Jump to content

Unsure how to read my HIJACKTHIS log


Recommended Posts

The following is from AdwCleaner

# AdwCleaner v2.303 - Logfile created 06/14/2013 at 09:54:48

# Updated 08/06/2013 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : DP - DP-HP

# Boot Mode : Normal

# Running from : C:\Users\DP\Downloads\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

File Found : C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi

File Found : C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\searchplugins\Conduit.xml

File Found : C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\searchplugins\SweetIm.xml

File Found : C:\Windows\Tasks\VideoSaver Update.job

Folder Found : C:\Program Files (x86)\Common Files\spigot

Folder Found : C:\Program Files (x86)\Conduit

Folder Found : C:\Program Files (x86)\VideoSaver

Folder Found : C:\ProgramData\WeCareReminder

Folder Found : C:\Users\DP\AppData\Local\Conduit

Folder Found : C:\Users\DP\AppData\Local\Wajam

Folder Found : C:\Users\DP\AppData\LocalLow\boost_interprocess

Folder Found : C:\Users\DP\AppData\LocalLow\Conduit

Folder Found : C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\CT3220468

Folder Found : C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}

Folder Found : C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\extensions\staged

Folder Found : C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\extensions\wecarereminder@bryan

Folder Found : C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\Smartbar

Folder Found : C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\SweetPacksToolbarData

Folder Found : C:\Users\DP\AppData\Roaming\registry mechanic

Folder Found : C:\Users\DP\Documents\ShopToWin

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\Freecause

Key Found : HKCU\Software\AppDataLow\Software\Search Settings

Key Found : HKCU\Software\AppDataLow\Software\SmartBar

Key Found : HKCU\Software\AppDataLow\Software\videosaver

Key Found : HKCU\Software\Conduit

Key Found : HKCU\Software\InstallCore

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCA0E497-33D1-4DBE-8FDB-7F9A597C8BC2}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCA0E497-33D1-4DBE-8FDB-7F9A597C8BC2}

Key Found : HKCU\Software\wecarereminder

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}

Key Found : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}

Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}

Key Found : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL

Key Found : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}

Key Found : HKLM\Software\Conduit

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FCA0E497-33D1-4DBE-8FDB-7F9A597C8BC2}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}

Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCA0E497-33D1-4DBE-8FDB-7F9A597C8BC2}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\videosaver@videosaver.net

Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}

Key Found : HKU\S-1-5-21-2427946722-528172125-1701966226-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Found : HKU\S-1-5-21-2427946722-528172125-1701966226-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}

Key Found : HKU\S-1-5-21-2427946722-528172125-1701966226-1001\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Found : HKU\S-1-5-21-2427946722-528172125-1701966226-1001\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16490

[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={C12D1993-CD44-11E2-BC1B-AC72897F49A9}

-\\ Mozilla Firefox v20.0.1 (en-US)

File : C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\prefs.js

Found : user_pref("CT3220468.129813684259252248.APP_WIN_FEATURES", "resizable=0,saveresizedsize=0,titlebar=0[...]

Found : user_pref("CT3220468.BT_Stats.enc", "eyJsYXN0X2xvZyI6MTM2OTAwNTU4NywidXVpZCI6NzIwOTc3NDMyOTg0MzAwLCJ[...]

Found : user_pref("CT3220468.BT_Usage", "{\"uuid\":720977432984300,\"seq_id\":4}");

Found : user_pref("CT3220468.CBOpenMAMSettings.enc", "MA==");

Found : user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");

Found : user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]

Found : user_pref("CT3220468.Facebook_Mode.enc", "Mg==");

Found : user_pref("CT3220468.Facebook_User_Locale.enc", "ZW4=");

Found : user_pref("CT3220468.FirstTime", "true");

Found : user_pref("CT3220468.FirstTimeFF3", "true");

Found : user_pref("CT3220468.LoginRevertSettingsEnabled", true);

Found : user_pref("CT3220468.PG_ENABLE", "dHJ1ZQ==");

Found : user_pref("CT3220468.PG_ENABLE.enc", "ZEhKMVpRPT0=");

Found : user_pref("CT3220468.RevertSettingsEnabled", true);

Found : user_pref("CT3220468.SF_JUST_INSTALLED.enc", "RkFMU0U=");

Found : user_pref("CT3220468.SF_STATUS.enc", "RU5BQkxFRA==");

Found : user_pref("CT3220468.SF_USER_ID.enc", "Y2lkXzk0MjAxMzE1MTM1OTE0OTI3NDY=");

Found : user_pref("CT3220468.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT322[...]

Found : user_pref("CT3220468.UserID", "UN08777165793896347");

Found : user_pref("CT3220468.addressBarTakeOverEnabledInHidden", "true");

Found : user_pref("CT3220468.autoDisableScopes", -1);

Found : user_pref("CT3220468.browser.search.defaultthis.engineName", true);

Found : user_pref("CT3220468.cb_experience_000.enc", "MTQ3");

Found : user_pref("CT3220468.cb_firstuse0100.enc", "MQ==");

Found : user_pref("CT3220468.cb_user_id_000.enc", "Q0IyNzgwNDc3NDE5NDlfMTM1OTIzNjQwMjk2M19GaXJlZm94");

Found : user_pref("CT3220468.cbcountry_001.enc", "VVM=");

Found : user_pref("CT3220468.cbfirsttime.enc", "TW9uIE9jdCAxNSAyMDEyIDIwOjA5OjE1IEdNVC0wNzAwIChQYWNpZmljIERh[...]

Found : user_pref("CT3220468.embeddedsData", "[{\"appId\":\"129813684258939747\",\"apiPermissions\":{\"cross[...]

Found : user_pref("CT3220468.enableAlerts", "always");

Found : user_pref("CT3220468.enableFix404ByUser", "FALSE");

Found : user_pref("CT3220468.enableSearchFromAddressBar", "true");

Found : user_pref("CT3220468.firstTimeDialogOpened", "true");

Found : user_pref("CT3220468.fixPageNotFoundError", "true");

Found : user_pref("CT3220468.fixPageNotFoundErrorByUser", "true");

Found : user_pref("CT3220468.fixPageNotFoundErrorInHidden", "true");

Found : user_pref("CT3220468.fixUrls", true);

Found : user_pref("CT3220468.hxxp___facebook_conduitapps_com.APP_WIN_FEATURES.enc", "cmVzaXphYmxlPTAsaHNjcm9[...]

Found : user_pref("CT3220468.hxxp___www_socialgrowthtechnologies_com_couponbuddy_v001.APP_WIN_FEATURES", "op[...]

Found : user_pref("CT3220468.installId", "fftD7C3.tmp.exe");

Found : user_pref("CT3220468.installType", "XPE");

Found : user_pref("CT3220468.isCheckedStartAsHidden", true);

Found : user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");

Found : user_pref("CT3220468.isFirstTimeToolbarLoading", "false");

Found : user_pref("CT3220468.isNewTabEnabled", true);

Found : user_pref("CT3220468.isPerformedSmartBarTransition", "true");

Found : user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");

Found : user_pref("CT3220468.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");

Found : user_pref("CT3220468.keyword", true);

Found : user_pref("CT3220468.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit[...]

Found : user_pref("CT3220468.lastVersion", "10.15.0.562");

Found : user_pref("CT3220468.mam_gk_appStateReportTime.enc", "MTM2ODQ5MTQwNjA1Nw==");

Found : user_pref("CT3220468.mam_gk_appState_CouponBuddy.enc", "b24=");

Found : user_pref("CT3220468.mam_gk_appState_PriceGong.enc", "b24=");

Found : user_pref("CT3220468.migrateAppsAndComponents", true);

Found : user_pref("CT3220468.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%[...]

Found : user_pref("CT3220468.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");

Found : user_pref("CT3220468.search.searchAppId", "129813684258939747");

Found : user_pref("CT3220468.search.searchCount", "0");

Found : user_pref("CT3220468.searchInNewTabEnabledByUser", "true");

Found : user_pref("CT3220468.searchInNewTabEnabledInHidden", "true");

Found : user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");

Found : user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]

Found : user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"3\[...]

Found : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]

Found : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]

Found : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]

Found : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]

Found : user_pref("CT3220468.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1371198632322");

Found : user_pref("CT3220468.serviceLayer_services_appsMetadata_lastUpdate", "1371198632280");

Found : user_pref("CT3220468.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1371198632161");

Found : user_pref("CT3220468.serviceLayer_services_location_lastUpdate", "1371198631979");

Found : user_pref("CT3220468.serviceLayer_services_login_10.15.0.562_lastUpdate", "1371198632285");

Found : user_pref("CT3220468.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1371198632213");

Found : user_pref("CT3220468.serviceLayer_services_searchAPI_lastUpdate", "1371198631982");

Found : user_pref("CT3220468.serviceLayer_services_serviceMap_lastUpdate", "1371198630730");

Found : user_pref("CT3220468.serviceLayer_services_toolbarContextMenu_lastUpdate", "1371198632105");

Found : user_pref("CT3220468.serviceLayer_services_toolbarSettings_lastUpdate", "1371198632264");

Found : user_pref("CT3220468.serviceLayer_services_translation_lastUpdate", "1371198632254");

Found : user_pref("CT3220468.settingsINI", true);

Found : user_pref("CT3220468.showToolbarPermission", "false");

Found : user_pref("CT3220468.smartbar.CTID", "CT3220468");

Found : user_pref("CT3220468.smartbar.Uninstall", "0");

Found : user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 ");

Found : user_pref("CT3220468.toolbarBornServerTime", "20-5-2013");

Found : user_pref("CT3220468.toolbarCurrentServerTime", "14-6-2013");

Found : user_pref("CT3220468.toolbarLoginClientTime", "Fri Jun 14 2013 01:28:30 GMT-0700 (Pacific Daylight T[...]

Found : user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]

Found : user_pref("browser.newtab.url", "hxxp://start.sweetpacks.com/?src=97&barid={C12D1993-CD44-11E2-BC1B-[...]

Found : user_pref("extensions.wecarereminder.merchHash", "{\"AFFILIATES\":{\"1-Sale-A-Day\":{\"name\":\"1 Sa[...]

Found : user_pref("smartbar.machineId", "X/KXYHII68BJM73JQ6GF3XUWTOY/TS+VKK5/FNP42GJBCCDAKLIM5J3/IASXMV7SC6D[...]

Found : user_pref("sweetim.toolbar.RevertDialog.enable", "false");

Found : user_pref("sweetim.toolbar.SearchBoxLogo", "bing.png");

Found : user_pref("sweetim.toolbar.SearchBoxText", "Search with Bing");

Found : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");

Found : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");

Found : user_pref("sweetim.toolbar.Visibility.enable", "true");

Found : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");

Found : user_pref("sweetim.toolbar.cargo", "3.5000006.10045");

Found : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "false");

Found : user_pref("sweetim.toolbar.cda.HideOveride.enable", "false");

Found : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "false");

Found : user_pref("sweetim.toolbar.defaultProvider", "bng");

Found : user_pref("sweetim.toolbar.dialogs.0.enable", "true");

Found : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-h[...]

Found : user_pref("sweetim.toolbar.dialogs.0.height", "335");

Found : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");

Found : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");

Found : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?la[...]

Found : user_pref("sweetim.toolbar.dialogs.0.width", "761");

Found : user_pref("sweetim.toolbar.dialogs.1.enable", "true");

Found : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-h[...]

Found : user_pref("sweetim.toolbar.dialogs.1.height", "300");

Found : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");

Found : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");

Found : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html"[...]

Found : user_pref("sweetim.toolbar.dialogs.1.width", "500");

Found : user_pref("sweetim.toolbar.dialogs.2.enable", "true");

Found : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handl[...]

Found : user_pref("sweetim.toolbar.dialogs.2.height", "150");

Found : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");

Found : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");

Found : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");

Found : user_pref("sweetim.toolbar.dialogs.2.width", "530");

Found : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.goog[...]

Found : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");

Found : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");

Found : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");

Found : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");

Found : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");

Found : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");

Found : user_pref("sweetim.toolbar.mode.debug", "false");

Found : user_pref("sweetim.toolbar.newtab.created", "true");

Found : user_pref("sweetim.toolbar.newtab.enable", "true");

Found : user_pref("sweetim.toolbar.newtab.url", "hxxp://start.sweetpacks.com/?src=97&barid=$toolbar_id;&crg=[...]

Found : user_pref("sweetim.toolbar.previous.browser.newtab.url", "about:newtab");

Found : user_pref("sweetim.toolbar.previous.keyword.URL", "");

Found : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_V[...]

Found : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");

Found : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");

Found : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");

Found : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");

Found : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");

Found : user_pref("sweetim.toolbar.scripts.0.enable", "false");

Found : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");

Found : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");

Found : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");

Found : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");

Found : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");

Found : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");

Found : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");

Found : user_pref("sweetim.toolbar.scripts.1.enable", "false");

Found : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");

Found : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");

Found : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");

Found : user_pref("sweetim.toolbar.scripts.2.callback", "");

Found : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..[...]

Found : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");

Found : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");

Found : user_pref("sweetim.toolbar.scripts.2.enable", "false");

Found : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");

Found : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?[...]

Found : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]

Found : user_pref("sweetim.toolbar.search.history.capacity", "10");

Found : user_pref("sweetim.toolbar.searchguard.enable", "false");

Found : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");

Found : user_pref("sweetim.toolbar.simapp_id", "{C12D1993-CD44-11E2-BC1B-AC72897F49A9}");

Found : user_pref("sweetim.toolbar.urls.afteruninstall", "hxxp://toolbar.sweetpacks.com/uninstallbar.asp?bar[...]

Found : user_pref("sweetim.toolbar.urls.contactus", "hxxp://www.perion.com/contact-us");

Found : user_pref("sweetim.toolbar.urls.homepage", "hxxp://toolbar.sweetpacks.com");

Found : user_pref("sweetim.toolbar.urls.privacy", "hxxp://www.perion.com/privacy-policy");

Found : user_pref("sweetim.toolbar.urls.searchpage", "hxxp://start.sweetpacks.com/?barid=$toolbar_id;");

Found : user_pref("sweetim.toolbar.urls.uninstall", "hxxp://toolbar.sweetpacks.com/uninstall");

Found : user_pref("sweetim.toolbar.version", "1.13.0.1");

File : C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\7kzeohdp.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v27.0.1453.110

File : C:\Users\DP\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [21867 octets] - [14/06/2013 09:54:48]

########## EOF - C:\AdwCleaner[R1].txt - [21928 octets] ##########

The following is a HiJACKTHIS log

#############################

########################

#######################

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 10:01:25 AM, on 6/14/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16490)

CHROME: 27.0.1453.110

FIREFOX: 20.0.1 (en-US)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe

C:\Users\DP\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Users\DP\AppData\Roaming\Spotify\spotify.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe

C:\Program Files\1-click run\WinZip Pro 17.5 Build 10480 (64bit)\WZQKPICK32.EXE

C:\Users\DP\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\PROGRAM FILES (X86)\CYBERLINK\SHARED FILES\BRS.EXE

C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe

C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe

C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Steam\Steam.exe

C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\DP\Downloads\HijackThis (1).exe

C:\Users\DP\Downloads\adwcleaner.exe

C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10045&barid={C12D1993-CD44-11E2-BC1B-AC72897F49A9}

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - - (no file)

R3 - URLSearchHook: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)

F2 - REG:system.ini: UserInit=userinit.exe,

O1 - Hosts: ::1 localhost #[iPv6]

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL

O2 - BHO: WeCareReminder - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: VideoSaver - {FCA0E497-33D1-4DBE-8FDB-7F9A597C8BC2} - C:\Program Files (x86)\VideoSaver\VideoSaver.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe

O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [Google Update] "C:\Users\DP\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\DP\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [spotify] "C:\Users\DP\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart

O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe

O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: Dropbox.lnk = DP\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\1-click run\WinZip Pro 17.5 Build 10480 (64bit)\WZQKPICK32.EXE

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O9 - Extra button: (no name) - {6ED0A312-78F5-493C-A90C-5DAF321D0BF8} - C:\ProgramData\WeCareReminder\IEMenuItem.dll (HKCU)

O9 - Extra 'Tools' menuitem: We-Care Add-on - {6ED0A312-78F5-493C-A90C-5DAF321D0BF8} - C:\ProgramData\WeCareReminder\IEMenuItem.dll (HKCU)

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

O23 - Service: CyberLink Product - 2012/01/16 22:34:22 (CLKMSVC10_38F51D56) - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe

O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\HPTools\platform\windows\cronsvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe

O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

O23 - Service: HP Connection Manager 4.0 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)

O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: RadeonPro Support Service - Mr. John aka japamd - C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: RosettaStoneDaemon - Rosetta Stone Ltd. - C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe

O23 - Service: RoxioNow Service - Roxio - C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--

End of file - 20804 bytes

Link to post
Share on other sites

Welcome to the forum.

Run AdwCleaner again and click "Delete".

HJT doesn't work well on W7.......if you're having problems:

please start HERE

Post back the 2 logs here.....DDS.txt and Attach.txt

(please don't put logs in code or quotes)

P2P Warning:

If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

<====><====><====><====><====><====><====><====>

Next................

Please download and run RogueKiller 32 bit to your desktop.

RogueKiller<---use this one for 64 bit systems

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

(please don't put logs in code or quotes)

MrC

Note:

Please read all of my instructions completely including these.

Make sure you're subscribed to this topic:
Click on the
Follow This Topic Button
(at the top right of this page), make sure that the
Receive notification
box is checked and that it is set to
Instantly

Removing malware can be unpredictable
...things can go very wrong!
Backup
any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>
Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>
Please stick with me until I give you the "all clear" and
Please don't waste my time by leaving before that
.

------->Your topic will be closed if you haven't replied within 3 days!<--------

(If I don't respond within 24 hours, please send me a PM)

Link to post
Share on other sites

##########################

ATTACH -

########################

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 10/13/2011 4:23:40 PM

System Uptime: 6/14/2013 11:10:37 AM (3 hours ago)

.

Motherboard: Hewlett-Packard | | 3389

Processor: Intel® Core i7-2670QM CPU @ 2.20GHz | CPU1 | 2201/1600mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 917 GiB total, 687.589 GiB free.

D: is FIXED (NTFS) - 15 GiB total, 1.612 GiB free.

E: is CDROM ()

F: is FIXED (FAT32) - 0 GiB total, 0.082 GiB free.

G: is CDROM (CDFS)

H: is CDROM ()

I: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP198: 6/13/2013 3:00:13 AM - Windows Update

RP199: 6/13/2013 12:37:31 PM - Installed Microsoft Fix it 50756

RP200: 6/14/2013 3:04:35 AM - Removed Typing Instructor Platinum.

.

==== Hosts File Hijack ======================

.

Hosts: 127.0.0.1 ads.mcafee.com

Hosts: 127.0.0.1 analytics.microsoft.com

Hosts: 127.0.0.1 metrics.bitdefender.com

Hosts: 127.0.0.1 metrics.mcafee.com

Hosts: 127.0.0.1 om.symantec.com

Hosts: 127.0.0.1 ox-d.majorgeeks.com

Hosts: 127.0.0.1 ads.bleepingcomputer.com

Hosts: 127.0.0.1 wdcs.trendmicro.com

.

==== Installed Programs ======================

.

AceReader Pro Deluxe Plus

ActiveState Komodo Edit 7.0.2

Adobe Acrobat X Pro - English, Français, Deutsch

Adobe AIR

Adobe Dreamweaver CS6

Adobe Fireworks CS6

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Flash Professional CS6

Adobe Help Manager

Adobe Illustrator CS6

Adobe InDesign CS6

Adobe Muse

Adobe Photoshop CS6

Adobe Reader X (10.1.4) MUI

Adobe Shockwave Player 11.5

Adobe Widget Browser

Advanced SystemCare 6

Agatha Christie - Peril at End House

AMD APP SDK Runtime

AMD Catalyst Install Manager

ASPCA Reminder by We-Care.com v4.1.22.1

AuthenTec TrueAPI

avast! Free Antivirus

Bejeweled 2 Deluxe

Bejeweled 3

Blackhawk Striker 2

Blasterball 3

Blio

Bounce Symphony

Build-a-lot 2

Business Plan Pro 15th Anniversary Edition

Cake Mania

Camtasia Studio 8

Catalyst Control Center

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CCleaner Professional

CDDRV_Installer

Chuzzle Deluxe

Combined Community Codec Pack 2013-04-20

Counter-Strike

Counter-Strike: Global Offensive Beta

Counter-Strike: Source Beta

CyberLink PowerDVD

CyberLink YouCam

D3DX10

DAEMON Tools Lite

Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition

DHTML Editing Component

Diablo III

Diner Dash 2 Restaurant Rescue

DivX Setup

Dora's World Adventure

Dota 2

Dota 2 Test

Dropbox

DVD Flick 1.3.0.7

Energy Star Digital Logo

erLT

ESU for Microsoft Windows 7

Evernote v. 4.2.2

Facebook Video Calling 1.2.0.287

Farm Frenzy

FATE - The Traitor Soul

FileZilla Client 3.5.3

Fraps v3.5.99 Build 15618

Game Booster 3

GOM Player

Google Chrome

Google Drive

Google Earth

Google Update Helper

Hewlett-Packard ACLM.NET v1.2.1.1

HP 3D DriveGuard

HP Auto

HP Client Services

HP Connection Manager

HP Customer Experience Enhancements

HP Documentation

HP Games

HP MovieStore

HP On Screen Display

HP Power Manager

HP Product Detection

HP Quick Launch

HP Setup

HP Setup Manager

HP SimplePass 2011

HP Software Framework

HP Support Assistant

IDT Audio

Intel PROSet Wireless

Intel® Control Center

Intel® Display Audio Driver

Intel® Management Engine Components

Intel® Processor ID Utility

Intel® PROSet/Wireless for Bluetooth® + High Speed

Intel® PROSet/Wireless Software for Bluetooth® Technology

Intel® Rapid Storage Technology

Intel® Wireless Display

Intel® PROSet/Wireless WiFi Software

IZArc 4.1.6

Java 7 Update 21

Java Auto Updater

Java 6 Update 22

Java 6 Update 24 (64-bit)

Java 6 Update 32

JavaFX 2.1.0

Junk Mail filter update

KhalInstallWrapper

Logitech SetPoint

Mah Jong Medley

Malwarebytes Anti-Malware version 1.75.0.1300

Mesh Runtime

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft IntelliPoint 8.2

Microsoft Mathematics (64-bit)

Microsoft Mathematics Add-in (64-bit)

Microsoft Office 2010

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office Office 32-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 32-bit MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft WSE 3.0 Runtime

Microsoft_VC80_CRT_x86

Microsoft_VC90_CRT_x86

Mozilla Firefox 20.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 Parser and SDK

MSXML 4.0 SP3 Parser

Mumble 1.2.3

Mystery P.I. - Stolen in San Francisco

Namco All-Stars PAC-MAN

NaturalReaderFree

Notepad++

OpenOffice.org 3.3

PDF Settings CS6

Penguins!

Perfect Photo Suite 7.1.1

Plants vs. Zombies - Game of the Year

PlayReady PC Runtime x86

Poker Superstars III

Polar Bowler

Polar Golfer

PowerStrip 3 (remove only)

puush

PX Profile Update

RadeonPro 1.0 (Build 1.1.0.6)

Real Alternative 1.8.0

Realtek Ethernet Controller Driver

Realtek High Definition Audio Driver

Realtek PCIE Card Reader

Recovery Manager

Renesas Electronics USB 3.0 Host Controller Driver

Rosetta Stone Ltd Services

Rosetta Stone TOTALe

RoxioNow Player

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Excel 2010 (KB2597126) 64-Bit Edition

Security Update for Microsoft Filter Pack 2.0 (KB2553501) 64-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2687422) 64-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2760406) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2687501) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2687510) 64-Bit Edition

Security Update for Microsoft OneNote 2010 (KB2760600) 64-Bit Edition

Security Update for Microsoft Publisher 2010 (KB2553147) 64-Bit Edition

Security Update for Microsoft Visio 2010 (KB2810068) 64-Bit Edition

Security Update for Microsoft Visio Viewer 2010 (KB2687505) 64-Bit Edition

Security Update for Microsoft Word 2010 (KB2760410) 64-Bit Edition

Service Installer II

Skype™ 6.1

Slingo Supreme

Smart Defrag 2

Spotify

StarCraft II

Steam

Synaptics TouchPad Driver

System Requirements Lab CYRI

System Requirements Lab for Intel

TeamViewer 8

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition

Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition

Update for Microsoft Outlook 2010 (KB2597090) 64-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition

Update Installer for WildTangent Games App

Validity WBF DDK

VC80CRTRedist - 8.0.50727.6195

Ventrilo Client

Ventrilo Client for Windows x64

Vertus Fluid Mask 3 3.2.5

Virtual Villagers 4 - The Tree of Life

VLC media player 2.0.6

Web CEO 9.0

Wheel of Fortune 2

WildTangent Games App (HP Games)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinWay Resume Deluxe

WinZip Pro 17.5 Build 10480 (64bit)

Xara Web Designer 7 Premium

Xara Web Designer 7 Premium Content Pack

Zuma Deluxe

.

==== Event Viewer Messages From Past Week ========

.

6/8/2013 12:09:41 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running.

6/8/2013 12:09:11 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

6/8/2013 12:09:11 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-2147218173.

6/7/2013 12:12:14 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

6/7/2013 12:12:14 AM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

6/14/2013 11:13:30 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.

6/14/2013 11:11:32 AM, Error: Application Popup [1060] - \SystemRoot\system32\DRIVERS\hidusbf.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

6/12/2013 12:47:13 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.

6/12/2013 12:47:13 PM, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

.

==== End Of File ===========================

#################################################################

DDS

########################################################

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16490 BrowserJavaVersion: 10.21.2

Run by DP at 14:27:11 on 2013-06-14

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.16332.11994 [GMT -7:00]

.

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe

C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files\IDT\WDM\STacSV64.exe

C:\Windows\system32\Hpservice.exe

C:\Windows\system32\atieclxx.exe

C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

C:\Windows\System32\WUDFHost.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\Dwm.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\system32\WLANExt.exe

C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\svchost.exe -k WbioSvcGroup

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\IDT\WDM\AESTSr64.exe

C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\HPTools\platform\windows\cronsvc.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files\Logitech\SetPoint\LBTWiz.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Users\DP\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Users\DP\AppData\Roaming\Spotify\spotify.exe

C:\Windows\System32\StikyNot.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files\1-click run\WinZip Pro 17.5 Build 10480 (64bit)\WZQKPICK32.EXE

C:\Users\DP\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\Windows\SysWOW64\ezSharedSvcHost.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

C:\Windows\SysWOW64\nlssrv32.exe

C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe

C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted

C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe

C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\PROGRAM FILES (X86)\CYBERLINK\SHARED FILES\BRS.EXE

C:\Windows\system32\wuauclt.exe

C:\Program Files (x86)\Steam\Steam.exe

C:\Program Files (x86)\Common Files\Steam\SteamService.exe

C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\DP\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uSearch Bar = hxxp://www.google.com/ie

uSearch Page = hxxp://www.google.com

mStart Page = hxxp://www.google.com

uURLSearchHooks: <No Name>: - LocalServer32 - <no file>

uURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>

mWinlogon: Userinit = userinit.exe,

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

uRun: [Google Update] "C:\Users\DP\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [spotify Web Helper] "C:\Users\DP\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

uRun: [spotify] "C:\Users\DP\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart

uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe

uRun: [AdobeBridge] <no file>

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe

mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"

mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

StartupFolder: C:\Users\DP\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\DP\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files\Logitech\SetPoint\SetPoint.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WINZIP~1.LNK - C:\Program Files\1-click run\WinZip Pro 17.5 Build 10480 (64bit)\WZQKPICK32.EXE

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-Explorer: EnableShellExecuteHooks = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{54296D01-1420-45DC-B721-3CB375E8D74A} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{54296D01-1420-45DC-B721-3CB375E8D74A}\141413 : DHCPNameServer = 68.190.192.35 71.9.127.107

TCP: Interfaces\{54296D01-1420-45DC-B721-3CB375E8D74A}\141423 : DHCPNameServer = 68.190.192.35 71.9.127.107

TCP: Interfaces\{54296D01-1420-45DC-B721-3CB375E8D74A}\161663 : DHCPNameServer = 68.190.192.35 71.9.127.107

TCP: Interfaces\{54296D01-1420-45DC-B721-3CB375E8D74A}\342455 : DHCPNameServer = 4.2.2.1 8.8.8.8

TCP: Interfaces\{54296D01-1420-45DC-B721-3CB375E8D74A}\5463 : DHCPNameServer = 68.190.192.35 71.9.127.107

TCP: Interfaces\{54296D01-1420-45DC-B721-3CB375E8D74A}\5683 : DHCPNameServer = 68.190.192.35 71.9.127.107

TCP: Interfaces\{54296D01-1420-45DC-B721-3CB375E8D74A}\A565437424 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{E717900E-CB9C-4BC0-A7E8-BA5ECF551797} : DHCPNameServer = 68.190.192.35 71.9.127.107

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"

x64-Run: [bluetooth Connection Assistant] LBTWIZ.EXE -silent

x64-Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

x64-Run: [bTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp

x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

x64-DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll

x64-SSODL: WebCheck - <orphaned>

x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

Hosts: 127.0.0.1 ads.mcafee.com

Hosts: 127.0.0.1 analytics.microsoft.com

Hosts: 127.0.0.1 metrics.bitdefender.com

Hosts: 127.0.0.1 metrics.mcafee.com

Hosts: 127.0.0.1 om.symantec.com

.

Note: multiple HOSTS entries found. Please refer to Attach.txt

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\DP\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll

FF - plugin: C:\Users\DP\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\plugins\np-mswmp.dll

FF - plugin: C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\plugins\npConduitFirefoxPlugin.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll

FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

FF - ExtSQL: 2013-05-19 14:05; ascsurfingprotection@iobit.com; C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\extensions\ascsurfingprotection@iobit.com

FF - ExtSQL: 2013-05-19 16:19; mozilla_cc@internetdownloadmanager.com; C:\Users\DP\AppData\Roaming\IDM\idmmzcc5

FF - ExtSQL: 2013-05-19 19:07; web2pdfextension@web2pdf.adobedotcom; C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn

FF - ExtSQL: 2013-06-04 11:30; {EEE6C361-6118-11DC-9C72-001320C79847}; C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi

FF - ExtSQL: 2013-06-08 11:16; videosaver@videosaver.net; C:\Program Files (x86)\VideoSaver\FF

FF - ExtSQL: 2013-06-14 01:28; wecarereminder@bryan; C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\extensions\wecarereminder@bryan

.

============= SERVICES / DRIVERS ===============

.

R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-5-19 65336]

R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-5-19 189936]

R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2013-5-19 17720]

R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-5-19 1025808]

R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-5-19 378432]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-8-13 283200]

R1 PStrip64;PStrip64;C:\Windows\System32\drivers\pstrip64.sys [2011-11-15 13008]

R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-5-19 574272]

R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-11-25 89600]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-6-2 204288]

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-3-1 659976]

R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-5-19 33400]

R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-5-19 80816]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-19 46808]

R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]

R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]

R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-3-8 135952]

R2 CronService;Cron Service for Prey;C:\HPTools\platform\windows\cronsvc.exe [2013-5-8 23552]

R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]

R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-2-17 265544]

R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]

R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]

R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-27 30520]

R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-7-11 26680]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-9-5 13592]

R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-11-25 2413056]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-28 418376]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-2-24 701512]

R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\nlssrv32.exe [2013-5-19 71280]

R2 RadeonPro Support Service;RadeonPro Support Service;C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [2012-7-20 12800]

R2 RosettaStoneDaemon;RosettaStoneDaemon;C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [2011-3-31 1646056]

R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]

R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-5-19 3574624]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-9-5 2656280]

R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-4-17 2671376]

R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2012-3-1 195584]

R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]

R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-8-29 53760]

R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-10-10 288768]

R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]

R3 hpCMSrv;HP Connection Manager 4.0 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-2-15 1071160]

R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-10-11 59904]

R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-9-5 317440]

R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2012-6-2 12289472]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-2-24 25928]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-11-25 91648]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-11-25 208896]

R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-9-5 338536]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-9-5 428136]

R3 wdkmd;Intel WiDi KMD;C:\Windows\System32\drivers\WDKMD.sys [2011-2-16 42392]

S2 CLKMSVC10_38F51D56;CyberLink Product - 2012/01/16 22:34:22;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-2-24 241648]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]

S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2012-3-1 195584]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 hidusbf;USB Mouse Rate Adjuster Lower Filter by SweetLow;C:\Windows\System32\drivers\hidusbf.sys [2006-11-8 4096]

S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-4-17 273168]

S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]

S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]

S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]

S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]

S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-10-15 1255736]

S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2013-5-19 14544]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== File Associations ===============

.

FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"

ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"

.

=============== Created Last 30 ================

.

2013-06-13 19:41:56 -------- d-----w- C:\ProgramData\MAGIX

2013-06-13 19:41:55 -------- d-----w- C:\Users\DP\AppData\Roaming\MAGIX

2013-06-13 19:40:57 -------- d-----w- C:\Users\DP\AppData\Local\Xara

2013-06-13 19:40:29 -------- d-----w- C:\ProgramData\Xara

2013-06-13 19:40:29 -------- d-----w- C:\Program Files (x86)\Xara

2013-06-12 19:49:51 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-06-07 06:56:53 -------- d-----w- C:\Windows\Downloaded Installations

2013-06-04 18:30:26 -------- d-----w- C:\Program Files (x86)\pazera-software

2013-06-04 18:24:52 -------- d-----w- C:\Program Files (x86)\MyPC Backup

2013-06-04 18:24:42 33958 ----a-w- C:\ProgramData\uninstaller.exe

2013-06-04 18:23:44 -------- d--h--w- C:\ProgramData\Common Files

2013-05-22 15:21:06 4325376 ----a-w- C:\ProgramData\ReadOnlyInstaller.msi

2013-05-20 04:13:49 26432 ----a-w- C:\Windows\System32\RegistryDefragBootTime.exe

2013-05-20 03:46:07 -------- d-----w- C:\Users\DP\AppData\Local\Business Plan Pro Samples

2013-05-20 03:43:27 -------- d-----w- C:\Users\DP\AppData\Local\IsolatedStorage

2013-05-20 03:41:58 -------- d-----w- C:\ProgramData\IsolatedStorage

2013-05-20 03:41:52 -------- d-----w- C:\Users\DP\AppData\Roaming\bppenu11

2013-05-20 03:41:52 -------- d-----w- C:\Users\DP\AppData\Local\Palo_Alto_Software

2013-05-20 03:39:23 -------- d-----w- C:\Program Files (x86)\Business Plan Pro

2013-05-20 03:38:00 -------- d-----w- C:\Users\DP\AppData\Local\Downloaded Installations

2013-05-20 03:35:26 453632 ----a-w- C:\Windows\SysWow64\stdvcl40.dll

2013-05-20 03:35:25 -------- d-----w- C:\Users\DP\AppData\Local\Web CEO

2013-05-20 03:11:22 29 ----a-w- C:\Windows\SysWow64\TempWmicBatchFile.bat

2013-05-20 03:10:16 -------- d-----w- C:\HPTools

2013-05-20 02:53:45 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-05-20 02:51:30 -------- d-----w- C:\Program Files\Microsoft Mathematics Add-in

2013-05-20 02:49:55 -------- d-----w- C:\Program Files\Microsoft Mathematics

2013-05-20 02:39:26 -------- d-----w- C:\Users\DP\AppData\Roaming\QFX Software

2013-05-20 02:39:26 -------- d-----w- C:\ProgramData\QFX Software

2013-05-20 02:07:14 -------- d-----w- C:\Users\DP\AppData\Local\TechSmith

2013-05-20 02:03:53 -------- d-----w- C:\Users\DP\AppData\Roaming\TechSmith

2013-05-20 01:58:16 -------- d-----w- C:\Program Files (x86)\Common Files\TechSmith Shared

2013-05-20 01:56:17 -------- d-----w- C:\ProgramData\ALM

2013-05-20 01:53:56 -------- d-----w- C:\Users\DP\AppData\Roaming\WinWay

2013-05-20 01:52:51 -------- d-----w- C:\Program Files (x86)\WinWay Resume

2013-05-20 01:46:49 -------- d-----w- C:\Program Files (x86)\Portable

2013-05-20 01:36:39 -------- d-----w- C:\Users\DP\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

2013-05-20 01:26:40 -------- d-----w- C:\Users\DP\AppData\Local\WinZip

2013-05-20 01:23:07 -------- d-----w- C:\ProgramData\Nalpeiron

2013-05-20 01:22:16 -------- d-----w- C:\Users\DP\AppData\Roaming\onOne Software

2013-05-20 01:19:44 71280 ----a-w- C:\Windows\SysWow64\nlssrv32.exe

2013-05-20 01:19:44 -------- d-----w- C:\Program Files\onOne Software

2013-05-20 01:19:41 71280 ----a-w- C:\Windows\System32\nlssrv32.exe

2013-05-20 01:19:41 -------- d-----w- C:\Windows\SysWow64\spool

2013-05-20 01:19:41 -------- d-----w- C:\Program Files (x86)\onOne Software

2013-05-20 01:19:27 -------- d-----w- C:\ProgramData\onOne Software

2013-05-20 01:12:32 -------- d-----w- C:\Program Files\1-click run

2013-05-20 01:08:20 -------- d-----w- C:\ProgramData\Individual Software

2013-05-20 01:08:20 -------- d-----w- C:\Program Files (x86)\Individual Software

2013-05-20 01:00:46 -------- dc-h--w- C:\ProgramData\{70E22094-D034-40C3-89F7-AA970A0C0232}

2013-05-20 00:59:36 -------- d-----w- C:\Program Files (x86)\Vertus Fluid Mask 3

2013-05-20 00:41:57 -------- d-----w- C:\Windows\AutoKMS

2013-05-20 00:33:00 -------- d-----w- C:\Program Files\Microsoft Synchronization Services

2013-05-20 00:31:33 -------- d-----w- C:\Windows\PCHEALTH

2013-05-20 00:31:33 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition

2013-05-20 00:30:00 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8

2013-05-20 00:29:14 -------- d-----w- C:\Program Files\Microsoft Analysis Services

2013-05-20 00:29:14 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services

2013-05-20 00:29:05 -------- d-----w- C:\Windows\SHELLNEW

2013-05-20 00:28:40 -------- d-----w- C:\Users\DP\AppData\Local\Microsoft Help

2013-05-20 00:21:37 -------- d-----w- C:\Users\DP\AppData\Roaming\TeamViewer

2013-05-20 00:13:33 -------- d-----w- C:\ProgramData\CrypKey

2013-05-20 00:12:07 30272 ----a-w- C:\Windows\System32\Ckldrv.sys

2013-05-20 00:12:07 165888 ----a-r- C:\Windows\Ckconfig.exe

2013-05-20 00:12:07 126976 ----a-w- C:\Windows\System32\Crypserv.exe

2013-05-20 00:11:58 -------- d-----w- C:\ProgramData\AceReader Pro Deluxe Plus

2013-05-20 00:11:58 -------- d-----w- C:\Program Files (x86)\AceReader Pro Deluxe Plus

2013-05-19 23:33:11 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys

2013-05-19 23:33:10 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys

2013-05-19 23:27:02 -------- d-----w- C:\Program Files (x86)\VideoLAN

2013-05-19 23:26:31 -------- d-----w- C:\Program Files (x86)\Combined Community Codec Pack

2013-05-19 23:19:18 -------- d-----w- C:\Users\DP\AppData\Roaming\DMCache

2013-05-19 23:19:18 -------- d-----w- C:\ProgramData\IDM

2013-05-19 23:19:13 -------- d-----w- C:\Program Files (x86)\Internet Download Manager

2013-05-19 23:06:19 32600 ----a-w- C:\Windows\System32\SmartDefragBootTime.exe

2013-05-19 23:06:10 17720 ----a-w- C:\Windows\System32\drivers\SmartDefragDriver.sys

2013-05-19 22:53:31 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

2013-05-19 22:53:29 1025808 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2013-05-19 22:53:23 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2013-05-19 22:52:55 41664 ----a-w- C:\Windows\avastSS.scr

2013-05-19 22:52:46 -------- d-----w- C:\ProgramData\AVAST Software

2013-05-19 22:52:46 -------- d-----w- C:\Program Files\AVAST Software

2013-05-19 22:50:50 -------- d-----w- C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}

2013-05-19 22:50:47 -------- d-----w- C:\ProgramData\{BDDB56DE-AE4E-48A2-B856-FB60C8498453}

2013-05-19 22:50:20 -------- d-----w- C:\Users\DP\AppData\Roaming\IObit

2013-05-19 22:50:16 -------- d-----w- C:\ProgramData\IObit

2013-05-19 22:50:16 -------- d-----w- C:\Program Files (x86)\IObit

2013-05-19 22:13:49 -------- d-----w- C:\Users\DP\AppData\Roaming\uTorrent

2013-05-19 22:07:00 -------- d-----w- C:\Program Files (x86)\TeamViewer

2013-05-19 08:55:49 -------- d-----w- C:\Users\DP\AppData\Roaming\com.adobe.WidgetBrowser

2013-05-19 03:26:07 -------- d-----w- C:\Users\DP\AppData\Roaming\PDAppFlex

2013-05-16 06:14:57 737072 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll

2013-05-16 06:14:18 2876528 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll

2013-05-16 06:13:48 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll

2013-05-16 06:13:44 539984 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

.

==================== Find3M ====================

.

2013-06-12 21:09:10 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-06-12 21:09:10 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-05-20 02:53:36 866720 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll

2013-05-20 02:53:36 788896 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-05-17 03:09:56 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2013-05-17 03:02:29 1392128 ----a-w- C:\Windows\System32\wininet.dll

2013-05-17 03:01:13 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2013-05-17 02:56:09 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-05-17 02:56:00 599040 ----a-w- C:\Windows\System32\vbscript.dll

2013-05-17 02:51:27 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2013-05-16 22:39:39 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-05-16 22:28:26 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-05-16 22:27:30 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2013-05-16 22:21:37 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2013-05-16 22:20:30 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2013-05-16 22:16:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll

2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll

2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll

2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll

2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe

2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe

2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll

2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll

2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll

2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll

2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll

2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll

2013-04-17 07:02:06 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll

2013-04-17 06:24:46 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll

2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll

2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll

2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll

2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll

2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys

2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys

2013-04-04 21:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-03-31 22:52:16 1887232 ----a-w- C:\Windows\System32\d3d11.dll

2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-03-19 05:53:58 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll

2013-03-19 05:53:58 230400 ----a-w- C:\Windows\System32\wwansvc.dll

2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll

2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll

2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe

.

============= FINISH: 14:27:54.19 ===============

Link to post
Share on other sites

##########################

ROGUE KILLER REPORT

##########################

RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : DP [Admin rights]

Mode : Scan -- Date : 06/14/2013 14:35:02

| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

::1 localhost #[iPv6]

127.0.0.1 fr.a2dfp.net

127.0.0.1 m.fr.a2dfp.net

127.0.0.1 ad.a8.net

127.0.0.1 asy.a8ww.net

127.0.0.1 abcstats.com

127.0.0.1 a.abv.bg

127.0.0.1 adserver.abv.bg

127.0.0.1 adv.abv.bg

127.0.0.1 bimg.abv.bg

127.0.0.1 ca.abv.bg

127.0.0.1 www2.a-counter.kiev.ua

127.0.0.1 track.acclaimnetwork.com

127.0.0.1 accuserveadsystem.com

127.0.0.1 www.accuserveadsystem.com

127.0.0.1 achmedia.com

127.0.0.1 csh.actiondesk.com

127.0.0.1 www.activemeter.com #[Tracking.Cookie]

127.0.0.1 ads.activepower.net

[...]

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK1059GSM +++++

--- User ---

[MBR] 3df9bb0eb4101d9d8825ee7f7d8eaec8

[bSP] 139f9342507d5f69d78b8d4d1cc64ad7 : Windows 7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 938710 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1922887680 | Size: 14856 Mo

3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1953312768 | Size: 102 Mo

User = LL1 ... OK!

User != LL2 ... KO!

--- LL2 ---

[MBR] e9db50b585bb6053fe928f1845a2075a

[bSP] 139f9342507d5f69d78b8d4d1cc64ad7 : Windows 7/8 MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 77824 Mo

1 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 159793152 | Size: 400 Mo

Finished : << RKreport[1]_S_06142013_02d1435.txt >>

RKreport[1]_S_06142013_02d1435.txt

Link to post
Share on other sites

This is still in the log, AdwCleaner should have deleted it:

SweetIM Toolbar for Firefox

http://www.systemloo...C79847_xpi.html

FF - ExtSQL: 2013-06-04 11:30; {EEE6C361-6118-11DC-9C72-001320C79847}; C:\Users\DP\AppData\Roaming\Mozilla\Firefox\Profiles\y4ft3z1m.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi

Grab a fresh copy of AdwCleaner and run it again, see if it picks it up this time.

MrC

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.