[[Template core/front/global/favico is throwing an error. This theme may be out of date. Run the support tool in the AdminCP to restore the default theme.]] Jump to content

PUP.OPTIONAL.SMARTBAR can't be removed.


rudydieci

Recommended Posts

hello, I hope you can help me with this problem;  I have read the topic posted on august 10, 2013 named "PUP.Optional never removed" and wonder whether I could follow the same procedure suggested there and Post the results. It's more than one month that I have tried to get rid of it but when I run the scan after a few days the Malware appears again.  Thank you for any help you can provide.  Rudy 

Link to post
Share on other sites

Hello Rudy and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Please follow the instructions here and then post the log files in your next reply.

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites

Hello Borislav, thanks so much for your availability.  I have unistalled utorrent and I don't think there are any other similar program in my computer.  These are the two logs:

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16506  BrowserJavaVersion: 10.25.2
Run by rudy at 20:57:36 on 2013-09-26
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.39.1040.18.3069.1579 [GMT 2:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Windows\system32\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\STacSV.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conime.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_8_800_175_ActiveX.exe
C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.

uWindow Title = Internet Explorer fornito da Dell
uSearch Bar = Preserve

uURLSearchHooks: {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - <orphaned>
dURLSearchHooks: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - <orphaned>
dURLSearchHooks: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - <orphaned>
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Aimersoft Video Converter Ultimate: {54F73992-6549-4369-9A0D-84FD310A464A} - c:\program files\aimersoft\video converter ultimate\SVRIEPlugin.dll
BHO: {6D023EBF-70B8-45A6-9ED5-556515FA0FE4} - <orphaned>
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\dell\bae\BAE.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [sigmatelSysTrayApp] c:\program files\sigmatel\c-major audio\wdm\sttray.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start
mRun: [browserPlugInHelper] c:\program files\aimersoft\video converter ultimate\BrowserPlugInHelper.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:221
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-Explorer: NoResolveTrack = dword:1
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-Explorer: NoDriveAutorun = dword:0
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre7\bin\jp2iexp.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.





TCP: NameServer = 192.168.1.1
TCP: Interfaces\{237F57E0-A3A6-499D-8B0E-18AA589254EA} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{4AFD4609-F47A-47AF-92F6-01FF3EB7706E} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{5624BEEE-17E8-426E-B9E7-227C171FE167} : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~2\browserprotect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.dll c:\progra~1\google\google~2\goec62~1.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\29.0.1547.76\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-3-4 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-3-4 175176]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-2-14 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-2-14 369584]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2009-4-21 73728]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-2-14 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-2-14 66336]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-2-14 46808]
R2 FontCache;Servizio cache tipi di carattere Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-5-15 21504]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2013-8-14 3291008]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-9-26 40776]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-4-18 754856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate1c9dd03a9509489;Servizio di Google Update (gupdate1c9dd03a9509489);c:\program files\google\update\GoogleUpdate.exe [2009-5-25 133104]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-29 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 GoogleDesktopManager-093009-130223;Google Desktop Manager 5.9.909.30391;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-4-19 30192]
S3 ICDUSB2;Sony IC Recorder (P);c:\windows\system32\drivers\IcdUsb2.sys [2008-12-22 39048]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2011-8-2 18432]
S3 PACSPTISVR-Sound_Organizer;PACSPTISVR-Sound_Organizer;c:\program files\sony\sound organizer\sony.earth\PACSPTISVR.exe [2012-11-8 174176]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== File Associations ===============
.
FileExt: .reg: regfile=regedit.exe "%1" [userChoice]
.
=============== Created Last 30 ================
.
2013-09-26 18:35:35 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-09-26 17:50:58 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{31177ea9-3749-46cc-976b-3bcf256ae62f}\offreg.dll
2013-09-24 16:47:33 7328304 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{31177ea9-3749-46cc-976b-3bcf256ae62f}\mpengine.dll
2013-09-13 13:04:37 -------- d-----w- c:\program files\iMesh
2013-09-11 17:08:04 615936 ----a-w- c:\windows\system32\themeui.dll
2013-09-11 17:08:03 2049536 ----a-w- c:\windows\system32\win32k.sys
2013-08-29 20:24:31 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-08-29 13:22:48 -------- d-----w- c:\windows\system32\MRT
2013-08-29 13:14:06 1548288 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-29 13:13:34 3603904 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-08-29 13:13:34 3551680 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-29 13:13:33 1205168 ----a-w- c:\windows\system32\ntdll.dll
.
==================== Find3M  ====================
.
2013-09-26 17:52:21 3969 ----a-w- c:\windows\t1vtplot.dll
2013-09-26 17:52:21 3396 ----a-w- c:\windows\system32\xnvtt1~3.dll
2013-09-19 20:12:58 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-19 20:12:58 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-29 20:24:16 867240 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-08-29 20:24:16 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-08-07 02:22:04 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-07-31 10:00:20 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-07-31 09:52:44 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-07-31 09:52:34 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-07-31 09:48:43 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-07-31 09:48:09 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-07-31 09:45:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-07-17 19:41:34 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-10 09:47:00 783360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-08 04:20:04 172544 ----a-w- c:\windows\system32\wintrust.dll
2013-07-08 04:16:55 98304 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-08 04:16:55 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-08 04:16:54 992768 ----a-w- c:\windows\system32\crypt32.dll
2013-07-05 04:53:33 905664 ----a-w- c:\windows\system32\drivers\tcpip.sys
2008-04-16 06:39:58 17884459 ----a-w- c:\program files\klmcodec390.exe
.
============= FINISH: 20.58.23,00 ===============

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 19/04/2008 10.43.35
System Uptime: 26/09/2013 19.17.59 (1 hours ago)
.
Motherboard: Dell Inc. |  |      
Processor: Intel® Core2 Duo CPU     T8300  @ 2.40GHz | Microprocessor | 2400/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 220 GiB total, 89,027 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 5,729 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1511: 03/09/2013 18.35.56 - Windows Update
RP1512: 08/09/2013 22.48.30 - Windows Update
RP1513: 09/09/2013 13.24.06 - Punto di controllo pianificato
RP1514: 10/09/2013 16.00.01 - Punto di controllo pianificato
RP1515: 11/09/2013 19.38.09 - Windows Update
RP1516: 11/09/2013 20.13.26 - Windows Update
RP1517: 11/09/2013 23.15.57 - Windows Update
RP1518: 12/09/2013 18.21.50 - Windows Update
RP1519: 12/09/2013 22.25.58 - Windows Update
RP1520: 13/09/2013 14.51.23 - Windows Update
RP1521: 13/09/2013 19.51.19 - Windows Update
RP1522: 17/09/2013 18.12.42 - Punto di controllo pianificato
RP1523: 17/09/2013 18.46.52 - Windows Update
RP1524: 19/09/2013 21.30.47 - Punto di controllo pianificato
RP1525: 20/09/2013 20.14.39 - Punto di controllo pianificato
RP1526: 23/09/2013 16.57.29 - Punto di controllo pianificato
RP1527: 24/09/2013 15.49.46 - Punto di controllo pianificato
RP1528: 24/09/2013 18.46.53 - Windows Update
RP1529: 25/09/2013 20.35.33 - Punto di controllo pianificato
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer
AC3Filter 1.62b
Adobe AIR
Adobe Digital Editions
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.4 - Italiano
Advanced Audio FX Engine
Advanced Video FX Engine
Aimersoft Video Converter Ultimate(Build 5.0.1.0)
Alcatel Android Manager
Alice MOBILE E169
Apple Mobile Device Support
Apple Software Update
ArcSoft Panorama Maker 3
ArcSoft Panorama Maker 4
µTorrent
avast! Free Antivirus
AviSynth 2.5
Blood Pressure Tracker
Bonjour
Broadcom Management Programs
Browser Address Error Redirector
BufferChm
CCleaner
Chinese Simplified Fonts Support For Adobe Reader 9
Conexant HDA D330 MDC V.92 Modem
CustomerResearchQFolder
D2500
D2500_Help
D3DX10
Defraggler
Dell Driver Download Manager
Dell Touchpad
Dell Webcam Center
Dell Webcam Manager
DeviceDiscovery
DeviceManagementQFolder
Digital Line Detect
Digital Voice Editor 3
DJ_SF_03_D2500_ProductContext
DJ_SF_03_D2500_Software
DJ_SF_03_D2500_Software_Min
DVD Shrink 3.2
eSupportQFolder
File Uploader
Free Mp3 Wma Converter V 2.2
Google Chrome
Google Desktop
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
GPBaseService
Guide dell'utente
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 10.0
HP Deskjet D2500 Printer Driver Software 10.0 Rel .3
HP Imaging Device Functions 10.0
HP Photosmart Essential 2.5
HP Smart Web Printing
HP Solution Center 10.0
HP Update
HPDiagnosticAlert
HPProductAssistant
HPSSupply
iCloud
iTunes
Java 7 Update 25
Java Auto Updater
Java SE Runtime Environment 6
Junk Mail filter update
K-Lite Mega Codec Pack 5.2.0
Laptop Integrated Webcam Driver (1.04.01.1011) 
Live! Cam Avatar
Live! Cam Avatar Creator
MailStore Home 4.1.0.4598
Malwarebytes Anti-Malware versione 1.75.0.1300
MarketResearch
mCore
MediaDirect
Mesh Runtime
Messenger Companion
mHelp
Microsoft .NET Framework 3.5 - Language Pack SP1 (italiano)
Microsoft .NET Framework 3.5 Language Pack SP1 - ita
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)
Microsoft .NET Framework 4 Client Profile ITA Language Pack
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Italian) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel 2007 Help - Aggiornamento (KB963678)
Microsoft Office Excel MUI (Italian) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (Italian) 2007
Microsoft Office InfoPath MUI (Italian) 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (Italian) 2007
Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677)
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (Italian) 2007
Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669)
Microsoft Office PowerPoint MUI (Italian) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Italian) 2007
Microsoft Office Proofing (Italian) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Italian) 2007
Microsoft Office Shared MUI (Italian) 2007
Microsoft Office Word 2007 Help - Aggiornamento (KB963665)
Microsoft Office Word MUI (Italian) 2007
Microsoft Outlook Personal Folders Backup
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Microsoft WorldWide Telescope
mMHouse
mPfMgr
MSVC80_x86
MSVC80_x86_v2
MSVC90_x86
MSVCRT
MSVCSetup
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
mWMI
My Dell
neroxml
NetWaiting
Nikon Message Center
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia_Multimedia_Common_Components_2_5
NVIDIA Driver 3D Vision 260.99
NVIDIA Driver grafico 266.58
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 260.99
NVIDIA Stereoscopic 3D Driver
OGA Notifier 2.0.0048.0
OutlookAddinSetup
Pacchetto di compatibilità per Office System 2007
Pacchetto driver Windows - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0)
Pannello di controllo NVIDIA 266.58
PC Connectivity Solution
Perseus 1.7.1 LT Konus
Picture Control Utility
PictureProject
PSSWCORE
QuickSet
QuickTime
Raccolta foto di Windows Live
Recuva
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler
Roxio MyDVD DE
Roxio Update Manager
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 4 Client Profile - Language Pack (ITA) (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile - Language Pack (ITA) (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760588) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760823) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2760583) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office Outlook 2007 (KB2825999) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2767773) 32-Bit Edition
Segoe UI
Shop for HP Supplies
SigmaTel Audio
Skype Click to Call
Skype™ 6.1
SmartWebPrintingOC
Software Intel® PROSet/Wireless
SolutionCenter
Sonic Activation Module
Sound Organizer
Status
Strumento diagnostico per modem
SUPERAntiSpyware
Supporto applicazioni Apple
Toolbox
TrayApp
Unity Web Player
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825641) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195
VideoToolkit01
Visual Trader in C:\VTrader
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR gestione archivi
Wise Registry Cleaner 7.52
Yahoo! Detect
Zinio Reader 4
.
==== End Of File ===========================
 

thanks again for your help.  R.

 

 

Link to post
Share on other sites

sorry for the u torrent I think that it was due to the fact that I didn't reboot after removing it, the following are the new log files, should be fine now. thanks ! rudy

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16506 BrowserJavaVersion: 10.25.2
Run by rudy at 15:46:39 on 2013-09-27
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.39.1040.18.3069.2015 [GMT 2:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Windows\Explorer.EXE
C:\Windows\system32\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\STacSV.exe
C:\Windows\system32\vssvc.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Windows\ehome\ehtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Windows\system32\conime.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.

uWindow Title = Internet Explorer fornito da Dell
uSearch Bar = Preserve

uURLSearchHooks: {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - <orphaned>
dURLSearchHooks: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - <orphaned>
dURLSearchHooks: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - <orphaned>
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Aimersoft Video Converter Ultimate: {54F73992-6549-4369-9A0D-84FD310A464A} - c:\program files\aimersoft\video converter ultimate\SVRIEPlugin.dll
BHO: {6D023EBF-70B8-45A6-9ED5-556515FA0FE4} - <orphaned>
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\dell\bae\BAE.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [sigmatelSysTrayApp] c:\program files\sigmatel\c-major audio\wdm\sttray.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start
mRun: [browserPlugInHelper] c:\program files\aimersoft\video converter ultimate\BrowserPlugInHelper.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:221
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-Explorer: NoResolveTrack = dword:1
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-Explorer: NoDriveAutorun = dword:0
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre7\bin\jp2iexp.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.





TCP: NameServer = 192.168.1.1
TCP: Interfaces\{237F57E0-A3A6-499D-8B0E-18AA589254EA} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{4AFD4609-F47A-47AF-92F6-01FF3EB7706E} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{5624BEEE-17E8-426E-B9E7-227C171FE167} : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~2\browserprotect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.dll c:\progra~1\google\google~2\goec62~1.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\29.0.1547.76\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-3-4 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-3-4 175176]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-2-14 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-2-14 369584]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2009-4-21 73728]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-2-14 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-2-14 66336]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-2-14 46808]
R2 FontCache;Servizio cache tipi di carattere Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-5-15 21504]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2013-8-14 3291008]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate1c9dd03a9509489;Servizio di Google Update (gupdate1c9dd03a9509489);c:\program files\google\update\GoogleUpdate.exe [2009-5-25 133104]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-29 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 GoogleDesktopManager-093009-130223;Google Desktop Manager 5.9.909.30391;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-4-19 30192]
S3 ICDUSB2;Sony IC Recorder (P);c:\windows\system32\drivers\IcdUsb2.sys [2008-12-22 39048]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-9-26 40776]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2011-8-2 18432]
S3 PACSPTISVR-Sound_Organizer;PACSPTISVR-Sound_Organizer;c:\program files\sony\sound organizer\sony.earth\PACSPTISVR.exe [2012-11-8 174176]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-4-18 754856]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== File Associations ===============
.
FileExt: .reg: regfile=regedit.exe "%1" [userChoice]
.
=============== Created Last 30 ================
.
2013-09-26 18:35:35 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-09-24 16:47:33 7328304 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{31177ea9-3749-46cc-976b-3bcf256ae62f}\mpengine.dll
2013-09-13 13:04:37 -------- d-----w- c:\program files\iMesh
2013-09-11 17:08:04 615936 ----a-w- c:\windows\system32\themeui.dll
2013-09-11 17:08:03 2049536 ----a-w- c:\windows\system32\win32k.sys
2013-08-29 20:24:31 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-08-29 13:22:48 -------- d-----w- c:\windows\system32\MRT
2013-08-29 13:14:06 1548288 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-29 13:13:34 3603904 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-08-29 13:13:34 3551680 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-29 13:13:33 1205168 ----a-w- c:\windows\system32\ntdll.dll
.
==================== Find3M ====================
.
2013-09-26 17:52:21 3969 ----a-w- c:\windows\t1vtplot.dll
2013-09-26 17:52:21 3396 ----a-w- c:\windows\system32\xnvtt1~3.dll
2013-09-19 20:12:58 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-19 20:12:58 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-29 20:24:16 867240 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-08-29 20:24:16 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-08-07 02:22:04 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-07-31 10:00:20 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-07-31 09:52:44 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-07-31 09:52:34 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-07-31 09:48:43 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-07-31 09:48:09 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-07-31 09:45:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-07-17 19:41:34 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-10 09:47:00 783360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-08 04:20:04 172544 ----a-w- c:\windows\system32\wintrust.dll
2013-07-08 04:16:55 98304 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-08 04:16:55 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-08 04:16:54 992768 ----a-w- c:\windows\system32\crypt32.dll
2013-07-05 04:53:33 905664 ----a-w- c:\windows\system32\drivers\tcpip.sys
2008-04-16 06:39:58 17884459 ----a-w- c:\program files\klmcodec390.exe
.
============= FINISH: 15.47.42,56 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 19/04/2008 10.43.35
System Uptime: 27/09/2013 15.34.33 (0 hours ago)
.
Motherboard: Dell Inc. | |
Processor: Intel® Core2 Duo CPU T8300 @ 2.40GHz | Microprocessor | 800/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 220 GiB total, 88,687 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 5,729 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer
AC3Filter 1.62b
Adobe AIR
Adobe Digital Editions
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.4 - Italiano
Advanced Audio FX Engine
Advanced Video FX Engine
Aimersoft Video Converter Ultimate(Build 5.0.1.0)
Alcatel Android Manager
Alice MOBILE E169
Apple Mobile Device Support
Apple Software Update
ArcSoft Panorama Maker 3
ArcSoft Panorama Maker 4
µTorrent
avast! Free Antivirus
AviSynth 2.5
Blood Pressure Tracker
Bonjour
Broadcom Management Programs
Browser Address Error Redirector
BufferChm
CCleaner
Chinese Simplified Fonts Support For Adobe Reader 9
Conexant HDA D330 MDC V.92 Modem
CustomerResearchQFolder
D2500
D2500_Help
D3DX10
Defraggler
Dell Driver Download Manager
Dell Touchpad
Dell Webcam Center
Dell Webcam Manager
DeviceDiscovery
DeviceManagementQFolder
Digital Line Detect
Digital Voice Editor 3
DJ_SF_03_D2500_ProductContext
DJ_SF_03_D2500_Software
DJ_SF_03_D2500_Software_Min
DVD Shrink 3.2
eSupportQFolder
File Uploader
Free Mp3 Wma Converter V 2.2
Google Chrome
Google Desktop
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
GPBaseService
Guide dell'utente
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 10.0
HP Deskjet D2500 Printer Driver Software 10.0 Rel .3
HP Imaging Device Functions 10.0
HP Photosmart Essential 2.5
HP Smart Web Printing
HP Solution Center 10.0
HP Update
HPDiagnosticAlert
HPProductAssistant
HPSSupply
iCloud
iTunes
Java 7 Update 25
Java Auto Updater
Java SE Runtime Environment 6
Junk Mail filter update
K-Lite Mega Codec Pack 5.2.0
Laptop Integrated Webcam Driver (1.04.01.1011)
Live! Cam Avatar
Live! Cam Avatar Creator
MailStore Home 4.1.0.4598
Malwarebytes Anti-Malware versione 1.75.0.1300
MarketResearch
mCore
MediaDirect
Mesh Runtime
Messenger Companion
mHelp
Microsoft .NET Framework 3.5 - Language Pack SP1 (italiano)
Microsoft .NET Framework 3.5 Language Pack SP1 - ita
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)
Microsoft .NET Framework 4 Client Profile ITA Language Pack
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Italian) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel 2007 Help - Aggiornamento (KB963678)
Microsoft Office Excel MUI (Italian) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (Italian) 2007
Microsoft Office InfoPath MUI (Italian) 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (Italian) 2007
Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677)
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (Italian) 2007
Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669)
Microsoft Office PowerPoint MUI (Italian) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Italian) 2007
Microsoft Office Proofing (Italian) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Italian) 2007
Microsoft Office Shared MUI (Italian) 2007
Microsoft Office Word 2007 Help - Aggiornamento (KB963665)
Microsoft Office Word MUI (Italian) 2007
Microsoft Outlook Personal Folders Backup
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Microsoft WorldWide Telescope
mMHouse
mPfMgr
MSVC80_x86
MSVC80_x86_v2
MSVC90_x86
MSVCRT
MSVCSetup
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
mWMI
My Dell
neroxml
NetWaiting
Nikon Message Center
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia_Multimedia_Common_Components_2_5
NVIDIA Driver 3D Vision 260.99
NVIDIA Driver grafico 266.58
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 260.99
NVIDIA Stereoscopic 3D Driver
OGA Notifier 2.0.0048.0
OutlookAddinSetup
Pacchetto di compatibilità per Office System 2007
Pacchetto driver Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)
Pannello di controllo NVIDIA 266.58
PC Connectivity Solution
Perseus 1.7.1 LT Konus
Picture Control Utility
PictureProject
PSSWCORE
QuickSet
QuickTime
Raccolta foto di Windows Live
Recuva
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler
Roxio MyDVD DE
Roxio Update Manager
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 4 Client Profile - Language Pack (ITA) (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile - Language Pack (ITA) (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760588) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760823) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2760583) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office Outlook 2007 (KB2825999) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2767773) 32-Bit Edition
Segoe UI
Shop for HP Supplies
SigmaTel Audio
Skype Click to Call
Skype™ 6.1
SmartWebPrintingOC
Software Intel® PROSet/Wireless
SolutionCenter
Sonic Activation Module
Sound Organizer
Status
Strumento diagnostico per modem
SUPERAntiSpyware
Supporto applicazioni Apple
Toolbox
TrayApp
Unity Web Player
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825641) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195
VideoToolkit01
Visual Trader in C:\VTrader
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR gestione archivi
Wise Registry Cleaner 7.52
Yahoo! Detect
Zinio Reader 4

Link to post
Share on other sites

I have just realized that although u torrent was unistalled there was still  a file named so.   I'm now sure the two files are ok.     r battista

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16506  BrowserJavaVersion: 10.25.2
Run by rudy at 21:11:44 on 2013-09-29
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.39.1040.18.3069.1994 [GMT 2:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Windows\system32\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\STacSV.exe
C:\Windows\system32\vssvc.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Windows\ehome\ehtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.

uWindow Title = Internet Explorer fornito da Dell
uSearch Bar = Preserve

uURLSearchHooks: {4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1} - <orphaned>
dURLSearchHooks: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - <orphaned>
dURLSearchHooks: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - <orphaned>
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Aimersoft Video Converter Ultimate: {54F73992-6549-4369-9A0D-84FD310A464A} - c:\program files\aimersoft\video converter ultimate\SVRIEPlugin.dll
BHO: {6D023EBF-70B8-45A6-9ED5-556515FA0FE4} - <orphaned>
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\dell\bae\BAE.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [sigmatelSysTrayApp] c:\program files\sigmatel\c-major audio\wdm\sttray.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start
mRun: [browserPlugInHelper] c:\program files\aimersoft\video converter ultimate\BrowserPlugInHelper.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:221
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-Explorer: NoResolveTrack = dword:1
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-Explorer: NoDriveAutorun = dword:0
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre7\bin\jp2iexp.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.





TCP: NameServer = 192.168.1.1
TCP: Interfaces\{237F57E0-A3A6-499D-8B0E-18AA589254EA} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{4AFD4609-F47A-47AF-92F6-01FF3EB7706E} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{5624BEEE-17E8-426E-B9E7-227C171FE167} : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~2\browserprotect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.dll c:\progra~1\google\google~2\goec62~1.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\29.0.1547.76\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-3-4 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-3-4 177864]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-2-14 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-2-14 369584]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2009-4-21 73728]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-2-14 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-2-14 66336]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-2-14 46808]
R2 FontCache;Servizio cache tipi di carattere Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-5-15 21504]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2013-8-14 3291008]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate1c9dd03a9509489;Servizio di Google Update (gupdate1c9dd03a9509489);c:\program files\google\update\GoogleUpdate.exe [2009-5-25 133104]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-29 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 GoogleDesktopManager-093009-130223;Google Desktop Manager 5.9.909.30391;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-4-19 30192]
S3 ICDUSB2;Sony IC Recorder (P);c:\windows\system32\drivers\IcdUsb2.sys [2008-12-22 39048]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-9-26 40776]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2011-8-2 18432]
S3 PACSPTISVR-Sound_Organizer;PACSPTISVR-Sound_Organizer;c:\program files\sony\sound organizer\sony.earth\PACSPTISVR.exe [2012-11-8 174176]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-4-18 754856]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== File Associations ===============
.
FileExt: .reg: regfile=regedit.exe "%1" [userChoice]
.
=============== Created Last 30 ================
.
2013-09-27 15:26:32 7328304 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{45fad781-810e-4e12-8487-697b0ac556ca}\mpengine.dll
2013-09-26 18:35:35 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-09-13 13:04:37 -------- d-----w- c:\program files\iMesh
2013-09-11 17:08:04 615936 ----a-w- c:\windows\system32\themeui.dll
2013-09-11 17:08:03 2049536 ----a-w- c:\windows\system32\win32k.sys
.
==================== Find3M  ====================
.
2013-09-26 17:52:21 3969 ----a-w- c:\windows\t1vtplot.dll
2013-09-26 17:52:21 3396 ----a-w- c:\windows\system32\xnvtt1~3.dll
2013-09-19 20:12:58 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-19 20:12:58 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-30 07:48:13 177864 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-08-30 07:48:12 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-08-30 07:48:12 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-08-30 07:48:11 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-08-30 07:47:40 41664 ----a-w- c:\windows\avastSS.scr
2013-08-29 20:24:22 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-08-29 20:24:16 867240 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-08-29 20:24:16 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-08-07 02:22:04 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-08-02 04:09:35 1548288 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-31 10:00:20 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-07-31 09:52:44 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-07-31 09:52:34 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-07-31 09:48:43 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-07-31 09:48:09 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-07-31 09:45:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-07-17 19:41:34 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-10 09:47:00 783360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 12:10:36 1205168 ----a-w- c:\windows\system32\ntdll.dll
2013-07-08 04:55:51 3603904 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-07-08 04:55:51 3551680 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-08 04:20:04 172544 ----a-w- c:\windows\system32\wintrust.dll
2013-07-08 04:16:55 98304 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-08 04:16:55 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-08 04:16:54 992768 ----a-w- c:\windows\system32\crypt32.dll
2013-07-05 04:53:33 905664 ----a-w- c:\windows\system32\drivers\tcpip.sys
2008-04-16 06:39:58 17884459 ----a-w- c:\program files\klmcodec390.exe
.
============= FINISH: 21.13.53,14 ===============

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 19/04/2008 10.43.35
System Uptime: 29/09/2013 21.07.06 (0 hours ago)
.
Motherboard: Dell Inc. |  |      
Processor: Intel® Core2 Duo CPU     T8300  @ 2.40GHz | Microprocessor | 2401/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 220 GiB total, 87,769 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 5,729 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer
AC3Filter 1.62b
Adobe AIR
Adobe Digital Editions
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.4 - Italiano
Advanced Audio FX Engine
Advanced Video FX Engine
Aimersoft Video Converter Ultimate(Build 5.0.1.0)
Alcatel Android Manager
Alice MOBILE E169
Apple Mobile Device Support
Apple Software Update
ArcSoft Panorama Maker 3
ArcSoft Panorama Maker 4
avast! Free Antivirus
AviSynth 2.5
Blood Pressure Tracker
Bonjour
Broadcom Management Programs
Browser Address Error Redirector
BufferChm
CCleaner
Chinese Simplified Fonts Support For Adobe Reader 9
Conexant HDA D330 MDC V.92 Modem
CustomerResearchQFolder
D2500
D2500_Help
D3DX10
Defraggler
Dell Driver Download Manager
Dell Touchpad
Dell Webcam Center
Dell Webcam Manager
DeviceDiscovery
DeviceManagementQFolder
Digital Line Detect
Digital Voice Editor 3
DJ_SF_03_D2500_ProductContext
DJ_SF_03_D2500_Software
DJ_SF_03_D2500_Software_Min
DVD Shrink 3.2
eSupportQFolder
File Uploader
Free Mp3 Wma Converter V 2.2
Google Chrome
Google Desktop
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
GPBaseService
Guide dell'utente
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 10.0
HP Deskjet D2500 Printer Driver Software 10.0 Rel .3
HP Imaging Device Functions 10.0
HP Photosmart Essential 2.5
HP Smart Web Printing
HP Solution Center 10.0
HP Update
HPDiagnosticAlert
HPProductAssistant
HPSSupply
iCloud
iTunes
Java 7 Update 25
Java Auto Updater
Java SE Runtime Environment 6
Junk Mail filter update
K-Lite Mega Codec Pack 5.2.0
Laptop Integrated Webcam Driver (1.04.01.1011) 
Live! Cam Avatar
Live! Cam Avatar Creator
MailStore Home 4.1.0.4598
Malwarebytes Anti-Malware versione 1.75.0.1300
MarketResearch
mCore
MediaDirect
Mesh Runtime
Messenger Companion
mHelp
Microsoft .NET Framework 3.5 - Language Pack SP1 (italiano)
Microsoft .NET Framework 3.5 Language Pack SP1 - ita
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)
Microsoft .NET Framework 4 Client Profile ITA Language Pack
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Italian) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel 2007 Help - Aggiornamento (KB963678)
Microsoft Office Excel MUI (Italian) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (Italian) 2007
Microsoft Office InfoPath MUI (Italian) 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (Italian) 2007
Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677)
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (Italian) 2007
Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669)
Microsoft Office PowerPoint MUI (Italian) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Italian) 2007
Microsoft Office Proofing (Italian) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Italian) 2007
Microsoft Office Shared MUI (Italian) 2007
Microsoft Office Word 2007 Help - Aggiornamento (KB963665)
Microsoft Office Word MUI (Italian) 2007
Microsoft Outlook Personal Folders Backup
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Microsoft WorldWide Telescope
mMHouse
mPfMgr
MSVC80_x86
MSVC80_x86_v2
MSVC90_x86
MSVCRT
MSVCSetup
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
mWMI
My Dell
neroxml
NetWaiting
Nikon Message Center
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia_Multimedia_Common_Components_2_5
NVIDIA Driver 3D Vision 260.99
NVIDIA Driver grafico 266.58
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 260.99
NVIDIA Stereoscopic 3D Driver
OGA Notifier 2.0.0048.0
OutlookAddinSetup
Pacchetto di compatibilità per Office System 2007
Pacchetto driver Windows - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0)
Pannello di controllo NVIDIA 266.58
PC Connectivity Solution
Perseus 1.7.1 LT Konus
Picture Control Utility
PictureProject
PSSWCORE
QuickSet
QuickTime
Raccolta foto di Windows Live
Recuva
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler
Roxio MyDVD DE
Roxio Update Manager
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 4 Client Profile - Language Pack (ITA) (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile - Language Pack (ITA) (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760588) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760823) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2760583) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office Outlook 2007 (KB2825999) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2767773) 32-Bit Edition
Segoe UI
Shop for HP Supplies
SigmaTel Audio
Skype Click to Call
Skype™ 6.1
SmartWebPrintingOC
Software Intel® PROSet/Wireless
SolutionCenter
Sonic Activation Module
Sound Organizer
Status
Strumento diagnostico per modem
SUPERAntiSpyware
Supporto applicazioni Apple
Toolbox
TrayApp
Unity Web Player
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825641) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195
VideoToolkit01
Visual Trader in C:\VTrader
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR gestione archivi
Wise Registry Cleaner 7.52
Yahoo! Detect
Zinio Reader 4
.
==== End Of File ===========================
 

Link to post
Share on other sites

Thanks!

Step 1

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 2

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[s1].txt as well.
Step 3
  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

  • Junkware Removal Tool log
  • AdwCleaner log
  • Malwarebytes' Anti-Malware log
Link to post
Share on other sites

Hi Borislav, these are the reports that you requested.  rudy

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.3 (09.27.2013:1)
OS: Windows Vista Home Premium x86
Ran by rudy on 30/09/2013 at 15.01.11,60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\browserpluginhelper
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113}
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2299868804-1956693909-3141487035-1000\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2851640
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4CD2147C-C820-48E3-9F08-AA068C71C746}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{7ABB14A1-D624-462C-B0E8-E913E3009339}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"

 

~~~ Files

Successfully deleted: [File] "C:\Windows\Tasks\wise registry cleaner schedule task.job"

 

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\Users\rudy\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\rudy\AppData\Roaming\offerbox"
Successfully deleted: [Folder] "C:\Users\rudy\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\rudy\AppData\Roaming\widestream"
Successfully deleted: [Folder] "C:\Users\rudy\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\rudy\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\rudy\appdata\local\smartbar"
Successfully deleted: [Folder] "C:\Users\rudy\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\rudy\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\registry mechanic"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dealply"
Successfully deleted: [Empty Folder] C:\Users\rudy\appdata\local\{0C9B328B-3DFA-4972-90E9-4167A9742D13}
Successfully deleted: [Empty Folder] C:\Users\rudy\appdata\local\{0D09E0D6-7011-48FF-B894-BCC33EC36906}
Successfully deleted: [Empty Folder] C:\Users\rudy\appdata\local\{43B30B3C-344D-4C31-AFD3-BEE4E783D114}
Successfully deleted: [Empty Folder] C:\Users\rudy\appdata\local\{43C21F8E-9C80-4811-A452-1F1A83EBB45F}
Successfully deleted: [Empty Folder] C:\Users\rudy\appdata\local\{4504A548-000B-4FC4-A249-117F819BFA0F}
Successfully deleted: [Empty Folder] C:\Users\rudy\appdata\local\{4EE49695-276B-404D-B4B6-BD6EFE42726D}
Successfully deleted: [Empty Folder] C:\Users\rudy\appdata\local\{50956087-DB18-4438-98D5-2DD9A44EE1F7}
Successfully deleted: [Empty Folder] C:\Users\rudy\appdata\local\{5269090C-8718-41E0-BC49-D8867D354217}
Successfully deleted: [Empty Folder] C:\Users\rudy\appdata\local\{58ADFE84-598A-4065-AFCB-37D405118D6E}
Successfully deleted: [Empty Folder] C:\Users\rudy\appdata\local\{5C4055CD-0213-4805-956B-3A8965E5961D}
Successfully deleted: [Empty Folder] C:\Users\rudy\appdata\local\{684CD705-BE7F-4F7E-A684-09CCBB52C98E}
Successfully deleted: [Empty Folder] C:\Users\rudy\appdata\local\{71729611-3FF4-4741-8E7E-E40A70B49E47}
Successfully deleted: [Empty Folder] C:\Users\rudy\appdata\local\{73B58CD7-9D8C-4D9A-B761-A4DF29419639}
Successfully deleted: [Empty Folder] C:\Users\rudy\appdata\local\{775592B0-6877-456B-A366-5B3219FD8BB7}
Successfully deleted: [Empty Folder] C:\Users\rudy\appdata\local\{7932238B-25D7-488D-9DD1-312C57AB1878}
Successfully deleted: [Empty Folder] C:\Users\rudy\appdata\local\{7CBE3D44-F811-4DD7-BF73-3CBA6CC9EEF2}
Successfully deleted: [Empty Folder] C:\Users\rudy\appdata\local\{91069436-DEFD-4F9A-8F23-EA6A7235733C}
Successfully deleted: [Empty Folder] C:\Users\rudy\appdata\local\{A81921A4-B429-4575-BD38-C3FDDB31CD01}
Successfully deleted: [Empty Folder] C:\Users\rudy\appdata\local\{B39E89B5-5D33-43CA-AD7E-FCA3790B6B2B}
Successfully deleted: [Empty Folder] C:\Users\rudy\appdata\local\{B779412F-8706-48E8-B8B4-661E0A9E3A4B}
Successfully deleted: [Empty Folder] C:\Users\rudy\appdata\local\{B7F2130B-270A-43B9-A5FC-CA40551C4E78}
Successfully deleted: [Empty Folder] C:\Users\rudy\appdata\local\{BB457D1E-A74E-42A2-BBE8-5BCC39D9C2E3}
Successfully deleted: [Empty Folder] C:\Users\rudy\appdata\local\{E22AD3FD-9675-4E7B-A7E1-141CACE6D3B2}
Successfully deleted: [Empty Folder] C:\Users\rudy\appdata\local\{E3D1F9E0-53B0-4C91-952B-8E7DD94405FB}
Successfully deleted: [Empty Folder] C:\Users\rudy\appdata\local\{F53FB1E3-1BE1-476A-A214-81CCF95BDBC3}
Successfully deleted: [Empty Folder] C:\Users\rudy\appdata\local\{FA14E615-FB5D-4314-84F4-7FF450175B90}

 

~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30/09/2013 at 15.04.32,82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

dwCleaner v3.005 - Report created 30/09/2013 at 15:13:38
# Updated 22/09/2013 by Xplode
# Operating System : Windows Vista Home Premium Service Pack 2 (32 bits)
# Username : rudy - PC-DAWN
# Running from : C:\Users\rudy\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\iMesh
Folder Deleted : C:\Users\rudy\AppData\Local\PackageAware
Folder Deleted : C:\Users\rudy\Downloads\various\Documents\widestream
Folder Deleted : C:\Users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\yh6cghxr.default\Extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
Folder Deleted : C:\Users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\yh6cghxr.default\Extensions\ffxtlbr@funmoods.com
Folder Deleted : C:\Users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\yh6cghxr.default\Extensions\{4ae0c3d6-f713-4eed-bc65-25dc3ffdaac1}
Folder Deleted : C:\Users\rudy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdghcmanhfigpijjllopocpcnjffkhl
File Deleted : C:\Users\rudy\Desktop\Play Free Games.lnk
File Deleted : C:\Users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\yh6cghxr.default\searchplugins\Askcom.xml
File Deleted : C:\Users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\yh6cghxr.default\searchplugins\funmoods.xml
File Deleted : C:\Users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\yh6cghxr.default\user.js

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\ncdghcmanhfigpijjllopocpcnjffkhl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ncdghcmanhfigpijjllopocpcnjffkhl
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB2F2140-1589-4770-9A73-CB2F6380743C}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AB2F2140-1589-4770-9A73-CB2F6380743C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Deleted : HKCU\Software\d48dd8b235e944
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Deleted : HKCU\Software\Imesh
Key Deleted : HKCU\Software\Offerbox
Key Deleted : HKCU\Software\WideStream
Key Deleted : HKLM\Software\Offerbox
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16506

-\\ Mozilla Firefox v

[ File : C:\Users\rudy\AppData\Roaming\Mozilla\Firefox\Profiles\yh6cghxr.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("extensions.enabledAddons", "{20a82645-c095-46ed-80e3-08825760534b}:0.0.0,{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23,{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24,{CAFEEFAC-0016-0000-0026[...]



Line Deleted : user_pref("CT2851640.autoDisableScopes", -1);

-\\ Google Chrome v29.0.1547.76

[ File : C:\Users\rudy\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5701 octets] - [30/09/2013 15:11:10]
AdwCleaner[s0].txt - [5792 octets] - [30/09/2013 15:13:38]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [5852 octets] ##########

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Versione database: v2013.09.30.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
rudy :: PC-DAWN [amministratore]

30/09/2013 15.22.51
mbam-log-2013-09-30 (15-22-51).txt

Tipo di scansione: Scansione veloce
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File di sistema | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 217712
Tempo impiegato: 8 minuti, 8 secondi

Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)

Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)

Chiavi di registro rilevate: 0
(non sono stati rilevati elementi nocivi)

Valori di registro rilevati: 0
(non sono stati rilevati elementi nocivi)

Voci rilevate nei dati di registro: 0
(non sono stati rilevati elementi nocivi)

Cartelle rilevate: 0
(non sono stati rilevati elementi nocivi)

File rilevati: 0
(non sono stati rilevati elementi nocivi)

(fine)

Link to post
Share on other sites

First of all thanks! Then . . . . well . . the quick scan did not detect anything and it's something of course, However I'm afraid that the Malaware could spring up again . In fact a couple of weeks ago I removed it (I think with a Microsoft tool) and then I ran a complete scan with MBAM in temporary mode. The result was ok, nothing detected. But after less than a week I scanned it again and the malaware, the same one, was still there. Actually there are two files that seemed to regenerate every time. That's why I'm not that comfortable. May be I should check again in a few days?  Also, In case we successfully got rid of it, is there anything to prevent this type of malaware to attack my computer?

 

Rudy

Link to post
Share on other sites

Okay, monitor your system for a few days and come back to let me know.

Let me explain you something: This is not malware. This is something called pottently unwanted program (PUP). Example: PriceGoing, Conduit and etc. It is not regenerate itself and could not spread itself. It's coming with legitimate application.

To prevent further problems, follow the instructions here:

users.telenet.be/bluepatchy/miekiemoes/prevention.html

Meanwhile:

Step 1

  • Download OTC to your desktop and run it
  • Click Yes to beginning the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.
Step 2
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Uninstall
  • Confirm with Yes
Link to post
Share on other sites

done  !  it seems your help has done greatly!  Thanks also for the link with the suggestion on how to prevent.  Here's the report.  Thanks so much again  !!  rudy

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Versione database: v2013.09.30.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
rudy :: PC-DAWN [amministratore]

06/10/2013 21.07.00
mbam-log-2013-10-06 (21-07-00).txt

Tipo di scansione: Scansione completa (C:\|D:\|)
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File di sistema | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 524883
Tempo impiegato: 2 ore, 19 minuti, 37 secondi

Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)

Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)

Chiavi di registro rilevate: 0
(non sono stati rilevati elementi nocivi)

Valori di registro rilevati: 0
(non sono stati rilevati elementi nocivi)

Voci rilevate nei dati di registro: 0
(non sono stati rilevati elementi nocivi)

Cartelle rilevate: 0
(non sono stati rilevati elementi nocivi)

File rilevati: 0
(non sono stati rilevati elementi nocivi)

(fine)

Link to post
Share on other sites

Apologize . . . here's the updated report.  Rudy

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Versione database: v2013.10.07.07

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
rudy :: PC-DAWN [amministratore]

07/10/2013 15.49.00
mbam-log-2013-10-07 (15-49-00).txt

Tipo di scansione: Scansione completa (C:\|D:\|)
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File di sistema | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 525539
Tempo impiegato: 2 ore, 32 minuti, 58 secondi

Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)

Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)

Chiavi di registro rilevate: 0
(non sono stati rilevati elementi nocivi)

Valori di registro rilevati: 0
(non sono stati rilevati elementi nocivi)

Voci rilevate nei dati di registro: 0
(non sono stati rilevati elementi nocivi)

Cartelle rilevate: 0
(non sono stati rilevati elementi nocivi)

File rilevati: 0
(non sono stati rilevati elementi nocivi)

(fine)

Link to post
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.