Can not run Malware

DJHerman1968 · December 29, 2013

I was having issue with trying to run IE or chrome so I down loaded and installed Malwarebytes. But when I try to run it I recieved a Run-time error 339 - component 'ieframe.dll' or one of its dependencies not correctly registered. a file is missing or invaild,

here is the attach.txt

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 4/4/2013 1:10:21 AM

System Uptime: 12/28/2013 10:09:54 PM (0 hours ago)

.

Motherboard: Hewlett-Packard | | 3591

Processor: AMD A4-3300M APU with Radeon HD Graphics | Socket FS1 | 1900/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 448 GiB total, 395.712 GiB free.

D: is FIXED (NTFS) - 17 GiB total, 1.893 GiB free.

E: is CDROM ()

F: is FIXED (NTFS) - 1397 GiB total, 1373.254 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}

Description: Officejet 6500 E709n

Device ID: ROOT\MULTIFUNCTION\0000

Manufacturer: HP

Name: Officejet 6500 E709n

PNP Device ID: ROOT\MULTIFUNCTION\0000

Service:

.

==== System Restore Points ===================

.

RP58: 10/25/2013 8:43:05 PM - Scheduled Checkpoint

RP59: 11/2/2013 9:49:18 PM - Scheduled Checkpoint

RP60: 11/18/2013 3:41:58 PM - Windows Update

RP61: 12/3/2013 9:12:16 AM - Windows Update

RP62: 12/12/2013 8:42:21 AM - Windows Update

RP63: 12/17/2013 10:42:54 AM - Windows Update

RP64: 12/17/2013 7:39:24 PM - Restore Operation

RP65: 12/28/2013 7:26:17 PM - Windows Update

.

==== Installed Programs ======================

.

64 Bit HP CIO Components Installer

6500_E709_eDocs

6500_E709_Help

6500_E709n

Adobe Flash Player 11 ActiveX

Adobe Reader X (10.1.8) MUI

Adobe Shockwave Player 11.5

Agatha Christie - Peril at End House

AMD APP SDK Runtime

AMD Fuel

AMD System Monitor

AMD VISION Engine Control Center

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ATI Catalyst Install Manager

AuthenTec TrueAPI

Bejeweled 2 Deluxe

Bejeweled 2 Deluxe 1.1

Bejeweled 3

Bing Bar

Blackhawk Striker 2

Blasterball 3

Blio

Bonjour

Bounce Symphony

bpd_scan

BPDSoftware

BPDSoftware_Ini

BufferChm

Build-a-lot 2

Cake Mania

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Chuzzle Deluxe

Coupon Printer for Windows

CouponBar

CyberLink PowerDVD 10

CyberLink YouCam

D3DX10

Destinations

DeviceDiscovery

Diner Dash 2 Restaurant Rescue

DocMgr

DocProc

Dora's World Adventure

Dropbox

Energy Star Digital Logo

ESU for Microsoft Windows 7

Evernote v. 4.2.2

Facebook Video Calling 1.2.0.287

Farm Frenzy

FATE - The Traitor Soul

Fax

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

GPBaseService2

Hewlett-Packard ACLM.NET v1.2.1.1

Hotspot Shield 3.09

HP 3D DriveGuard

HP Auto

HP Client Services

HP Connection Manager

HP Customer Experience Enhancements

HP Customer Participation Program 13.0

HP Document Manager 2.0

HP Documentation

HP DVB-T TV Tuner 8.0.64.43

HP Games

HP Imaging Device Functions 13.0

HP MovieStore

HP Officejet 6500 E709 Series

HP On Screen Display

HP Power Manager

HP Quick Launch

HP Setup

HP Setup Manager

HP SimplePass 2011

HP Smart Web Printing 4.51

HP Software Framework

HP Solution Center 13.0

HP Support Assistant

HP Update

HPDiagnosticAlert

HPProductAssistant

HPSSupply

iCloud

IDT Audio

iTunes

Java 7 Update 25

Java Auto Updater

Java 6 Update 24 (64-bit)

Junk Mail filter update

Kaspersky Internet Security 2013

Magic Desktop

Mah Jong Medley

Malwarebytes Anti-Malware version 1.75.0.1300

MarketResearch

Mesh Runtime

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Office 2010

Microsoft Office Click-to-Run 2010

Microsoft Office Starter 2010 - English

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

Microsoft WSE 3.0 Runtime

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Mystery P.I. - Stolen in San Francisco

Namco All-Stars PAC-MAN

Network64

OCR Software by I.R.I.S. 13.0

Penguins!

Plants vs. Zombies - Game of the Year

PlayReady PC Runtime x86

Poker Superstars III

Polar Bowler

Polar Golfer

ProductContext

Ralink RT5390 802.11b/g/n WiFi Adapter

Realtek Ethernet Controller Driver

Realtek PCIE Card Reader

Recipe Hub Firefox Toolbar

Recipe Hub Internet Explorer Toolbar

Recovery Manager

RegAlyzer

RoxioNow Player

Scan

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)

Shop for HP Supplies

ShopAtHome.com Helper

ShopAtHome.com Toolbar

Skype Click to Call

Skype™ 6.9

Slingo Supreme

SmartWebPrinting

SolutionCenter

Status

Synaptics Pointing Device Driver

Toolbox

TrayApp

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2836939)

Update for Microsoft .NET Framework 4 Extended (KB2836939v3)

Update Installer for WildTangent Games App

Validity WBF DDK

Virtual Villagers 4 - The Tree of Life

WebReg

Wheel of Fortune 2

WildTangent Games App (HP Games)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WMV9/VC-1 Video Playback

Yahoo! Toolbar

Zuma Deluxe

.

==== Event Viewer Messages From Past Week ========

.

12/28/2013 9:48:38 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.

12/28/2013 9:46:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

12/28/2013 9:46:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

12/28/2013 9:46:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

12/28/2013 9:46:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

12/28/2013 9:46:53 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

12/28/2013 9:46:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

12/28/2013 9:46:38 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache HssDRV6 KLIF KLIM6 kltdi kneps NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf

12/28/2013 9:46:38 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

12/28/2013 9:46:38 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

12/28/2013 9:46:38 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

12/28/2013 9:46:38 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

12/28/2013 9:46:38 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

12/28/2013 9:46:38 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

12/28/2013 9:46:38 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.

12/28/2013 9:46:37 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

12/28/2013 9:46:37 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

12/28/2013 9:46:37 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

12/28/2013 9:46:37 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

12/28/2013 9:41:07 PM, Error: Service Control Manager [7034] - The Adobe Flash Player Update Service service terminated unexpectedly. It has done this 1 time(s).

12/28/2013 8:42:17 PM, Error: Service Control Manager [7034] - The Adobe Flash Player Update Service service terminated unexpectedly. It has done this 2 time(s).

12/28/2013 7:29:41 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Windows 7 for x64-based Systems (KB2892074).

12/28/2013 10:12:46 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

12/28/2013 10:05:51 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

.

==== End Of File ===========================

and the dss.txt

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16720 BrowserJavaVersion: 10.25.2

Run by Donnas computer at 22:13:40 on 2013-12-28

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3563.2214 [GMT -5:00]

.

AV: Kaspersky Internet Security *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}

SP: Kaspersky Internet Security *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Kaspersky Internet Security *Enabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files\IDT\WDM\STacSV64.exe

C:\Windows\system32\Hpservice.exe

C:\Windows\System32\WUDFHost.exe

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\svchost.exe -k WbioSvcGroup

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\IDT\WDM\AESTSr64.exe

C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\SysWOW64\ezSharedSvcHost.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe

C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe

C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\PROGRA~2\RECIPE~2\bar\1.bin\2jbarsvc.exe

C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe

C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Program Files (x86)\Skype\Updater\Updater.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\svchost.exe -k HPService

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\AppIntegrator64.exe

C:\Users\Donnas computer\AppData\Local\Facebook\Update\FacebookUpdate.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\Donnas computer\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe

C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

C:\Program Files (x86)\CyberLink\Shared files\brs.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Users\Donnas computer\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jbrmon.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

uURLSearchHooks: <No Name>: {cc8ae5b8-005b-4b1a-a27d-307eddffe5c8} - C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jSrcAs.dll

mWinlogon: Userinit = userinit.exe

BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO: Toolbar BHO: {06e3475c-5521-4de8-bb12-50720f21631c} - C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jbar.dll

BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll

BHO: ShopAtHome.com Cash Back Helper: {66516A07-F617-488A-90CF-4E690CFB3C5F} - C:\Users\Donnas computer\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll

BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Search Assistant BHO: {b7acdf9c-c4f9-4d5d-998e-b147866b4d4c} - C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jSrcAs.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll

BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll

BHO: TBSB07898 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll

BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

TB: ShopAtHome.com Toolbar: {311B58DC-A4DC-4B04-B1B5-60299AD3D803} - C:\Users\Donnas computer\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -

TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

TB: ShopAtHome.com Toolbar: {311B58DC-A4DC-4B04-B1B5-60299AD3D803} - C:\Users\Donnas computer\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll

TB: Coupons.com CouponBar: {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll

TB: Recipe Hub: {cf51de5b-eb36-4114-bb69-84df63fbadb4} - C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jbar.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

uRun: [Facebook Update] "C:\Users\Donnas computer\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

uRun: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe

mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

mRun: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe

mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe

mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [shopAtHomeWatcher] C:\Users\Donnas computer\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Recipe Hub Search Scope Monitor] "C:\PROGRA~2\RECIPE~2\bar\1.bin\2jsrchmn.exe" /m=2 /w /h

mRun: [RecipeHub_2j Browser Plugin Loader] C:\PROGRA~2\RECIPE~2\bar\1.bin\2jbrmon.exe

StartupFolder: C:\Users\DONNAS~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Donnas computer\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-Explorer: EnableShellExecuteHooks = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

TCP: NameServer = 192.168.0.1 205.171.2.226

TCP: Interfaces\{27867778-B284-4093-87E8-4405AD29DA4F} : DHCPNameServer = 10.0.0.1

TCP: Interfaces\{2F50B260-FA49-4DA6-82CE-02F392E47D13} : DHCPNameServer = 192.168.0.1 205.171.2.226

TCP: Interfaces\{2F50B260-FA49-4DA6-82CE-02F392E47D13}\7756374756C6C663138393 : DHCPNameServer = 10.0.0.1

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll

x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll

x64-BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll

x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [Recipe Hub Home Page Guard 64 bit] "C:\PROGRA~2\RECIPE~2\bar\1.bin\AppIntegrator64.exe"

x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update

x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-4-15 79488]

R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-4-15 40064]

R1 HssDRV6;Hotspot Shield Routing Driver 6;C:\Windows\System32\drivers\hssdrv6.sys [2013-6-20 46792]

R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 29792]

R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2013-1-14 54368]

R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2012-8-13 178448]

R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-10-8 89600]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-4-2 204288]

R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-4-2 365568]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]

R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]

R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-2-18 265544]

R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]

R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-27 30520]

R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]

R2 hshld;Hotspot Shield Service;C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2013-6-20 831272]

R2 HssWd;Hotspot Shield Monitoring Service;C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2013-6-20 548136]

R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-10-8 2375168]

R2 RecipeHub_2jService;Recipe HubService;C:\PROGRA~2\RECIPE~2\bar\1.bin\2jbarsvc.exe [2013-10-4 42504]

R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]

R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]

R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]

R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2011-3-18 87168]

R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-10-8 46136]

R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2011-3-18 188544]

R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-11-17 115216]

R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]

R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2013-1-14 29280]

R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2013-1-14 29280]

R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2011-10-8 1492992]

R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-10-8 337512]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-10-8 428136]

R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]

R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]

R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]

R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]

R3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2013-6-20 42184]

R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-10-8 47232]

R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]

S2 CLKMSVC10_38F51D56;CyberLink Product - 2011/10/08 04:52:22;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-1-25 241648]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]

S3 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2013-1-14 356128]

S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 hpCMSrv;HP Connection Manager 4.0 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-2-15 1071160]

S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]

S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]

S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-4-6 1255736]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2013-12-29 02:50:43 -------- d-----w- C:\Users\Donnas computer\AppData\Roaming\Safer Networking

2013-12-29 02:50:22 -------- d-----w- C:\Program Files (x86)\Safer Networking

2013-12-29 02:27:41 -------- d-----w- C:\Users\Donnas computer\AppData\Roaming\Malwarebytes

2013-12-29 02:27:35 -------- d-----w- C:\ProgramData\Malwarebytes

2013-12-29 02:27:34 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-12-29 02:27:34 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-12-29 02:27:14 -------- d-----w- C:\Users\Donnas computer\AppData\Local\Programs

2013-12-25 23:43:04 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL

2013-12-25 23:43:01 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL

2013-12-25 23:43:00 830464 ----a-w- C:\Windows\System32\nshwfp.dll

2013-12-25 23:43:00 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL

2013-12-25 23:42:59 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll

2013-12-25 23:42:56 49940480 ----a-w- C:\Program Files (x86)\GUT2738.tmp

2013-12-25 23:42:56 -------- d-----w- C:\Program Files (x86)\GUM2737.tmp

2013-12-18 00:36:10 -------- d-----w- C:\Windows\pss

2013-12-17 23:57:48 -------- d-----w- C:\Users\Donnas computer\AppData\Local\Hewlett-Packard_Developme

2013-12-15 03:52:52 -------- d-----w- C:\ProgramData\Conduit

2013-12-15 03:52:49 -------- d-----w- C:\Program Files (x86)\SearchFlyBar2

2013-12-15 03:52:16 -------- d-----w- C:\Program Files (x86)\SearchProtect

2013-12-15 03:52:02 -------- d-----w- C:\Users\Donnas computer\AppData\Roaming\SearchProtect

2013-12-15 03:52:01 -------- d-----w- C:\Users\Donnas computer\AppData\Local\NativeMessaging

2013-12-15 03:52:00 -------- d-----w- C:\Users\Donnas computer\AppData\Local\Conduit

2013-12-15 03:51:53 -------- d-----w- C:\Users\Donnas computer\AppData\Local\CRE

2013-12-15 03:51:52 -------- d-----w- C:\Program Files (x86)\Conduit

2013-12-15 03:51:50 -------- d-----w- C:\Program Files (x86)\The Weather Channel

2013-12-15 03:51:47 -------- d-----w- C:\Program Files (x86)\MyPC Backup

2013-12-15 03:51:26 -------- d-----w- C:\ProgramData\Sendori

2013-12-15 03:51:23 -------- d-----w- C:\Program Files (x86)\Sendori

2013-12-15 03:51:05 -------- d-----w- C:\Users\Donnas computer\AppData\Local\The Weather Channel

2013-12-12 13:45:23 12625920 ------w- C:\Windows\System32\wmploc.DLL

2013-12-12 13:43:36 721408 ------w- C:\Program Files\Internet Explorer\ieproxy.dll

2013-12-12 13:43:34 2334208 ------w- C:\Windows\System32\wininet.dll

2013-12-12 13:43:34 1820160 ------w- C:\Windows\SysWow64\wininet.dll

2013-12-11 03:53:44 81408 ------w- C:\Windows\System32\imagehlp.dll

2013-12-11 03:53:44 159232 ------w- C:\Windows\SysWow64\imagehlp.dll

.

==================== Find3M ====================

.

2013-12-29 01:19:23 458336 ----a-w- C:\Windows\System32\drivers\kl1.sys

2013-12-29 01:19:23 29792 ----a-w- C:\Windows\System32\drivers\klim6.sys

2013-10-12 02:50:25 29280 ----a-w- C:\Windows\System32\drivers\klmouflt.sys

2013-10-12 02:50:24 29280 ----a-w- C:\Windows\System32\drivers\klkbdflt.sys

2013-10-09 12:57:24 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-10-09 12:57:24 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-10-05 20:25:35 1474048 ------w- C:\Windows\System32\crypt32.dll

2013-10-05 19:57:25 1168384 ------w- C:\Windows\SysWow64\crypt32.dll

2013-10-04 02:28:31 190464 ------w- C:\Windows\System32\SmartcardCredentialProvider.dll

2013-10-04 02:25:17 197120 ------w- C:\Windows\System32\credui.dll

2013-10-04 02:24:49 1930752 ------w- C:\Windows\System32\authui.dll

2013-10-03 02:23:48 404480 ------w- C:\Windows\System32\gdi32.dll

2013-10-03 02:00:44 311808 ------w- C:\Windows\SysWow64\gdi32.dll

.

============= FINISH: 22:15:09.40 ===============

kevinf80 · December 29, 2013

Hello and

P2P/Piracy Warning:

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Kevin...

DJHerman1968 · December 29, 2013

when I did that after hitting scan I recieve a message box. farbar recovery scan tool:frst64.exe - ordinal not found (box header) -- the ordinal 572 could not be located in the dynamic link library iertutil.dll. after I hit ok it runs a little more then gives the same message. after like 6 times it continues and finished

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-12-2013 01
Ran by Donnas computer at 2013-12-29 13:50:52
Running from C:\Users\Donnas computer\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Kaspersky Internet Security (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky Internet Security (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard)
6500_E709_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard)
6500_E709_Help (x32 Version: 1.00.0000 - Hewlett-Packard)
6500_E709n (x32 Version: 50.0.165.000 - Hewlett-Packard)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) MUI (x32 Version: 10.1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (x32 Version: 11.5.9.620 - Adobe Systems, Inc.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent)
AMD APP SDK Runtime (Version: 2.4.595.9 - Advanced Micro Devices Inc.)
AMD Fuel (Version: 2011.0401.2259.39449 - AMD)
AMD System Monitor (x32 Version: 1.0.5 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (x32 Version: 2011.0401.2259.39449 - ATI)
Apple Application Support (x32 Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (Version: 3.0.820.0 - ATI Technologies, Inc.)
AuthenTec TrueAPI (Version: 1.2.1.33 - AuthenTec, Inc.)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent)
Bejeweled 2 Deluxe 1.1 (x32 Version: - )
Bejeweled 3 (x32 Version: - PopCap Games)
Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent)
Bing Bar (x32 Version: 7.0.610.0 - Microsoft Corporation)
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent)
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent)
Blio (x32 Version: 2.2.6699 - K-NFB Reading Technology, Inc.)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent)
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard)
BPDSoftware (x32 Version: 50.0.165.000 - Hewlett-Packard)
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent)
Cake Mania (x32 Version: 2.2.0.95 - WildTangent)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI)
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0401.2259.39449 - ATI)
Catalyst Control Center InstallProxy (x32 Version: 2011.0401.2259.39449 - ATI Technologies, Inc.)
Catalyst Control Center Localization All (x32 Version: 2011.0401.2259.39449 - ATI)
CCC Help Chinese Standard (x32 Version: 2011.0401.2258.39449 - ATI)
CCC Help Chinese Traditional (x32 Version: 2011.0401.2258.39449 - ATI)
CCC Help Czech (x32 Version: 2011.0401.2258.39449 - ATI)
CCC Help Danish (x32 Version: 2011.0401.2258.39449 - ATI)
CCC Help Dutch (x32 Version: 2011.0401.2258.39449 - ATI)
CCC Help English (x32 Version: 2011.0401.2258.39449 - ATI)
CCC Help Finnish (x32 Version: 2011.0401.2258.39449 - ATI)
CCC Help French (x32 Version: 2011.0401.2258.39449 - ATI)
CCC Help German (x32 Version: 2011.0401.2258.39449 - ATI)
CCC Help Greek (x32 Version: 2011.0401.2258.39449 - ATI)
CCC Help Hungarian (x32 Version: 2011.0401.2258.39449 - ATI)
CCC Help Italian (x32 Version: 2011.0401.2258.39449 - ATI)
CCC Help Japanese (x32 Version: 2011.0401.2258.39449 - ATI)
CCC Help Korean (x32 Version: 2011.0401.2258.39449 - ATI)
CCC Help Norwegian (x32 Version: 2011.0401.2258.39449 - ATI)
CCC Help Polish (x32 Version: 2011.0401.2258.39449 - ATI)
CCC Help Portuguese (x32 Version: 2011.0401.2258.39449 - ATI)
CCC Help Russian (x32 Version: 2011.0401.2258.39449 - ATI)
CCC Help Spanish (x32 Version: 2011.0401.2258.39449 - ATI)
CCC Help Swedish (x32 Version: 2011.0401.2258.39449 - ATI)
CCC Help Thai (x32 Version: 2011.0401.2258.39449 - ATI)
CCC Help Turkish (x32 Version: 2011.0401.2258.39449 - ATI)
ccc-utility64 (Version: 2011.0401.2259.39449 - ATI)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent)
Coupon Printer for Windows (x32 Version: 5.0.0.3 - Coupons.com Incorporated)
CouponBar (x32 Version: 5.0.0.5 - Coupons.com Incorporated)
CyberLink PowerDVD 10 (x32 Version: 10.0.3.2714 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.1.3922 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard)
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent)
DocMgr (x32 Version: 130.0.000.000 - Hewlett-Packard)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent)
Dropbox (HKCU Version: 2.0.26 - Dropbox, Inc.)
Energy Star Digital Logo (x32 Version: 1.0.1 - Hewlett-Packard)
ESU for Microsoft Windows 7 (x32 Version: 1.0.0 - Hewlett-Packard)
Evernote v. 4.2.2 (x32 Version: 4.2.2.3979 - Evernote Corp.)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287 - Skype Limited)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent)
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard)
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4601.54 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company)
Hotspot Shield 3.09 (x32 Version: 3.09 - AnchorFree Inc.)
HP 3D DriveGuard (Version: 4.1.9.1 - Hewlett-Packard Company)
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company)
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard)
HP Connection Manager (x32 Version: 4.0.45.1 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard)
HP Customer Participation Program 13.0 (Version: 13.0 - HP)
HP Document Manager 2.0 (Version: 2.0 - HP)
HP Documentation (x32 Version: 1.1.0.0 - Hewlett-Packard)
HP DVB-T TV Tuner 8.0.64.43 (x32 Version: 8.0.64.43 - )
HP Games (x32 Version: 1.0.2.4 - WildTangent)
HP Imaging Device Functions 13.0 (Version: 13.0 - HP)
HP MovieStore (x32 Version: 1.0.047 - Hewlett-Packard)
HP MovieStore (x32 Version: 2.0 - Hewlett-Packard)
HP Officejet 6500 E709 Series (Version: 13.0 - HP)
HP On Screen Display (x32 Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (x32 Version: 1.4.4 - Hewlett-Packard Company)
HP Quick Launch (x32 Version: 2.3.6 - Hewlett-Packard Company)
HP Setup (x32 Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (x32 Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP SimplePass 2011 (x32 Version: 5.1.0.495 - Hewlett-Packard)
HP Smart Web Printing 4.51 (Version: 4.51 - HP)
HP Software Framework (x32 Version: 4.0.110.1 - Hewlett-Packard Company)
HP Solution Center 13.0 (Version: 13.0 - HP)
HP Support Assistant (x32 Version: 7.0.39.15 - Hewlett-Packard Company)
HP Update (x32 Version: 5.005.000.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft)
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard)
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard)
iCloud (Version: 2.1.2.8 - Apple Inc.)
IDT Audio (x32 Version: 1.0.6329.0 - IDT)
iTunes (Version: 11.0.4.4 - Apple Inc.)
Java 7 Update 25 (x32 Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.)
Java 6 Update 24 (64-bit) (Version: 6.0.240 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab)
Magic Desktop (x32 Version: 3.0 - EasyBits Software AS)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (x32 Version: 14.0.5131.5000 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 26.0 (x86 en-US) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent)
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent)
Network64 (Version: 130.0.579.000 - Hewlett-Packard)
Network64 (Version: 140.0.221.000 - Hewlett-Packard)
OCR Software by I.R.I.S. 13.0 (Version: 13.0 - HP)
Penguins! (x32 Version: 2.2.0.95 - WildTangent)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent)
PlayReady PC Runtime x86 (x32 Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent)
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent)
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent)
ProductContext (x32 Version: 50.0.165.000 - Hewlett-Packard)
Ralink RT5390 802.11b/g/n WiFi Adapter (x32 Version: 3.02.02.0 - Ralink)
Realtek Ethernet Controller Driver (x32 Version: 7.41.216.2011 - Realtek)
Realtek PCIE Card Reader (x32 Version: 6.1.7600.80 - Realtek Semiconductor Corp.)
Recipe Hub Firefox Toolbar (x32 Version: - Mindspark Interactive Network)
Recipe Hub Internet Explorer Toolbar (x32 Version: - Mindspark Interactive Network)
Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard)
RegAlyzer (x32 Version: 1.6.2.16 - Safer-Networking Ltd.)
RoxioNow Player (x32 Version: 1.9.5.103 - RoxioNow)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard)
Shop for HP Supplies (Version: 13.0 - HP)
ShopAtHome.com Helper (x32 Version: 7.0.2.1 - ShopAtHome.com)
ShopAtHome.com Toolbar (x32 Version: 7.0.2.1 - ShopAtHome.com)
Skype Click to Call (x32 Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.9 (x32 Version: 6.9.106 - Skype Technologies S.A.)
Slingo Supreme (x32 Version: 2.2.0.95 - WildTangent)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard)
Synaptics Pointing Device Driver (Version: 15.2.4.4 - Synaptics Incorporated)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard)
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update Installer for WildTangent Games App (x32 Version: - WildTangent)
Validity WBF DDK (Version: 4.3.118.0 - Validity Sensors, Inc.)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard)
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation)
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.)
Yahoo! Toolbar (x32 Version: - )
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent)

==================== Restore Points =========================

26-10-2013 00:43:05 Scheduled Checkpoint
03-11-2013 02:49:18 Scheduled Checkpoint
18-11-2013 20:41:58 Windows Update
03-12-2013 14:12:16 Windows Update
12-12-2013 13:42:21 Windows Update
17-12-2013 15:42:54 Windows Update
18-12-2013 00:39:24 Restore Operation
29-12-2013 00:26:17 Windows Update
29-12-2013 18:42:46 Windows Update

==================== Hosts content: ==========================

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0FC80678-5660-472F-B3A5-85A04C809B0F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-10-15] (Hewlett-Packard)
Task: {14ED1736-9E47-4DE9-B2F2-7D516B2837CA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {2AA2A7B3-BCDA-4E69-ABEC-C25D91125FB6} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1701072289-3442960049-2003276021-1002UA => C:\Users\Donnas computer\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-18] (Facebook Inc.)
Task: {33F9882E-4D88-40A9-87E9-F54529CCC328} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-03-22] (CyberLink)
Task: {41FC09AA-EE62-4C47-AF8C-B7732B096BC5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6025F5C3-C1BD-4CAB-97C0-E87A61D511DD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2013-12-12] (Microsoft)
Task: {65ADBC77-70E5-4822-8056-3774EBC04300} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-04-01] (Hewlett-Packard Company)
Task: {760E90FA-674F-42B7-B0CD-6F7A16D38D10} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-04-05] (Apple Inc.)
Task: {7B242FEA-B8D5-4066-9862-EA8E14429BFB} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1701072289-3442960049-2003276021-1002Core => C:\Users\Donnas computer\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-18] (Facebook Inc.)
Task: {8C43714A-2BF7-4CE5-A02A-BA5CC899AAA2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-19] (Google Inc.)
Task: {BD6225D0-B88B-443F-BA97-C7C3DBE24462} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-19] (Google Inc.)
Task: {C1BDC03E-06C8-4EF9-92F5-3C65BC2E7CE7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {C6335074-507B-4820-AC86-5AFD407A89E6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-10-15] (Hewlett-Packard)
Task: {C87147E2-F527-4773-BFDC-48B5EA129439} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {E9208EE6-9A4F-47FD-9C35-0AFE74EAF44C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: {FE1A67BA-CD31-43E0-A4AB-F583F09EB3A1} - System32\Tasks\HPCeeScheduleForDonnas computer => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1701072289-3442960049-2003276021-1002Core.job => C:\Users\Donnas computer\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1701072289-3442960049-2003276021-1002UA.job => C:\Users\Donnas computer\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForDonnas computer.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2013-10-04 16:52 - 2013-10-04 16:52 - 00292424 _____ () C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\AppIntegratorStub64.dll
2013-04-05 11:58 - 2013-04-05 11:58 - 00954696 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
2013-10-04 16:52 - 2013-10-04 16:52 - 00442952 _____ () C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\HPG64.DLL
2011-04-02 01:06 - 2011-04-02 01:06 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-03-04 14:25 - 2011-03-04 14:25 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-04-02 00:57 - 2011-04-02 00:57 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-06-24 04:21 - 2010-06-24 04:21 - 01102336 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\System.Data.SQLite.dll
2013-01-28 12:08 - 2013-01-28 12:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 12:08 - 2013-01-28 12:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-06-20 19:46 - 2013-06-20 19:46 - 00749352 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2013-06-12 14:17 - 2013-06-12 14:17 - 00049808 _____ () C:\Users\Donnas computer\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeHelperPS.dll
2010-06-24 04:19 - 2010-06-24 04:19 - 00514570 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
2012-08-17 20:38 - 2012-08-17 20:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
2013-01-14 13:55 - 2013-01-14 13:55 - 01310136 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

==================== Faulty Device Manager Devices =============

Name: Officejet 6500 E709n
Description: Officejet 6500 E709n
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (12/29/2013 00:43:22 PM) (Source: Windows Search Service) (User: )
Description: The protocol handler IEHistory cannot be loaded. Error description: (HRESULT : 0x800700b6).

Error: (12/29/2013 00:43:22 PM) (Source: Facebook Update) (User: Donnascomputer)
Description: Google Update has encountered a fatal error.
ver=1.2.205.0.private;lang=en;is_machine=0;upload=0;minidump=C:\Users\Donnas computer\AppData\Local\Facebook\CrashReports\28e36c93-e4cd-4136-93e3-5fd1158f36bd.dmp

Error: (12/29/2013 00:43:19 PM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerUpdateService.exe, version: 11.9.900.117, time stamp: 0x5244d55e
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeaf722
Exception code: 0xc0000005
Fault offset: 0x000099e4
Faulting process id: 0x7a0
Faulting application start time: 0xFlashPlayerUpdateService.exe0
Faulting application path: FlashPlayerUpdateService.exe1
Faulting module path: FlashPlayerUpdateService.exe2
Report Id: FlashPlayerUpdateService.exe3

Error: (12/28/2013 11:19:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3885

Error: (12/28/2013 11:19:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3885

Error: (12/28/2013 11:19:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/28/2013 11:19:39 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2699

Error: (12/28/2013 11:19:39 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2699

Error: (12/28/2013 11:19:39 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/28/2013 11:19:38 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1373

System errors:
=============
Error: (12/29/2013 00:43:24 PM) (Source: Service Control Manager) (User: )
Description: The Adobe Flash Player Update Service service terminated unexpectedly. It has done this 2 time(s).

Error: (12/28/2013 10:41:01 PM) (Source: Service Control Manager) (User: )
Description: The Adobe Flash Player Update Service service terminated unexpectedly. It has done this 1 time(s).

Error: (12/28/2013 10:12:46 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (12/28/2013 10:05:51 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (12/28/2013 09:48:38 PM) (Source: Service Control Manager) (User: )
Description: The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (12/28/2013 09:46:59 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Microsoft Office Sessions:
=========================
Error: (12/29/2013 00:43:22 PM) (Source: Windows Search Service)(User: )
Description: IEHistory(HRESULT : 0x800700b6)

Error: (12/29/2013 00:43:22 PM) (Source: Facebook Update)(User: Donnascomputer)
Description: Google Update has encountered a fatal error.
ver=1.2.205.0.private;lang=en;is_machine=0;upload=0;minidump=C:\Users\Donnas computer\AppData\Local\Facebook\CrashReports\28e36c93-e4cd-4136-93e3-5fd1158f36bd.dmp

Error: (12/29/2013 00:43:19 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.9.900.1175244d55emsvcrt.dll7.0.7601.177444eeaf722c0000005000099e47a001cf04bd73b7df8fC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\syswow64\msvcrt.dllb3d8908a-70b0-11e3-92aa-101f74182308

Error: (12/28/2013 11:19:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3885

Error: (12/28/2013 11:19:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3885

Error: (12/28/2013 11:19:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/28/2013 11:19:39 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2699

Error: (12/28/2013 11:19:39 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2699

Error: (12/28/2013 11:19:39 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/28/2013 11:19:38 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1373

CodeIntegrity Errors:
===================================
Date: 2013-12-29 13:50:09.982
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\crypt32.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-12-29 13:50:09.904
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\crypt32.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-12-29 13:50:09.811
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\crypt32.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-12-29 13:50:09.717
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\crypt32.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-12-29 13:50:09.639
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\crypt32.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-12-29 13:50:09.561
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\crypt32.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-12-29 13:50:09.467
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\crypt32.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-12-29 13:50:09.327
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\crypt32.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-12-29 13:50:09.249
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\crypt32.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-12-29 13:50:09.171
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\crypt32.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Percentage of memory in use: 51%
Total physical RAM: 3562.9 MB
Available physical RAM: 1725.48 MB
Total Pagefile: 7123.98 MB
Available Pagefile: 4850.18 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:448.13 GB) (Free:395.11 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:17.33 GB) (Free:1.89 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive f: (My Passport) (Fixed) (Total:1397.23 GB) (Free:1373.25 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 1813033F)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1397 GB) (Disk ID: 0006B3B4)
Partition 1: (Not Active) - (Size=-698756366336) - (Type=07 NTFS)

==================== End Of Log ============================

frst.txt

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-12-2013 01
Ran by Donnas computer (administrator) on DONNASCOMPUTER on 29-12-2013 13:44:18
Running from C:\Users\Donnas computer\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jbarsvc.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\AppIntegrator64.exe
(Facebook Inc.) C:\Users\Donnas computer\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Users\Donnas computer\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jbrmon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\CheckSURPackage.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [sysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-03-11] (IDT, Inc.)
HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-16] (Synaptics Incorporated)
HKLM\...\Run: [Recipe Hub Home Page Guard 64 bit] - C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\AppIntegrator64.exe [548936 2013-10-04] ()
HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-04-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [HPConnectionManager] - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [94264 2011-02-15] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2010-02-03] (CyberLink Corp.)
HKLM-x32\...\Run: [bDRegion] - C:\Program Files (x86)\CyberLink\Shared files\brs.exe [75048 2011-01-25] (cyberlink)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe [40312 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-03-16] (EasyBits Software AS)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [shopAtHomeWatcher] - C:\Users\Donnas computer\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe [119952 2013-06-12] ()
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Recipe Hub Search Scope Monitor] - C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jSrchMn.exe [44784 2013-10-04] (MindSpark)
HKLM-x32\...\Run: [RecipeHub_2j Browser Plugin Loader] - C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jbrmon.exe [30096 2013-10-04] (VER_COMPANY_NAME)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-12-12] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKCU\...\Run: [Facebook Update] - C:\Users\Donnas computer\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-05-18] (Facebook Inc.)
HKCU\...\Run: [skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.)
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [com.apple.dav.bookmarks.daemon] - C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe [59720 2013-04-05] (Apple Inc.)
Startup: C:\Users\Donnas computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Donnas computer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.coupons.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://search.coupons.com/
URLSearchHook: HKCU - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
URLSearchHook: HKCU - (No Name) - {cc8ae5b8-005b-4b1a-a27d-307eddffe5c8} - C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jSrcAs.dll (MindSpark)
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM - {7E706317-5ACE-4A7E-AFCB-E87B06AC65F9} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 - {7E706317-5ACE-4A7E-AFCB-E87B06AC65F9} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKCU - {4F5F567D-A1A3-487C-A818-0D2AE720663B} URL = http://websearch.shopathome.com?user_id={63EB7C43-04A6-43CD-B565-8CB98F2C158C}&q={searchTerms}
SearchScopes: HKCU - {7E706317-5ACE-4A7E-AFCB-E87B06AC65F9} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = http://search.coupons.com/search.asp?p=df&q={searchTerms}
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)
BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Toolbar BHO - {06e3475c-5521-4de8-bb12-50720f21631c} - C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jbar.dll (MindSpark)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: ShopAtHome.com Cash Back Helper - {66516A07-F617-488A-90CF-4E690CFB3C5F} - C:\Users\Donnas computer\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll (ShopAtHome.com)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Search Assistant BHO - {b7acdf9c-c4f9-4d5d-998e-b147866b4d4c} - C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jSrcAs.dll (MindSpark)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
BHO-x32: TBSB07898 Class - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll ()
BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
Toolbar: HKLM-x32 - ShopAtHome.com Toolbar - {311B58DC-A4DC-4B04-B1B5-60299AD3D803} - C:\Users\Donnas computer\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll (ShopAtHome.com)
Toolbar: HKLM-x32 - Coupons.com CouponBar - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll ()
Toolbar: HKLM-x32 - Recipe Hub - {cf51de5b-eb36-4114-bb69-84df63fbadb4} - C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jbar.dll (MindSpark)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - No Name - {311B58DC-A4DC-4B04-B1B5-60299AD3D803} - No File
DPF: HKLM-x32 {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} http://zone.msn.com/bingame/zpagames/GAME_UNO1.cab60096.cab
DPF: HKLM-x32 {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-08-29] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.226

FireFox:
========
FF ProfilePath: C:\Users\Donnas computer\AppData\Roaming\Mozilla\Firefox\Profiles\qgvdvlcy.default
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @RecipeHub_2j.com/Plugin - C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\NP2jStub.dll (MindSpark)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Donnas computer\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [2jffxtbr@RecipeHub_2j.com] - C:\Program Files (x86)\RecipeHub_2j\bar\1.bin
FF Extension: Recipe Hub - C:\Program Files (x86)\RecipeHub_2j\bar\1.bin
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======

CHR DefaultSearchKeyword: search.conduit.com
CHR DefaultSearchProvider: Conduit
CHR DefaultSearchURL: http://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN30294852712941152&ctid=CT3292715&UM=2
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Simple Pass 2011) - C:\Users\Donnas computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe\1.0_0\npwebsitelogon.dll (HP)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Google\Chrome\Application\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Windows Live\\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Donnas computer\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Website Logon) - C:\Users\Donnas computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe\1.0_0
CHR Extension: (YouTube) - C:\Users\Donnas computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Donnas computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: () - C:\Users\Donnas computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0
CHR Extension: (Safe Money) - C:\Users\Donnas computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0
CHR Extension: () - C:\Users\Donnas computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0
CHR Extension: () - C:\Users\Donnas computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4292_0
CHR Extension: () - C:\Users\Donnas computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: () - C:\Users\Donnas computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\peglehonblabfemopkgmfcpofbchegcl\2.2.825
CHR Extension: (Gmail) - C:\Users\Donnas computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR Extension: (Anti-Banner) - C:\Users\Donnas computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0
CHR HKLM-x32\...\Chrome\Extension: [aepeildmfnnehghlknddebgjghlompfe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-04-02] (Advanced Micro Devices, Inc.)
R3 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-11] (Kaspersky Lab ZAO)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-01-25] (CyberLink)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [831272 2013-06-20] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2013-06-20] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [548136 2013-06-20] ()
R2 RecipeHub_2jService; C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jbarsvc.exe [42504 2013-10-04] (COMPANYVERS_NAME)

==================== Drivers (Whitelisted) ====================

R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [46792 2013-06-20] (AnchorFree Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-28] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [626272 2013-10-11] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-12-28] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-11] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-11] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-09-06] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-09-06] (Kaspersky Lab ZAO)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-20] (Anchorfree Inc.)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-09-06] (Kaspersky Lab ZAO)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-12-29 13:44 - 2013-12-29 13:50 - 00031519 _____ C:\Users\Donnas computer\Desktop\FRST.txt
2013-12-29 13:44 - 2013-12-29 13:44 - 00000000 ____D C:\FRST
2013-12-29 13:43 - 2013-12-29 13:43 - 00000000 ____D C:\Windows\CheckSur
2013-12-29 13:43 - 2013-12-29 13:41 - 01931302 _____ (Farbar) C:\Users\Donnas computer\Desktop\FRST64.exe
2013-12-28 23:16 - 2013-12-28 23:16 - 00000000 ____D C:\Users\Donnas computer\AppData\Roaming\Mozilla
2013-12-28 23:16 - 2013-12-28 23:16 - 00000000 ____D C:\Users\Donnas computer\AppData\Local\Mozilla
2013-12-28 23:15 - 2013-12-28 23:15 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-28 23:15 - 2013-12-28 23:15 - 00000000 ____D C:\ProgramData\Mozilla
2013-12-28 23:15 - 2013-12-28 23:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-28 23:15 - 2013-12-28 23:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-28 22:15 - 2013-12-28 22:15 - 00028607 _____ C:\Users\Donnas computer\Desktop\dds.txt
2013-12-28 22:15 - 2013-12-28 22:15 - 00014487 _____ C:\Users\Donnas computer\Desktop\attach.txt
2013-12-28 22:13 - 2013-12-28 23:10 - 00688992 ____R (Swearware) C:\Users\Donnas computer\Desktop\dds.scr
2013-12-28 22:13 - 2013-12-28 23:10 - 00688992 _____ (Swearware) C:\Users\Donnas computer\Desktop\dds.com
2013-12-28 21:50 - 2013-12-28 21:50 - 00000000 ____D C:\Users\Donnas computer\AppData\Roaming\Safer Networking
2013-12-28 21:50 - 2013-12-28 21:50 - 00000000 ____D C:\Program Files (x86)\Safer Networking
2013-12-28 21:27 - 2013-12-28 21:54 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-28 21:27 - 2013-12-28 21:27 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-28 21:27 - 2013-12-28 21:27 - 00000000 ____D C:\Users\Donnas computer\AppData\Roaming\Malwarebytes
2013-12-28 21:27 - 2013-12-28 21:27 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-28 21:27 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-28 21:26 - 2013-12-28 22:23 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Donnas computer\Desktop\mbam-setup-1.75.0.1300.exe
2013-12-28 19:36 - 2013-12-28 21:37 - 00000372 _____ C:\Windows\Tasks\HPCeeScheduleForDonnas computer.job
2013-12-28 19:36 - 2013-12-28 19:56 - 00003246 _____ C:\Windows\System32\Tasks\HPCeeScheduleForDonnas computer
2013-12-25 18:43 - 2013-10-11 21:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-12-25 18:43 - 2013-10-11 21:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-12-25 18:43 - 2013-10-11 21:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-12-25 18:43 - 2013-10-11 21:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-12-25 18:42 - 2013-12-25 18:43 - 00000000 ____D C:\Program Files (x86)\GUM2737.tmp
2013-12-25 18:42 - 2013-12-25 18:42 - 49940480 _____ C:\Program Files (x86)\GUT2738.tmp
2013-12-25 18:42 - 2013-10-11 21:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-12-17 19:36 - 2013-12-17 19:49 - 00000000 ____D C:\Windows\pss
2013-12-17 18:57 - 2013-12-17 18:57 - 00000000 ____D C:\Users\Donnas computer\AppData\Local\Hewlett-Packard_Developme
2013-12-14 22:52 - 2013-12-17 19:50 - 00000000 ____D C:\Users\Donnas computer\AppData\Local\Conduit
2013-12-14 22:52 - 2013-12-17 19:50 - 00000000 ____D C:\Program Files (x86)\SearchFlyBar2
2013-12-14 22:52 - 2013-12-14 22:57 - 00000000 ____D C:\Users\Donnas computer\AppData\Roaming\SearchProtect
2013-12-14 22:52 - 2013-12-14 22:52 - 00000000 ____D C:\Users\Donnas computer\AppData\Local\NativeMessaging
2013-12-14 22:52 - 2013-12-14 22:52 - 00000000 ____D C:\ProgramData\Conduit
2013-12-14 22:52 - 2013-12-14 22:52 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2013-12-14 22:51 - 2013-12-17 19:50 - 00000000 ____D C:\Program Files (x86)\Sendori
2013-12-14 22:51 - 2013-12-17 19:50 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-12-14 22:51 - 2013-12-17 19:49 - 00000000 ____D C:\Users\Donnas computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2013-12-14 22:51 - 2013-12-14 22:53 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-12-14 22:51 - 2013-12-14 22:52 - 00000000 ____D C:\Users\Donnas computer\AppData\Local\CRE
2013-12-14 22:51 - 2013-12-14 22:51 - 00000000 ____D C:\Users\Donnas computer\AppData\Local\The Weather Channel
2013-12-14 22:51 - 2013-12-14 22:51 - 00000000 ____D C:\ProgramData\Sendori
2013-12-14 22:51 - 2013-12-14 22:51 - 00000000 ____D C:\Program Files (x86)\The Weather Channel
2013-12-14 22:50 - 2013-12-17 19:49 - 00000000 ____D C:\Users\Donnas computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArcadeFrontier
2013-12-14 22:50 - 2013-12-14 22:53 - 00000009 _____ C:\END
2013-12-12 08:45 - 2013-05-10 00:56 - 14631424 ____N (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 08:45 - 2013-05-10 00:56 - 12625920 ____N (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 08:43 - 2013-11-26 04:41 - 02764288 ____N (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 08:43 - 2013-11-26 03:38 - 02166784 ____N (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 08:43 - 2013-11-26 02:07 - 02334208 ____N (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 08:43 - 2013-11-26 01:40 - 01395200 ____N (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 08:43 - 2013-11-26 01:33 - 01820160 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 08:43 - 2013-11-26 01:27 - 01157632 ____N (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-10 22:53 - 2013-10-18 21:18 - 00081408 ____N (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-10 22:53 - 2013-10-18 20:36 - 00159232 ____N (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll

==================== One Month Modified Files and Folders =======

2013-12-29 13:50 - 2013-12-29 13:44 - 00031519 _____ C:\Users\Donnas computer\Desktop\FRST.txt
2013-12-29 13:48 - 2009-07-13 23:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-29 13:48 - 2009-07-13 23:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-29 13:47 - 2013-07-19 18:08 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-29 13:47 - 2013-07-19 18:08 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-29 13:44 - 2013-12-29 13:44 - 00000000 ____D C:\FRST
2013-12-29 13:44 - 2011-10-08 06:29 - 01504368 _____ C:\Windows\WindowsUpdate.log
2013-12-29 13:43 - 2013-12-29 13:43 - 00000000 ____D C:\Windows\CheckSur
2013-12-29 13:41 - 2013-12-29 13:43 - 01931302 _____ (Farbar) C:\Users\Donnas computer\Desktop\FRST64.exe
2013-12-29 12:43 - 2013-05-18 21:37 - 00000968 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1701072289-3442960049-2003276021-1002UA.job
2013-12-29 12:43 - 2013-04-14 18:37 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-28 23:17 - 2009-07-14 00:13 - 00006434 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-28 23:16 - 2013-12-28 23:16 - 00000000 ____D C:\Users\Donnas computer\AppData\Roaming\Mozilla
2013-12-28 23:16 - 2013-12-28 23:16 - 00000000 ____D C:\Users\Donnas computer\AppData\Local\Mozilla
2013-12-28 23:15 - 2013-12-28 23:15 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-28 23:15 - 2013-12-28 23:15 - 00000000 ____D C:\ProgramData\Mozilla
2013-12-28 23:15 - 2013-12-28 23:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-28 23:15 - 2013-12-28 23:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-28 23:11 - 2013-06-01 17:45 - 00000000 ____D C:\Users\Donnas computer\AppData\Roaming\Skype
2013-12-28 23:10 - 2013-12-28 22:13 - 00688992 ____R (Swearware) C:\Users\Donnas computer\Desktop\dds.scr
2013-12-28 23:10 - 2013-12-28 22:13 - 00688992 _____ (Swearware) C:\Users\Donnas computer\Desktop\dds.com
2013-12-28 23:02 - 2013-09-06 19:56 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-12-28 22:42 - 2013-05-18 21:37 - 00000946 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1701072289-3442960049-2003276021-1002Core.job
2013-12-28 22:23 - 2013-12-28 21:26 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Donnas computer\Desktop\mbam-setup-1.75.0.1300.exe
2013-12-28 22:17 - 2013-04-10 22:20 - 00000000 ____D C:\Users\Donnas computer\AppData\Local\CrashDumps
2013-12-28 22:15 - 2013-12-28 22:15 - 00028607 _____ C:\Users\Donnas computer\Desktop\dds.txt
2013-12-28 22:15 - 2013-12-28 22:15 - 00014487 _____ C:\Users\Donnas computer\Desktop\attach.txt
2013-12-28 22:12 - 2013-07-19 18:05 - 00000000 ____D C:\Users\Donnas computer\AppData\Roaming\Dropbox
2013-12-28 22:11 - 2013-07-19 18:08 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-28 22:11 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-28 22:11 - 2009-07-13 23:51 - 00055942 _____ C:\Windows\setupact.log
2013-12-28 21:54 - 2013-12-28 21:27 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-28 21:50 - 2013-12-28 21:50 - 00000000 ____D C:\Users\Donnas computer\AppData\Roaming\Safer Networking
2013-12-28 21:50 - 2013-12-28 21:50 - 00000000 ____D C:\Program Files (x86)\Safer Networking
2013-12-28 21:37 - 2013-12-28 19:36 - 00000372 _____ C:\Windows\Tasks\HPCeeScheduleForDonnas computer.job
2013-12-28 21:27 - 2013-12-28 21:27 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-28 21:27 - 2013-12-28 21:27 - 00000000 ____D C:\Users\Donnas computer\AppData\Roaming\Malwarebytes
2013-12-28 21:27 - 2013-12-28 21:27 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-28 20:19 - 2012-08-02 14:09 - 00029792 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klim6.sys
2013-12-28 20:19 - 2012-06-19 16:28 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2013-12-28 20:04 - 2013-07-19 18:08 - 00003912 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-28 20:04 - 2013-07-19 18:08 - 00003660 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-28 19:56 - 2013-12-28 19:36 - 00003246 _____ C:\Windows\System32\Tasks\HPCeeScheduleForDonnas computer
2013-12-28 19:56 - 2013-04-04 00:10 - 00000000 ____D C:\Users\Donnas computer
2013-12-28 19:34 - 2013-04-20 09:41 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-12-28 19:34 - 2013-04-14 18:05 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-12-25 18:45 - 2013-04-04 00:18 - 00003990 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{345905D3-C9F8-48EE-AC24-E6276877764D}
2013-12-25 18:43 - 2013-12-25 18:42 - 00000000 ____D C:\Program Files (x86)\GUM2737.tmp
2013-12-25 18:42 - 2013-12-25 18:42 - 49940480 _____ C:\Program Files (x86)\GUT2738.tmp
2013-12-17 19:51 - 2013-04-14 18:37 - 00000000 ____D C:\Windows\system32\Macromed
2013-12-17 19:51 - 2013-04-04 00:18 - 00000000 ___RD C:\Users\Donnas computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-17 19:51 - 2011-08-29 20:18 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-12-17 19:51 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-17 19:51 - 2009-07-13 22:20 - 00000000 __RSD C:\Windows\Media
2013-12-17 19:51 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-17 19:50 - 2013-12-14 22:52 - 00000000 ____D C:\Users\Donnas computer\AppData\Local\Conduit
2013-12-17 19:50 - 2013-12-14 22:52 - 00000000 ____D C:\Program Files (x86)\SearchFlyBar2
2013-12-17 19:50 - 2013-12-14 22:51 - 00000000 ____D C:\Program Files (x86)\Sendori
2013-12-17 19:50 - 2013-12-14 22:51 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-12-17 19:50 - 2013-11-23 09:01 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-12-17 19:50 - 2013-06-28 16:02 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-17 19:50 - 2013-06-28 16:02 - 00000000 ____D C:\Program Files\iTunes
2013-12-17 19:50 - 2013-06-28 16:02 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-17 19:50 - 2013-06-01 17:45 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-17 19:50 - 2011-08-29 20:31 - 00000000 ____D C:\ProgramData\RoxioNow
2013-12-17 19:50 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-12-17 19:49 - 2013-12-17 19:36 - 00000000 ____D C:\Windows\pss
2013-12-17 19:49 - 2013-12-14 22:51 - 00000000 ____D C:\Users\Donnas computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2013-12-17 19:49 - 2013-12-14 22:50 - 00000000 ____D C:\Users\Donnas computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArcadeFrontier
2013-12-17 19:48 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2013-12-17 19:47 - 2013-04-16 20:14 - 00000000 ____D C:\Users\Donnas computer\AppData\Roaming\SoftGrid Client
2013-12-17 19:45 - 2013-06-28 16:02 - 00000000 ____D C:\Program Files\iPod
2013-12-17 19:45 - 2013-06-01 17:44 - 00000000 ____D C:\ProgramData\Skype
2013-12-17 18:57 - 2013-12-17 18:57 - 00000000 ____D C:\Users\Donnas computer\AppData\Local\Hewlett-Packard_Developme
2013-12-17 10:46 - 2013-08-16 07:59 - 00000000 ____D C:\Windows\system32\MRT
2013-12-14 22:57 - 2013-12-14 22:52 - 00000000 ____D C:\Users\Donnas computer\AppData\Roaming\SearchProtect
2013-12-14 22:53 - 2013-12-14 22:51 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-12-14 22:53 - 2013-12-14 22:50 - 00000009 _____ C:\END
2013-12-14 22:52 - 2013-12-14 22:52 - 00000000 ____D C:\Users\Donnas computer\AppData\Local\NativeMessaging
2013-12-14 22:52 - 2013-12-14 22:52 - 00000000 ____D C:\ProgramData\Conduit
2013-12-14 22:52 - 2013-12-14 22:52 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2013-12-14 22:52 - 2013-12-14 22:51 - 00000000 ____D C:\Users\Donnas computer\AppData\Local\CRE
2013-12-14 22:51 - 2013-12-14 22:51 - 00000000 ____D C:\Users\Donnas computer\AppData\Local\The Weather Channel
2013-12-14 22:51 - 2013-12-14 22:51 - 00000000 ____D C:\ProgramData\Sendori
2013-12-14 22:51 - 2013-12-14 22:51 - 00000000 ____D C:\Program Files (x86)\The Weather Channel

Some content of TEMP:
====================
C:\Users\Donnas computer\AppData\Local\Temp\APNSetup.exe
C:\Users\Donnas computer\AppData\Local\Temp\Couponscom.exe
C:\Users\Donnas computer\AppData\Local\Temp\Extract.exe
C:\Users\Donnas computer\AppData\Local\Temp\HSS-2-88-install-plain-506-plain.exe
C:\Users\Donnas computer\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Donnas computer\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Donnas computer\AppData\Local\Temp\lowproc.exe
C:\Users\Donnas computer\AppData\Local\Temp\RealPlayer_NEW.exe
C:\Users\Donnas computer\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Donnas computer\AppData\Local\Temp\SP53462.exe
C:\Users\Donnas computer\AppData\Local\Temp\SP54127.exe
C:\Users\Donnas computer\AppData\Local\Temp\SP54714.exe
C:\Users\Donnas computer\AppData\Local\Temp\SP55151.exe
C:\Users\Donnas computer\AppData\Local\Temp\SP55152.exe
C:\Users\Donnas computer\AppData\Local\Temp\sp58915.exe
C:\Users\Donnas computer\AppData\Local\Temp\stubhelper.dll
C:\Users\Donnas computer\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Donnas computer\AppData\Local\Temp\UninstallHPTCA.exe
C:\Users\Donnas computer\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NIS_14622.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-11-02 20:07

==================== End Of Log ============================

kevinf80 · December 29, 2013

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Next,

Download AdwCleaner by Xplode from here: http://www.bleepingcomputer.com/download/adwcleaner/ and save to your Desktop.

Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
When it's done you'll see: Pending: Uncheck any elements you don't want removed.
Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
Look over the log especially under Files/Folders for any program you want to save.
If there's a program you want to save, just uncheck it from AdwCleaner.
If you're not sure, post the log for review.
If you're ready to clean it all up.....click the Clean button.
After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
Copy and paste the contents of that logfile in your next reply.
A copy of that logfile will also be saved in the C:\AdwCleaner folder.
Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
To restore an item that has been deleted (if necessary):
Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

Next,

Run Malwarebytes, Open > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Full scan

Make sure that everything is checked, and click Remove Selected on any found items.

Post the produced logs, give update on current issues/concerns..

Kevin

fixlist.txt

DJHerman1968 · December 30, 2013

fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-12-2013 01

Ran by Donnas computer at 2013-12-29 16:10:54 Run:1

Running from C:\Users\Donnas computer\Desktop

Boot Mode: Normal

==============================================

Content of fixlist:

*****************

Start

HKLM-x32\...\Run: [shopAtHomeWatcher] - C:\Users\Donnas computer\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe [119952 2013-06-12] ()

C:\Users\Donnas computer\AppData\Roaming\ShopAtHome

HKLM-x32\...\Run: [Recipe Hub Search Scope Monitor] - C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jSrchMn.exe [44784 2013-10-04] (MindSpark)

HKLM-x32\...\Run: [RecipeHub_2j Browser Plugin Loader] - C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jbrmon.exe [30096 2013-10-04] (VER_COMPANY_NAME)

C:\Program Files (x86)\RecipeHub_2j

Toolbar: HKLM-x32 - ShopAtHome.com Toolbar - {311B58DC-A4DC-4B04-B1B5-60299AD3D803} - C:\Users\Donnas computer\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll (ShopAtHome.com)

Toolbar: HKLM-x32 - Recipe Hub - {cf51de5b-eb36-4114-bb69-84df63fbadb4} - C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jbar.dll (MindSpark)

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

Toolbar: HKCU - No Name - {311B58DC-A4DC-4B04-B1B5-60299AD3D803} - No File

FF Plugin-x32: @RecipeHub_2j.com/Plugin - C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\NP2jStub.dll (MindSpark)

R2 RecipeHub_2jService; C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\2jbarsvc.exe [42504 2013-10-04] (COMPANYVERS_NAME)

C:\Users\Donnas computer\AppData\Local\Temp\APNSetup.exe

C:\Users\Donnas computer\AppData\Local\Temp\Couponscom.exe

C:\Users\Donnas computer\AppData\Local\Temp\Extract.exe

C:\Users\Donnas computer\AppData\Local\Temp\HSS-2-88-install-plain-506-plain.exe

C:\Users\Donnas computer\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe

C:\Users\Donnas computer\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe

C:\Users\Donnas computer\AppData\Local\Temp\lowproc.exe

C:\Users\Donnas computer\AppData\Local\Temp\RealPlayer_NEW.exe

C:\Users\Donnas computer\AppData\Local\Temp\SkypeSetup.exe

C:\Users\Donnas computer\AppData\Local\Temp\SP53462.exe

C:\Users\Donnas computer\AppData\Local\Temp\SP54127.exe

C:\Users\Donnas computer\AppData\Local\Temp\SP54714.exe

C:\Users\Donnas computer\AppData\Local\Temp\SP55151.exe

C:\Users\Donnas computer\AppData\Local\Temp\SP55152.exe

C:\Users\Donnas computer\AppData\Local\Temp\sp58915.exe

C:\Users\Donnas computer\AppData\Local\Temp\stubhelper.dll

C:\Users\Donnas computer\AppData\Local\Temp\UninstallHPSA.exe

C:\Users\Donnas computer\AppData\Local\Temp\UninstallHPTCA.exe

C:\Users\Donnas computer\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NIS_14622.exe

End

*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ShopAtHomeWatcher => Value deleted successfully.

C:\Users\Donnas computer\AppData\Roaming\ShopAtHome => Moved successfully.

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Recipe Hub Search Scope Monitor => Value deleted successfully.

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\RecipeHub_2j Browser Plugin Loader => Value deleted successfully.

C:\Program Files (x86)\RecipeHub_2j => Moved successfully.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{311B58DC-A4DC-4B04-B1B5-60299AD3D803} => Value deleted successfully.

HKCR\Wow6432Node\CLSID\{311B58DC-A4DC-4B04-B1B5-60299AD3D803} => Key deleted successfully.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{cf51de5b-eb36-4114-bb69-84df63fbadb4} => Value deleted successfully.

HKCR\Wow6432Node\CLSID\{cf51de5b-eb36-4114-bb69-84df63fbadb4} => Key deleted successfully.

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Value deleted successfully.

HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found.

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{311B58DC-A4DC-4B04-B1B5-60299AD3D803} => Value deleted successfully.

HKCR\CLSID\{311B58DC-A4DC-4B04-B1B5-60299AD3D803} => Key not found.

HKLM\Software\Wow6432Node\MozillaPlugins\@RecipeHub_2j.com/Plugin => Key deleted successfully.

C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\NP2jStub.dll not found.

RecipeHub_2jService => Service deleted successfully.

C:\Users\Donnas computer\AppData\Local\Temp\APNSetup.exe => Moved successfully.

C:\Users\Donnas computer\AppData\Local\Temp\Couponscom.exe => Moved successfully.

C:\Users\Donnas computer\AppData\Local\Temp\Extract.exe => Moved successfully.

C:\Users\Donnas computer\AppData\Local\Temp\HSS-2-88-install-plain-506-plain.exe => Moved successfully.

C:\Users\Donnas computer\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe => Moved successfully.

C:\Users\Donnas computer\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe => Moved successfully.

C:\Users\Donnas computer\AppData\Local\Temp\lowproc.exe => Moved successfully.

C:\Users\Donnas computer\AppData\Local\Temp\RealPlayer_NEW.exe => Moved successfully.

C:\Users\Donnas computer\AppData\Local\Temp\SkypeSetup.exe => Moved successfully.

C:\Users\Donnas computer\AppData\Local\Temp\SP53462.exe => Moved successfully.

C:\Users\Donnas computer\AppData\Local\Temp\SP54127.exe => Moved successfully.

C:\Users\Donnas computer\AppData\Local\Temp\SP54714.exe => Moved successfully.

C:\Users\Donnas computer\AppData\Local\Temp\SP55151.exe => Moved successfully.

C:\Users\Donnas computer\AppData\Local\Temp\SP55152.exe => Moved successfully.

C:\Users\Donnas computer\AppData\Local\Temp\sp58915.exe => Moved successfully.

C:\Users\Donnas computer\AppData\Local\Temp\stubhelper.dll => Moved successfully.

C:\Users\Donnas computer\AppData\Local\Temp\UninstallHPSA.exe => Moved successfully.

C:\Users\Donnas computer\AppData\Local\Temp\UninstallHPTCA.exe => Moved successfully.

C:\Users\Donnas computer\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NIS_14622.exe => Moved successfully.

The system needs a manual reboot.

==== End of Fixlog ====

adwcleaner[so]

# AdwCleaner v3.016 - Report created 29/12/2013 at 16:17:25

# Updated 23/12/2013 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Donnas computer - DONNASCOMPUTER

# Running from : C:\Users\Donnas computer\Desktop\AdwCleaner.exe

# Option : Clean

***** [ Services ] *****

Service Deleted : hshld

[#] Service Deleted : hsstrayservice

Service Deleted : hsswd

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Conduit

Folder Deleted : C:\ProgramData\hotspot shield

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield

Folder Deleted : C:\Program Files (x86)\Conduit

Folder Deleted : C:\Program Files (x86)\hotspot shield

Folder Deleted : C:\Program Files (x86)\MyPC Backup

Folder Deleted : C:\Program Files (x86)\Searchprotect

Folder Deleted : C:\Windows\SysWOW64\hotspot shield

Folder Deleted : C:\Users\Donnas computer\AppData\Local\Conduit

Folder Deleted : C:\Users\Donnas computer\AppData\Local\NativeMessaging

Folder Deleted : C:\Users\DONNAS~1\AppData\Local\Temp\NativeMessaging

Folder Deleted : C:\Users\Donnas computer\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\Donnas computer\AppData\LocalLow\Toolbar4

Folder Deleted : C:\Users\Donnas computer\AppData\Roaming\hotspot shield

Folder Deleted : C:\Users\Donnas computer\AppData\Roaming\Searchprotect

Folder Deleted : C:\Users\Donnas computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup

File Deleted : C:\END

File Deleted : C:\Users\Public\Desktop\eBay.lnk

File Deleted : C:\Users\Donnas computer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage

File Deleted : C:\Users\Donnas computer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal

File Deleted : C:\Users\Donnas computer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage

File Deleted : C:\Users\Donnas computer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage-journal

File Deleted : C:\Users\Donnas computer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage

File Deleted : C:\Users\Donnas computer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal

File Deleted : C:\Users\Donnas computer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage

File Deleted : C:\Users\Donnas computer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage-journal

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE

Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler

Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1

Key Deleted : HKLM\SOFTWARE\Classes\HssIE.HssIEApp

Key Deleted : HKLM\SOFTWARE\Classes\HssIE.HssIEApp.1

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1

Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils

Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1

Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager

Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1

Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager

Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1

Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest

Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1

Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask

Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1

Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper

Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1

Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook

Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1

Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.IEToolbar

Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.IEToolbar.1

Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.TBSB07898

Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.TBSB07898.3

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898.1

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Deleted : HKCU\Software\anchorfree

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKLM\Software\hotspotshield

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\Donnas computer\AppData\Roaming\Mozilla\Firefox\Profiles\qgvdvlcy.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Donnas computer\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage

Deleted : icon_url

Deleted : search_url

Deleted : suggest_url

Deleted : keyword

Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [15642 octets] - [29/12/2013 16:12:33]

AdwCleaner[s0].txt - [14919 octets] - [29/12/2013 16:17:25]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [14980 octets] ##########

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Database version: v2013.12.29.06

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 11.0.9600.16428

Donnas computer :: DONNASCOMPUTER [administrator]

12/29/2013 4:33:45 PM

mbam-log-2013-12-29 (16-33-45).txt

Scan type: Full scan (C:\|D:\|Q:\|)

Scan options disabled: P2P

Objects scanned: 410745

Time elapsed: 55 minute(s), 4 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 2

C:\Users\Donnas computer\AppData\Local\Temp\ct3292715 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\Donnas computer\AppData\Local\Temp\ct3292715\plugins (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

Files Detected: 17

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir (PUP.Optional.Conduit) -> Quarantined and deleted successfully.

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\bin\CltMngSvc(54).exe.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\bin\InternetExplorerModule.dll.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\bin\SPHook64.dll.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\AdwCleaner\Quarantine\C\Users\Donnas computer\AppData\Roaming\Searchprotect\bin\cltmng.exe.vir (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\Donnas computer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\01OILVYG\UtilityChest.exe (PUP.Optional.MyWebSearch) -> Quarantined and deleted successfully.

C:\Users\Donnas computer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\54D2B6OL\SoftonicDownloader_for_icloud-control-panel.exe (PUP.Optional.Softonic) -> Quarantined and deleted successfully.

C:\Users\Donnas computer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y1550OHZ\RecipeHub.exe (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.

C:\Users\Donnas computer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y1550OHZ\Retrogamer.exe (PUP.Optional.MyWebSearch) -> Quarantined and deleted successfully.

C:\Users\Donnas computer\AppData\Local\Temp\ct3292715\ieLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\Donnas computer\AppData\LocalLow\SearchFlyBar2\tbSear.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.

C:\Users\Donnas computer\AppData\Local\Temp\ct3292715\chromeid.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\Donnas computer\AppData\Local\Temp\ct3292715\CT3292715.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\Donnas computer\AppData\Local\Temp\ct3292715\initdata.json (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\Donnas computer\AppData\Local\Temp\ct3292715\manifest.json (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\Donnas computer\AppData\Local\Temp\ct3292715\setup.ini.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\Users\Donnas computer\AppData\Local\Temp\ct3292715\plugins\TBVerifier.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

(end)

Now both ie and chrome are working again but ie seems extremely slow(er) then chrome.

What would be your suggest to try to get a head of this issues. Would the Pro version help? would I need to uninstall the other anti virus software if I did?

I appreciate all the help this was the best experience I ever had trying to fix anything. I would not of been able to fix it without your knowledge and help.

kevinf80 · December 30, 2013

We still need to run an online AV scan to ensure there are no remnants of any infection left on your system that we may have missed. This scan is very thorough and well worth running, it can take several hours please be patient and let it complete:

Run Eset Online Scanner

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET.

Turn off the real time scanner of any existing antivirus program while performing the online scan
click on the Run ESET Online Scanner button
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the add/on to be installed
Click Start
Make sure that the option Remove found threats is unticked
Click on Advanced Settings, ensure the options
Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
Click Scan
wait for the virus definitions to be downloaded
Wait for the scan to finish

When the scan is complete

If no threats were found
put a checkmark in "Uninstall application on close"
close program
report to me that nothing was found

If threats were found

click on "list of threats found"
click on "export to text file" and save it as ESET SCAN and save to the desktop
Click on back
put a checkmark in "Uninstall application on close"
click on finish

close program

copy and paste the report in next reply

Next,

Download Security Check by screen317 from either of the following:

http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exe

Save it to your Desktop. (If your security alerts either accept the alert, or turn the security off while Secuirity Check runs)

Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Post both logs, also give an update on any remaining issues or concerns...

Kevin...

DJHerman1968 · December 31, 2013

esset results

C:\FRST\Quarantine\APNSetup.exe   a variant of Win32/Bundled.Toolbar.Ask.E application
C:\FRST\Quarantine\RecipeHub_2j\bar\1.bin\2jauxstb.dll   Win32/Toolbar.MyWebSearch.W application
C:\FRST\Quarantine\RecipeHub_2j\bar\1.bin\2jbar.dll   a variant of Win32/Toolbar.MyWebSearch.W application
C:\FRST\Quarantine\RecipeHub_2j\bar\1.bin\2jbarsvc.exe   Win32/Toolbar.MyWebSearch.X application
C:\FRST\Quarantine\RecipeHub_2j\bar\1.bin\2jbprtct.dll   Win32/Toolbar.MyWebSearch.W application
C:\FRST\Quarantine\RecipeHub_2j\bar\1.bin\2jbrmon.exe   Win32/Toolbar.MyWebSearch.W application
C:\FRST\Quarantine\RecipeHub_2j\bar\1.bin\2jdatact.dll   a variant of Win32/Toolbar.MyWebSearch.A application
C:\FRST\Quarantine\RecipeHub_2j\bar\1.bin\2jhtmlmu.dll   probably a variant of Win32/Toolbar.MyWebSearch.B application
C:\FRST\Quarantine\RecipeHub_2j\bar\1.bin\2jieovr.dll   probably a variant of Win32/Toolbar.MyWebSearch.P application
C:\FRST\Quarantine\RecipeHub_2j\bar\1.bin\2jimpipe.exe   Win32/Toolbar.MyWebSearch.W application
C:\FRST\Quarantine\RecipeHub_2j\bar\1.bin\2jPlugin.dll   probably a variant of Win32/Toolbar.MyWebSearch application
C:\FRST\Quarantine\RecipeHub_2j\bar\1.bin\2jreghk.dll   Win32/Toolbar.MyWebSearch.W application
C:\FRST\Quarantine\RecipeHub_2j\bar\1.bin\2jskin.dll   a variant of Win32/Toolbar.MyWebSearch.P application
C:\FRST\Quarantine\RecipeHub_2j\bar\1.bin\2jskplay.exe   Win32/Toolbar.MyWebSearch.W application
C:\FRST\Quarantine\RecipeHub_2j\bar\1.bin\2jSrchMn.exe   Win32/Toolbar.MyWebSearch.W application
C:\FRST\Quarantine\RecipeHub_2j\bar\1.bin\AppIntegrator64.exe   Win64/Toolbar.MyWebSearch.A application
C:\FRST\Quarantine\RecipeHub_2j\bar\1.bin\AppIntegratorStub64.dll   Win64/Toolbar.MyWebSearch.A application
C:\FRST\Quarantine\RecipeHub_2j\bar\1.bin\CREXT.DLL   a variant of Win32/Toolbar.MyWebSearch.W application
C:\FRST\Quarantine\RecipeHub_2j\bar\1.bin\Hpg64.dll   Win64/Toolbar.MyWebSearch.A application
C:\FRST\Quarantine\RecipeHub_2j\bar\1.bin\NP2jStub.dll   Win32/Toolbar.MyWebSearch.T application
C:\FRST\Quarantine\RecipeHub_2j\bar\1.bin\T8HTML.DLL   probably a variant of Win32/Toolbar.MyWebSearch.F application
C:\Users\Donnas computer\AppData\Local\Temp\9FBF.tmp   Win32/MyPCBackup.A application

checkup txt

Results of screen317's Security Check version 0.99.77
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
Kaspersky Internet Security
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
Java 7 Update 25
Java version out of Date!
Adobe Reader 10.1.8 Adobe Reader out of Date!
Mozilla Firefox (Firefox.)
Google Chrome 30.0.1599.101
Google Chrome 31.0.1650.63
Google Chrome plugins...
````````Process Check: objlist.exe by Laurent````````
ESET ESET Online Scanner OnlineScannerApp.exe
Kaspersky Lab Kaspersky Internet Security 2013 avp.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 4%
````````````````````End of Log``````````````````````

kevinf80 · December 31, 2013

Ok continue with the following:

Download OTM from either of the following links and save to your Desktop: (If your security alerts to OTM, either accept the alert or turn off security to allow OTM to run)

http://oldtimer.geekstogo.com/OTM.exe.
http://www.itxassociates.com/OT-Tools/OTM.com
http://www.itxassociates.com/OT-Tools/OTM.exe

Double click OTM.exe to start the tool. Vista or Windows 7 users accepy UAC alert. Be aware all processes will be stopped during run, also Desktop will disappear, this will be put back on completion.... If your security alerts to OTM either, accept the alert or turn off security until OTM completes...

Copy the text from the code box belowbelow to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy). Ensure to start with and include the colon before Files :Files
```
:FilesC:\Users\Donnas computer\AppData\Local\Temp\9FBF.tmp:Commands[EmptyTemp]
```
Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
Click the red button.
Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
Close OTM

Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

If the machine reboots, the Results log can be found here:

c:\_OTMoveIt\MovedFiles\mmddyyyy_hhmmss.log

Where mmddyyyy_hhmmss is the date of the tool run.

Next,

Adobe Reader is outdated...

Visit http://get.adobe.com/uk/reader/otherversions/ and download the latest version of Acrobat Reader

Step 1 - Select your Operating System.

Step 2 - Select your Langauge.

Step 3 - Select latest version.

Untick the option for any security scanner or toolbar if offered.

Download and install.

Having the latest updates ensures there are no security vulnerabilities in your system.

Next,

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.

Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:

Go to http://java.com/en/ and click on "Do I have Java"

It will check your current version and then offer to update to the latest version

Watch for and make sure you untick the box next to whatever free program they prompt you to install during the installation, unless you want it.

***Note: Check in Programs and Features (or Add/Remove Programs if you are an XP user) to make certain there are no old versions of Java still installed, if so - remove them.

Let me see log from OTM, also tell me if other steps complete.

If you upgrade to Malwarebytes Pro there is no need to Uninstall your AV program. Malwarebytes has no anti-virus component so will work along side your current security set up....

Let me know if there are any remaining issues or concerns...

Kevin

AdvancedSetup · January 1, 2014

Are you still with us?

AdvancedSetup · January 3, 2014

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Can not run Malware

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information