Need to get rid of this virus //WindowsCaptcha Run Dll Made by this Bill103.exe

[mafriend]

Please help me get rid of //WindowsCaptcha Run Dll Made by this Bill103.exe

 

Logs:

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Professional 

Boot Device: \Device\HarddiskVolume2

Install Date: 12/22/2009 6:24:07 PM

System Uptime: 8/29/2013 9:35:14 AM (25 hours ago)

.

Motherboard: Dell Inc. |  | 0G848F

Processor: Intel® Core2 Duo CPU     T6400  @ 2.00GHz | Microprocessor | 1200/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 293 GiB total, 101.329 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP1091: 8/23/2013 4:29:02 AM - Scheduled Checkpoint

RP1092: 8/29/2013 7:42:19 AM - Windows Update

RP1093: 8/29/2013 8:58:44 AM - Garmin Express

RP1094: 8/29/2013 9:03:23 AM - Garmin Express

RP1095: 8/29/2013 3:00:34 PM - Garmin Express

.

==== Installed Programs ======================

.

Acrobat.com

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Reader XI (11.0.03)

Adobe Shockwave Player 11.6

Akamai NetSession Interface

Akamai NetSession Interface Service

Amazon Add to Wish List IE Extension 1.2

Amazon Kindle

Amazon MP3 Downloader 1.0.12

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Audacity 1.2.6

AudioPerformer

avast! Internet Security

AVS Audio Converter version 6.2

AVS Audio Recorder version 4.0

AVS Update Manager 1.0

AVS4YOU Software Navigator 1.4

Belarc Advisor 8.2

Bing Desktop

BlackBerry Desktop Software 7.1

BlackBerry Device Software Updater

Bonjour

BounceBack Ultimate

CAM UnZip 4.5

CANON iMAGE GATEWAY Task for ZoomBrowser EX

Canon Inkjet Printer Driver Add-On Module

Canon MF4600 Series

Canon MOV Encoder

Canon MovieEdit Task for ZoomBrowser EX

Canon Utilities CameraWindow DC 8

Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX

Canon Utilities ZoomBrowser EX

Canon ZoomBrowser EX Memory Card Utility

Carbonite

CCleaner

CDBurnerXP

Cisco WebEx Meetings

Citrix Online Launcher

ClipMate 7

Compatibility Pack for the 2007 Office system

CraigsList Reader Pro by CraigsPal 4.7.7

Dashlane

Data Lifeguard Diagnostic for Windows 1.22

Dell Driver Download Manager

Dell System Detect

DFX

DFX for RealPlayer

DisplayLink Core Software

DisplayLink Graphics

Download Updater (AOL LLC)

Dropbox

Duplicate Cleaner 2.1b

DVD Shrink 3.2

EaseUS Todo Backup Free 5.3

Elevated Installer

Express Burn

Express Dictate

FastFox

File Type Assistant

FlipShare

Free CD to MP3 Converter

Free Mp3 Wma Converter V 1.9

Free Sound Recorder v9.2.7

FreeRIP v3.61

FreeSoundRecorder Toolbar

Garmin City Navigator North America NT 2012.10 Update

Garmin Communicator Plugin

Garmin Communicator Plugin x64

Garmin Express

Garmin Express Tray

Garmin Lifetime Updater

Garmin Update Service

Garmin USB Drivers

Garmin WebUpdater

GIMP 2.8.0

GoodSync

Google Chrome

Google Drive

Google Earth

Google Earth Free Download Packages

Google Toolbar for Internet Explorer

Google Update Helper

GoToAssist Corporate

GoToMeeting 5.5.0.1132

GreenPrint

Hamster Free EbookConverter

HitmanPro 3.7

iCloud

InstallIQ Updater

Intel® Rapid Storage Technology

Internet TV for Windows Media Center

iolo technologies' System Mechanic Professional

iPrint

Itibiti RTC

iTunes

iTunes Free Download Packages

IZArc 4.1.1

Java 7 Update 25

Java 7 Update 25 (64-bit)

Java Auto Updater

Java 6 Update 45

Java 6 Update 45 (64-bit)

JBidwatcher 2.5.2

JBidwatcher 2.5.3pre3

Jewish Time 9

K-Lite Codec Pack 7.9.0 (Full)

LAME v3.98.3 for Audacity

Malwarebytes Anti-Malware version 1.75.0.1300

Max Recorder

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Antimalware

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Office 64-bit Components 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Standard 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319

MobileMe Control Panel

Mozilla Firefox 20.0.1 (x86 en-US)

Mozilla Firefox 21.0 (x86 en-US)

Mozilla Maintenance Service

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 Parser and SDK

NCH Toolbox

Nero Burning ROM 10

Nero BurningROM 10 Help (CHM)

Nero BurnLite 10

Nero BurnRights 10

Nero BurnRights 10 Help (CHM)

Nero Control Center 10

Nero ControlCenter 10 Help (CHM)

Nero Core Components 10

Nero Update

Parrot Software Update Tool

PDF-Viewer

PDF-XChange 2012 Pro

Picasa 3

Pixillion Image Converter

Prism Video File Converter

QuickTime

RealConverter Free Download Packages

RealDownloader

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

Realtek USB 2.0 Card Reader

RealUpgrade 1.1

Revo Uninstaller 1.94

RoboForm 7-9-0-0 (All Users)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition 

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition 

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition 

Skype™ 6.0

SoundTap Streaming Audio Recorder

Switch Sound File Converter

swMSM

Synaptics Pointing Device Driver

System Mechanic 11 Professional

TouchFreeze

TreeSize Free V2.7

Type Pilot

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2836939)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

VC80CRTRedist - 8.0.50727.6195

VideoPad Video Editor

VideoPerformer

VLC media player 2.0.7

vShare Plugin

WavePad Sound Editor

WD SmartWare

Winamp

Winamp Detector Plug-in

Winamp Toolbar

Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0)

Windows Media Center Add-in for Flash

Windows Media Player Firefox Plugin

.

==== Event Viewer Messages From Past Week ========

.

8/30/2013 6:26:39 AM, Error: Virtual Disk Service [9]  - Unexpected provider failure. Restarting the service may fix the problem. Error code: 8007001F@02000014

8/29/2013 9:39:36 AM, Error: Service Control Manager [7023]  - The Microsoft Antimalware Service service terminated with the following error:  %%-2147017840

8/29/2013 9:37:59 AM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

8/29/2013 9:37:42 AM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  FileDisk

8/29/2013 9:36:23 AM, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.   Feature: Network Inspection System   Error Code: 0x80070422   Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.   Reason: The system is missing updates that are required for running Network Inspection System.  Install the required updates and restart the computer.

8/29/2013 7:31:00 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the CarboniteService service, but this action failed with the following error:  An instance of the service is already running.

8/29/2013 7:30:00 PM, Error: Service Control Manager [7031]  - The CarboniteService service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

8/29/2013 7:29:17 AM, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.   Feature: Network Inspection System   Error Code: 0x80070422   Error description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.   Reason: The system is missing updates that are required for running Network Inspection System.  Install the required updates and restart the computer.

8/23/2013 3:23:01 AM, Error: volsnap [36]  - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

.

==== End Of File ===========================

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 10.0.9200.16660  BrowserJavaVersion: 10.25.2

Run by Michael at 10:51:22 on 2013-08-30

Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.4056.1127 [GMT -7:00]

.

AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: avast! Internet Security *Enabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files\HitmanPro\hmpsched.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Program Files\AVAST Software\Avast\afwServ.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\SysWOW64\svchost.exe -k Akamai

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\CMS Products\BounceBack Ultimate\BBWatcherService.exe

C:\Program Files (x86)\CMS Products\BounceBack Ultimate\CMSITService.exe

C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskhost.exe

C:\Windows\Explorer.EXE

C:\Program Files\GreenPrint\GPSRHT01.exe

C:\Program Files\GreenPrint\GPSRDG01.exe

C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe

C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe

C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe

C:\Users\Michael\AppData\Local\Akamai\netsession_win.exe

C:\Users\Michael\AppData\Local\Akamai\netsession_win.exe

C:\Program Files (x86)\ClipMate7\ClipMate.exe

C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe

C:\Users\Michael\AppData\Local\Programs\TouchFreeze\TouchFreeze.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Windows\System32\vds.exe

C:\Program Files (x86)\Winamp\winampa.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe

C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe

C:\Program Files (x86)\NCH Software\FastFox\fastfox.exe

C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

C:\Program Files (x86)\DFX\DFX.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\NCH Software\FastFox\fastfox64.exe

C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe

C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE

C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe

C:\Windows\SysWOW64\ctfmon.exe

C:\Program Files\AVAST Software\Avast\sfzone\SafeZoneBrowser.exe

C:\Program Files\AVAST Software\Avast\sfzone\SafeZoneBrowser.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files (x86)\Google\Picasa3\Picasa3.exe

C:\Windows\system32\vssvc.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Program Files (x86)\Real\realplayer\update\realsched.exe

C:\Windows\explorer.exe

C:\Users\Michael\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Michael\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Michael\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Michael\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Michael\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Michael\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Michael\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Michael\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Michael\AppData\Roaming\Dashlane\Dashlane.exe

C:\Windows\splwow64.exe

C:\Windows\SysWOW64\ctfmon.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uWindow Title = Internet Explorer, optimized for Bing and MSN

mURLSearchHooks: FreeSoundRecorder Toolbar: {32b29df0-2237-4370-9a29-37cebb730e9b} - C:\Program Files (x86)\FreeSoundRecorder\prxtbFree.dll

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: Winamp Toolbar Loader: {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll

BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

BHO: FreeSoundRecorder Toolbar: {32b29df0-2237-4370-9a29-37cebb730e9b} - C:\Program Files (x86)\FreeSoundRecorder\prxtbFree.dll

BHO: Dashlane BHO: {42D79B50-CC4A-4A8E-860F-BE674AF053A2} - C:\Users\Michael\AppData\Roaming\Dashlane\ie\Dashlanei.dll

BHO: PDFXChange 2012: {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll

BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - <orphaned>

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB: Winamp Toolbar: {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll

TB: &RoboForm Toolbar: {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

TB: Winamp Toolbar: {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll

TB: FreeSoundRecorder Toolbar: {32b29df0-2237-4370-9a29-37cebb730e9b} - C:\Program Files (x86)\FreeSoundRecorder\prxtbFree.dll

TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

TB: PDFXChange 2012: {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll

TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

TB: Dashlane Toolbar: {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\Michael\AppData\Roaming\Dashlane\ie\KWIEBar.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>

EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>

uRun: [Google Update] "C:\Users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [Akamai NetSession Interface] "C:\Users\Michael\AppData\Local\Akamai\netsession_win.exe"

uRun: [ClipMate7] C:\Program Files (x86)\ClipMate7\ClipMate.exe

uRun: [Garmin Lifetime Updater] C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized

uRun: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

uRun: [Dashlane] "C:\Users\Michael\AppData\Roaming\Dashlane\Dashlane.exe" autoLaunchAtStartup

uRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"

uRun: [TouchFreeze] C:\Users\Michael\AppData\Local\Programs\TouchFreeze\TouchFreeze.exe

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"

mRun: [Carbonite Backup] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe

mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun: [EaseUs Watch] "C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe"

mRun: [EaseUs Tray] "C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [FastFox] "C:\Program Files (x86)\NCH Software\FastFox\fastfox.exe" -logon

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [Garmin Lifetime Updater] C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized

mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe

mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [DFX] C:\Program Files (x86)\DFX\DFX.exe -startup

mRun: [TkBellExe] "C:\Program Files (x86)\Real\realplayer\update\realsched.exe"  -osboot

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRunOnce: [sMRequiresRestart] <no file>

StartupFolder: C:\Users\Michael\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\CRAIGS~1.LNK - C:\Program Files (x86)\CraigsList Reader Pro by CraigsPal\craigspal-memb-run-auto.exe

StartupFolder: C:\Users\Michael\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200

IE: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html

IE: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html

IE: RoboForm TaskBar Icon - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComTaskBarIcon.html

IE: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html

IE: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

IE: {320AF880-6646-11D3-ABEE-C5DBF3571F51} - {320AF880-6646-11D3-ABEE-C5DBF3571F51} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

IE: {76c5fb99-dd0a-4186-9e75-65d1bf3da283} - C:\Program Files (x86)\Amazon\Add to Wish List IE Extension\run.htm

Trusted Zone: dell.com

TCP: Interfaces\{F3E89B71-A2D8-446B-A43A-0A8C48B49F43}\24F696E676F60284F6473707F647 : DHCPNameServer = 4.2.2.1

TCP: Interfaces\{F3E89B71-A2D8-446B-A43A-0A8C48B49F43}\35167696474716D23356D656025447167656 : DHCPNameServer = 195.186.1.162 195.186.4.162

TCP: Interfaces\{F3E89B71-A2D8-446B-A43A-0A8C48B49F43}\76F676F696E666C696768647 : DHCPNameServer = 172.19.134.2

TCP: Interfaces\{F3E89B71-A2D8-446B-A43A-0A8C48B49F43}\D49636861656C60264279656E646F5548545 : DHCPNameServer = 75.75.75.75 75.75.76.76

TCP: Interfaces\{F3E89B71-A2D8-446B-A43A-0A8C48B49F43}\D49636861656C664279656E646 : DHCPNameServer = 75.75.75.75 75.75.76.76

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - <orphaned>

Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files (x86)\vShare\vshare_toolbar.dll

SSODL: WebCheck - <orphaned>

x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll

x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - <orphaned>

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-TB: &ClipMate ClipBar v7.5: {F60C63CE-52AF-4915-AAC9-F100FCDE270F} - C:\Program Files (x86)\ClipMate7\ClipMateDeskBand.dll

x64-TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll

x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll

x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll

x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F51} - {320AF880-6646-11D3-ABEE-C5DBF3571F51} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll

x64-IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll

x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - <orphaned>

x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>

x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>

x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - <orphaned>

x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\615\G2AWinLogon_x64.dll

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\7m1ri5ku.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll

FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll

FF - plugin: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

FF - plugin: C:\Users\Michael\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: C:\Users\Michael\AppData\Roaming\Mozilla\plugins\np-mswmp.dll

FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(network.protocol-handler.warn-external.dnupdate, false

FF - user.js: browser.sessionstore.resume_from_crash - false

FF - user.js: extentions.webcake.installId - 4ca1fa77-1709-4dfe-839d-aa4f144e179a

FF - user.js: extentions.webcake.defaultEnableAppsList - layers,brain/features,newOffers/wc

.

============= SERVICES / DRIVERS ===============

.

R0 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2012-11-25 22600]

R0 aswNdis;avast! Firewall NDIS Filter Service;C:\Windows\System32\drivers\aswNdis.sys [2012-12-21 12368]

R0 aswNdis2;avast! Firewall Core Firewall Service;C:\Windows\System32\drivers\aswNdis2.sys [2012-12-21 270824]

R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-13 65336]

R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-3-13 189936]

R0 dlkmdldr;dlkmdldr;C:\Windows\System32\drivers\dlkmdldr.sys [2011-1-11 13936]

R0 EUBAKUP;EUBAKUP;C:\Windows\System32\drivers\eubakup.sys [2012-11-26 58952]

R0 EUBKMON;EUBKMON;C:\Windows\System32\drivers\EUBKMON.sys [2012-11-26 48200]

R1 aswFW;avast! TDI Firewall driver;C:\Windows\System32\drivers\aswFW.sys [2012-12-21 131232]

R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-11-25 1030952]

R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-11-25 378944]

R1 ElRawDisk;ElRawDisk;C:\Windows\System32\drivers\ElRawDsk.sys [2012-5-21 31432]

R1 EUDSKACS;EUDSKACS;C:\Windows\System32\drivers\eudskacs.sys [2012-11-26 18504]

R1 EUFDDISK;EUFDDISK;C:\Windows\System32\drivers\EuFdDisk.sys [2012-11-26 189000]

R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2009-6-18 189440]

R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 27136]

R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-11-25 33400]

R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-11-25 80816]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-19 46808]

R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2013-5-19 137960]

R2 BBWatcherService;BBWatcherService;C:\Program Files (x86)\CMS Products\BounceBack Ultimate\BBWatcherService.exe [2010-4-27 57344]

R2 CMSITService;BounceBack ITConsole Service;C:\Program Files (x86)\CMS Products\BounceBack Ultimate\CMSITService.exe [2010-4-27 40960]

R2 EaseUS Agent;EaseUS Agent Service;C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [2012-11-26 69192]

R2 PDFsFilter;PDFsFilter;C:\Windows\System32\drivers\PDFsFilter.sys [2012-8-1 82160]

R3 DFX11_1;DFX Audio Enhancer 11.1;C:\Windows\System32\drivers\dfx11_1x64.sys [2012-12-13 28008]

R3 dlkmd;dlkmd;C:\Windows\System32\drivers\dlkmd.sys [2011-1-11 194672]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-4-10 25928]

R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\System32\drivers\MpNWMon.sys [2009-6-18 40832]

R3 NCHVSC64;SoundTap Recorder (64 Bit);C:\Windows\System32\drivers\nchvsc64.sys [2010-1-20 58936]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2013-4-4 215552]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-9-28 395264]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 DisplayLinkUsbPort;DisplayLink USB Device;C:\Windows\System32\drivers\DisplayLinkUsbPort_5.3.25973.0.sys [2011-1-11 17408]

S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\System32\drivers\ivusb.sys [2009-7-24 29720]

S3 libusb0;LibUsb-Win32 - Kernel Driver 09/17/2010, 1.2.1.0;C:\Windows\System32\drivers\libusb0.sys [2010-11-6 42944]

S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 84864]

S3 optousb;OPTO ELECTRONICS optousb;C:\Windows\System32\drivers\optousb.sys [2010-3-24 27264]

S3 optovcm;OPTO ELECTRONICS optovcm;C:\Windows\System32\drivers\optovcm.sys [2010-3-24 34304]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-7 59392]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]

S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2009-2-13 14464]

S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]

S4 BingDesktopUpdate;Bing Desktop Update service;C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [2012-3-30 151656]

S4 DisplayLinkService;DisplayLinkManager;C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [2010-6-29 9369448]

.

=============== File Associations ===============

.

FileExt: .vbe: VBEFile=NOTEPAD.EXE "%1"

FileExt: .vbs: VBSFile=NOTEPAD.EXE "%1"

FileExt: .js: JSFile=NOTEPAD.EXE "%1"

FileExt: .jse: JSEFile=NOTEPAD.EXE "%1"

FileExt: .wsf: WSFFile=NOTEPAD.EXE "%1"

ShellExec: switch.exe: open="C:\Program Files (x86)\NCH Software\Switch\switch" "%L"

.

=============== Created Last 30 ================

.

2013-08-30 17:45:37 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8F327F63-812B-4684-B0EF-9545BF570EDC}\offreg.dll

2013-08-30 10:36:41 9515512 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8F327F63-812B-4684-B0EF-9545BF570EDC}\mpengine.dll

2013-08-15 03:10:12 -------- d-----w- C:\Windows\System32\MRT

2013-08-14 22:35:24 -------- d-----w- C:\Program Files\HitmanPro

2013-08-14 22:35:08 -------- d-----w- C:\ProgramData\HitmanPro

2013-08-14 22:22:43 3153920 ----a-w- C:\Windows\System32\win32k.sys

2013-08-14 22:22:36 1472512 ----a-w- C:\Windows\System32\crypt32.dll

2013-08-14 22:22:35 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll

2013-08-14 22:22:34 224256 ----a-w- C:\Windows\System32\wintrust.dll

2013-08-14 22:22:34 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll

2013-08-14 22:22:33 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2013-08-14 22:22:32 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2013-08-14 22:22:30 139776 ----a-w- C:\Windows\System32\cryptnet.dll

2013-08-14 22:22:30 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2013-08-14 22:20:31 624128 ----a-w- C:\Windows\System32\qedit.dll

2013-08-14 22:20:30 509440 ----a-w- C:\Windows\SysWow64\qedit.dll

2013-08-14 22:20:21 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2013-08-14 22:20:19 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2013-08-14 22:20:18 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-08-14 22:20:17 1732032 ----a-w- C:\Windows\System32\ntdll.dll

2013-08-14 22:20:16 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll

2013-08-14 22:20:15 243712 ----a-w- C:\Windows\System32\wow64.dll

2013-08-14 22:20:12 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2013-08-14 22:20:05 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2013-08-14 22:20:05 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2013-08-14 22:20:05 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2013-08-14 22:20:04 2048 ----a-w- C:\Windows\SysWow64\user.exe

2013-08-14 22:19:44 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-08-14 22:12:37 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL

2013-08-14 22:12:37 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll

2013-08-14 22:12:36 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll

2013-08-14 22:12:35 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll

2013-08-14 22:12:34 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll

2013-08-14 22:12:28 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys

2013-08-14 21:14:24 -------- d-----w- C:\Program Files (x86)\GUM56C6.tmp

2013-08-14 21:14:22 -------- d-----w- C:\Program Files (x86)\GUM51F6.tmp

.

==================== Find3M  ====================

.

2013-08-16 14:04:41 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-08-16 14:04:41 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll

2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll

2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll

2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll

2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb

2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll

2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-07-26 02:39:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe

2013-07-26 01:59:38 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe

2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL

2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL

2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll

2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll

2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll

2013-07-09 04:45:07 44032 ----a-w- C:\Windows\apppatch\acwow64.dll

2013-07-02 13:28:42 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-07-02 13:28:39 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-07-02 13:28:39 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-07-02 13:18:59 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll

2013-07-02 13:18:49 972712 ----a-w- C:\Windows\System32\deployJava1.dll

2013-07-02 13:18:49 1093032 ----a-w- C:\Windows\System32\npdeployJava1.dll

2013-07-02 13:03:03 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll

2013-07-02 13:03:03 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll

2013-07-02 03:27:15 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-06-27 20:52:21 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys

2013-06-27 20:52:21 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

.

============= FINISH: 10:52:49.39 ===============

 

 

[Maniac]

Hello mafriend and ! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

• If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
• I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
• Make sure you read all of the instructions and fixes thoroughly before continuing with them.
• Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
• Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
• Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Step 1

Please uninstall the following applications:

FreeSoundRecorder Toolbar

vShare Plugin

Winamp Toolbar

Step 2

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

Step 3

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on AdwCleaner.exe to run the tool.
• Click on Clean.
• Confirm each time with Ok.
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the content of that logfile with your next answer.
• You can find the logfile at C:\AdwCleaner[s1].txt as well.

Step 4

• Launch Malwarebytes' Anti-Malware
• Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
• Go to Scanner tab and select Perform Quick Scan, then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

• Junkware Removal Tool log
• AdwCleaner log
• Malwarebytes' Anti-Malware log

[LDTate]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!