
  
• are you having problems following my instructions?
  
• if after 48hrs you have not replied to this thread then it will have to be closed!
  

Gringo

[LDTate]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!