Jump to content

Issues with deleting results after scan in MB


Recommended Posts

Hi there

 

I have a DELL Inspiron running Windows 7 (I think!).  The laptop is infected and I am trying to run MB.  When I initially ran the quick scan, it returned 3000+ infections, and when I started to delete them, it forced me to restart.  I then had to re-run the scan, which returned the same, and the same happened when I tried to delete.

 

I tried to use MB Chameleon, and the exact same thing happened again!!

 

So, I have run the scan yet again - it returns 3980 infections.  I really do not know how to get around this and remove the infections.

 

Please find attached the log.  I would be grateful if you can advise how I can remove the infections from the laptop?

 

Many thanks

Sapna

mbam-log-2014-02-20 (20-19-05).txt

Link to post
Share on other sites

Welcome to the forum.

Please  start HERE
Post back the 2 logs here.....DDS.txt and Attach.txt (DDS won't run on W8)
(please don't put logs in code or quotes and use the default font)

(Please don't forget to run the RogueKiller scan below)

General Forum P2P/Piracy Warning:

1. If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.
Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
2. If you have illegal/cracked software, cracks, keygens, custom (Adobe) host file, etc. on the system, please remove or uninstall them now and read the policy on Piracy.
Failure to remove such software will result in your topic being closed and no further assistance being provided.


<====><====><====><====><====><====><====><====>

Next................

Please download and run RogueKiller 32 bit to your desktop.

RogueKiller<---use this one for 64 bit systems

Which system am I using?

Quit all running programs.

For Windows XP, double-click to start.
For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.


Click Scan to scan the system.
When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.
(please don't put logs in code or quotes and use the default font)
MrC


Note:
Please read all of my instructions completely including these.

**Make sure system restore is turned on and running, please create a new restore point**

Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly


Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive


<+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you.


<+>The removal of malware isn't instantaneous, please be patient.


<+>When we are done, I'll give to instructions on how to cleanup all the tools and logs


<+>Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.


------->Your topic will be closed if you haven't replied within 3 days!<--------
(If I don't respond within 24 hours, please send me a PM)

Link to post
Share on other sites

Ok here goes:

 

DDS.txt is:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16518
Run by Saira at 19:49:11 on 2014-02-26
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.44.1033.18.3895.1440 [GMT 0:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Program Files (x86)\iSafe\iSafeSvc.exe
C:\Program Files (x86)\iSafe\iSafeSvc2.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Mobogenie\MgAssist.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\iSafe\iSafeTray.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Users\Saira\AppData\Local\Smartbar\Application\SnapDo.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Windows\system32\SearchIndexer.exe
C:\Users\Saira\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Real\realplayer\Update\realsched.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Users\Saira\AppData\Roaming\Nosibay\Bubble Dock\Bubble Dock.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: {11111111-1111-1111-1111-110011501158} - <orphaned>
BHO: Media Viewer: {201f8834-ac8c-4fa0-90dd-2b9cef403de8} - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha8506\ie\MediaViewerV1alpha8506.dll
BHO: tOpdeal: {223CCF2E-FD38-653B-1E5E-B6078A2265CC} - LocalServer32 - <no file>
BHO: Bubble Dock SurfMatch: {23AF19F7-1D5B-442c-B14C-3D1081953C94} - C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\axSurfMatch.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Snap.DoEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} - 
BHO: IB Updater: {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension32.dll
BHO: flash-Enhancer: {5A60B6BB-FA81-4EFA-AB9C-A820E2143736} - C:\Program Files (x86)\AmiExt\flashEnhancer\ie\flashEnhancer.dll
BHO: Media Player: {669c861d-9914-4aba-93e6-610cf1b9a1b5} - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha2502\ie\MediaPlayerV1alpha2502.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Media Player: {7c350d8d-e75e-4a81-a246-2f507ea9e8b0} - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha4831\ie\MediaPlayerV1alpha4831.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Media Viewer: {90720bec-7e02-4cde-ab1a-5613aa2fcf34} - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha634\ie\MediaViewerV1alpha634.dll
BHO: ValueApps: {93DBF2BB-A2B3-4683-A92E-57E60751F346} - C:\Program Files (x86)\Conduit\ValueApps\IE\ValueAppsLoader.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: PPTCheucker: {A6FEB559-3E27-DDE6-A0BB-64378610CC57} - C:\ProgramData\PPTCheucker\1.dll
BHO: Wajam: {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - 
BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: DealsCompare: {b50321e1-e1a6-45d6-9ce4-26b21ee44e0d} - C:\Program Files (x86)\DealsCompare\150.dll
BHO: topbuyer: {B7397D41-E0F5-6F11-71F0-BE9BED88102A} - C:\ProgramData\topbuyer\zGvlxJG.dll
BHO: delta Helper Object: {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll
BHO: dealppeak: {DFD8CF2A-266D-E68E-67EC-ECBC3A6235EC} - C:\ProgramData\dealppeak\OxW.dll
TB: Snap.Do: {ae07101b-46d4-4a98-af68-0333ea26e113} - 
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll
uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
uRun: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
uRun: [browser Infrastructure Helper] C:\Users\Saira\AppData\Local\Smartbar\Application\SnapDo.exe startup
uRun: [bubble Dock] "C:\Users\Saira\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe" /winstartup
mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
mRun: [RoxWatchTray] "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
dRunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: NameServer = 192.168.1.254 192.168.1.254
TCP: Interfaces\{2CED8F89-688E-451C-B45B-5A3DAAE9AB7F} : DHCPNameServer = 192.168.1.254 192.168.1.254
TCP: Interfaces\{2CED8F89-688E-451C-B45B-5A3DAAE9AB7F}\244524573796E6563737845726D2838323 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{2CED8F89-688E-451C-B45B-5A3DAAE9AB7F}\244584572633D2457535B4 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{BAFB1BF0-63A1-4173-A7EA-40666FC523A5} : NameServer = 0.0.0.0
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~2\optimi~1\optpro~1.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Feven 1.7: {11111111-1111-1111-1111-110411051194} - C:\Program Files (x86)\Feven 1.7\Feven 1.7-bho64.dll
x64-BHO: DP1815: {11111111-1111-1111-1111-110411721120} - C:\Program Files (x86)\DP1815\DP1815-bho64.dll
x64-BHO: tOpdeal: {223CCF2E-FD38-653B-1E5E-B6078A2265CC} - LocalServer32 - <no file>
x64-BHO: Snap.DoEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} - 
x64-BHO: IB Updater: {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: ValueApps: {93DBF2BB-A2B3-4683-A92E-57E60751F346} - C:\Program Files\Conduit\ValueApps\IE\ValueAppsLoader.dll
x64-BHO: PPTCheucker: {A6FEB559-3E27-DDE6-A0BB-64378610CC57} - C:\ProgramData\PPTCheucker\1.x64.dll
x64-BHO: topbuyer: {B7397D41-E0F5-6F11-71F0-BE9BED88102A} - C:\ProgramData\topbuyer\zGvlxJG.x64.dll
x64-BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-BHO: dealppeak: {DFD8CF2A-266D-E68E-67EC-ECBC3A6235EC} - C:\ProgramData\dealppeak\OxW.x64.dll
x64-TB: Snap.Do: {ae07101b-46d4-4a98-af68-0333ea26e113} - 
x64-TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - 
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [intelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Saira\AppData\Roaming\Mozilla\Firefox\Profiles\m5w9w55e.default\
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
FF - ExtSQL: 2014-01-29 20:26; bubbledock@nosibay.com; C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\FFSurfMatch
FF - ExtSQL: 2014-01-29 20:27; {94cd2cc3-083f-49ba-a218-4cda4b4829fd}; C:\Users\Saira\AppData\Roaming\Mozilla\Firefox\Profiles\m5w9w55e.default\extensions\{94cd2cc3-083f-49ba-a218-4cda4b4829fd}
FF - ExtSQL: 2014-01-29 20:41; ext@flashenhancer.com; C:\Program Files (x86)\AmiExt\flashEnhancer\ff
FF - ExtSQL: 2014-01-29 20:41; uidh@kvzz-.com; C:\Users\Saira\AppData\Roaming\Mozilla\Firefox\Profiles\m5w9w55e.default\extensions\uidh@kvzz-.com
FF - ExtSQL: 2014-01-29 20:41; eaio1wdtxkv@ie-.edu; C:\Users\Saira\AppData\Roaming\Mozilla\Firefox\Profiles\m5w9w55e.default\extensions\eaio1wdtxkv@ie-.edu
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-5-7 55856]
R1 iSafeNetFilter;iSafeNetFilter;C:\Program Files (x86)\iSafe\iSafeNetFilter.sys [2014-1-29 44032]
R2 70e6ca8c;Optimizer Pro Crash Monitor;C:\Windows\System32\rundll32.exe [2009-7-13 45568]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-5-7 89600]
R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE [2013-12-16 193696]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-5-7 13336]
R2 iSafeService;iSafeService;C:\Program Files (x86)\iSafe\iSafeSvc.exe [2014-1-29 491688]
R2 MgAssistService;MgAssist Service;C:\Program Files (x86)\Mobogenie\MgAssist.exe [2014-1-29 63168]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-5-7 1692480]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-11-2 13784]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-5-7 2320920]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2011-5-7 172704]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-5-7 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-5-7 158976]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-5-7 289280]
R3 iSafeKrnl;iSafeKrnl;C:\Program Files (x86)\iSafe\iSafeKrnl.sys [2014-1-29 219648]
R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-3-18 7680512]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE [2013-12-16 247968]
S3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2011-5-7 53800]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-5-7 35104]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-2-13 111616]
S3 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2014-2-21 36680]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-3-5 340240]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-5-7 250984]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-5-7 325152]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-23 59392]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-5-10 51712]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-9-24 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-02-26 19:47:53 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{89B65B6A-21EA-40D5-8F0A-D9175D4B9A3D}\offreg.dll
2014-02-25 22:24:56 -------- d-----w- C:\50b93037a9ab2a061e
2014-02-25 18:08:31 10536864 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{89B65B6A-21EA-40D5-8F0A-D9175D4B9A3D}\mpengine.dll
2014-02-23 20:09:22 -------- d-----w- C:\Program Files (x86)\MediaViewerV1
2014-02-21 14:41:00 36680 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-02-20 20:42:22 -------- d-----w- C:\ProgramData\topbuyer
2014-02-20 20:42:13 -------- d-----w- C:\Users\Saira\AppData\Local\Packages
2014-02-20 20:42:06 -------- d-----w- C:\ProgramData\PPTCheucker
2014-02-20 20:42:06 -------- d-----w- C:\ProgramData\jaaimmlikcjeigpncpkpfpdmkhiafmff
2014-02-20 20:18:38 -------- d-----w- C:\Users\Saira\AppData\Roaming\Malwarebytes
2014-02-20 20:18:27 -------- d-----w- C:\ProgramData\Malwarebytes
2014-02-20 20:18:26 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-02-20 20:18:26 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-15 19:28:02 -------- d-----w- C:\Program Files (x86)\MediaPlayerV1
2014-02-14 15:53:06 548864 ----a-w- C:\Windows\System32\vbscript.dll
2014-02-14 15:53:06 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-02-13 22:41:13 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-02-13 22:40:59 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-02-13 22:40:59 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-02-13 22:40:58 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2014-02-13 22:40:58 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2014-02-13 22:35:11 10536864 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-02-10 18:23:59 -------- d-----w- C:\Windows\SysWow64\jmdp
2014-02-10 18:23:59 -------- d-----w- C:\Windows\System32\ljkb
2014-02-09 11:02:09 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-01-29 20:46:42 -------- d-----w- C:\Users\Saira\AppData\Local\RegistryDR
2014-01-29 20:41:39 -------- d-----w- C:\Program Files (x86)\Lightspark 0.5.3-git
2014-01-29 20:40:59 -------- d-----w- C:\Program Files (x86)\AmiExt
2014-01-29 20:40:58 -------- d-sh--w- C:\Windows\SysWow64\AI_RecycleBin
2014-01-29 20:40:46 -------- d-----w- C:\Program Files (x86)\Registry Dr
2014-01-29 20:29:23 -------- d-----w- C:\Windows\System32\log
2014-01-29 20:29:14 -------- d-----w- C:\Users\Saira\AppData\Roaming\iSafe
2014-01-29 20:29:14 -------- d-----w- C:\Program Files (x86)\iSafe
2014-01-29 20:29:07 -------- d-----w- C:\Users\Saira\.android
2014-01-29 20:29:03 -------- d-----w- C:\Users\Saira\AppData\Roaming\newnext.me
2014-01-29 20:29:03 -------- d-----w- C:\Users\Saira\AppData\Local\cache
2014-01-29 20:29:02 -------- d-----w- C:\Users\Saira\AppData\Local\Mobogenie
2014-01-29 20:29:02 -------- d-----w- C:\Users\Saira\AppData\Local\genienext
2014-01-29 20:28:20 -------- d-----w- C:\Program Files (x86)\Mobogenie
2014-01-29 20:27:48 -------- d-----w- C:\Program Files (x86)\DP1815
2014-01-29 20:27:32 -------- d-----w- C:\Program Files\Conduit
2014-01-29 20:27:31 -------- d-----w- C:\Users\Saira\AppData\Local\Conduit
2014-01-29 20:27:31 -------- d-----w- C:\Program Files (x86)\Conduit
2014-01-29 20:27:29 -------- d-----w- C:\Users\Saira\AppData\Roaming\ValueApps
2014-01-29 20:26:50 -------- d-----w- C:\Program Files (x86)\Nosibay
2014-01-29 20:26:25 -------- d-----w- C:\Users\Saira\AppData\Roaming\Nosibay
2014-01-29 20:25:59 -------- d-----w- C:\Users\Saira\AppData\Local\SwvUpdater
.
==================== Find3M  ====================
.
2014-02-06 11:30:46 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-06 11:30:12 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-02-06 11:07:39 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-06 11:06:47 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-02-06 10:49:03 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-02-06 10:48:45 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-02-06 10:48:11 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-02-06 10:20:26 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-06 10:11:37 5768704 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-06 10:01:36 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-06 10:00:46 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-02-06 09:50:32 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-02-06 09:47:22 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-02-06 09:46:27 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-02-06 09:25:36 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-06 09:24:52 2334208 ----a-w- C:\Windows\System32\wininet.dll
2014-02-06 09:09:30 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-02-06 08:41:35 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-04 09:28:20 1859376 ----a-w- C:\Windows\System32\dmwu.exe
2014-02-04 09:23:42 34304 ----a-w- C:\Windows\System32\ImHttpComm.dll
2014-02-04 08:39:36 829264 ----a-w- C:\Windows\System32\msvcr100.dll
2014-02-04 08:39:36 608080 ----a-w- C:\Windows\System32\msvcp100.dll
2013-12-06 02:30:08 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2013-12-06 02:30:08 1882112 ----a-w- C:\Windows\System32\msxml3.dll
2013-12-06 02:02:08 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2013-12-04 02:27:33 485888 ----a-w- C:\Windows\System32\secproc_isv.dll
2013-12-04 02:27:33 123392 ----a-w- C:\Windows\System32\secproc_ssp_isv.dll
2013-12-04 02:27:33 123392 ----a-w- C:\Windows\System32\secproc_ssp.dll
2013-12-04 02:27:16 488448 ----a-w- C:\Windows\System32\secproc.dll
2013-12-04 02:26:32 528384 ----a-w- C:\Windows\System32\msdrm.dll
2013-12-04 02:16:51 658432 ----a-w- C:\Windows\System32\RMActivate_isv.exe
2013-12-04 02:16:51 626176 ----a-w- C:\Windows\System32\RMActivate.exe
2013-12-04 02:16:50 552960 ----a-w- C:\Windows\System32\RMActivate_ssp_isv.exe
2013-12-04 02:16:48 553984 ----a-w- C:\Windows\System32\RMActivate_ssp.exe
2013-12-04 02:03:20 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp_isv.dll
2013-12-04 02:03:20 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp.dll
2013-12-04 02:03:20 423936 ----a-w- C:\Windows\SysWow64\secproc_isv.dll
2013-12-04 02:03:08 428032 ----a-w- C:\Windows\SysWow64\secproc.dll
2013-12-04 02:02:06 390144 ----a-w- C:\Windows\SysWow64\msdrm.dll
2013-12-04 01:54:14 510976 ----a-w- C:\Windows\SysWow64\RMActivate_ssp.exe
2013-12-04 01:54:10 594944 ----a-w- C:\Windows\SysWow64\RMActivate_isv.exe
2013-12-04 01:54:09 572416 ----a-w- C:\Windows\SysWow64\RMActivate.exe
2013-12-04 01:54:06 508928 ----a-w- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
.
============= FINISH: 19:51:05.59 ===============
 
 
Attach.txt is:
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume2
Install Date: 21/09/2011 11:18:26
System Uptime: 26/02/2014 19:42:40 (0 hours ago)
.
Motherboard: Dell Inc. |  | 0WXY9J
Processor: Intel® Core i5 CPU       M 480  @ 2.67GHz | CPU 1 | 1170/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 451 GiB total, 380.341 GiB free.
D: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP96: 16/01/2014 03:02:22 - Windows Update
RP97: 26/01/2014 16:38:31 - Scheduled Checkpoint
RP99: 29/01/2014 21:03:41 - Before Registry Dr fix
RP100: 09/02/2014 11:01:39 - Windows Update
RP101: 13/02/2014 22:33:38 - Windows Update
RP102: 13/02/2014 23:03:24 - Windows Update
RP103: 14/02/2014 16:01:58 - Windows Update
RP104: 18/02/2014 11:58:58 - Windows Update
RP105: 21/02/2014 17:14:57 - Windows Update
RP106: 25/02/2014 18:07:33 - Windows Update
RP107: 25/02/2014 22:24:30 - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.7) MUI
Advanced Audio FX Engine
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bing Bar
Bing Rewards Client Installer
Bonjour
Bubble Dock (remove only)
D3DX10
dealppeak
DealsCompare
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell Edoc Viewer
Dell Getting Started Guide
Dell MusicStage
Dell PhotoStage
Dell Product Registration
Dell Stage
Dell Support Center
Dell VideoStage
Dell Webcam Central
Delta Chrome Toolbar
Delta toolbar  
DirectX 9 Runtime
DMUninstaller
DP1815
eBay
Feven 1.7
flash-Enhancer
Google Chrome
Google Drive
Google Update Helper
IB Updater 2.0.0.574
IB Updater Service
IDT Audio
Intel PROSet Wireless
Intel® Control Center
Intel® Graphics Media Accelerator Driver
Intel® Management Engine Components
Intel® PROSet/Wireless WiFi Software
Intel® Rapid Storage Technology
Intel® Turbo Boost Technology Monitor
iTunes
Java 6 Update 24 (64-bit)
Junk Mail filter update
Lightspark 0.5.3-git
Live! Cam Avatar Creator
Malwarebytes Anti-Malware version 1.75.0.1300
Media Player
Media Viewer
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
Mobogenie
Mozilla Firefox 27.0.1 (x86 en-US)
Mozilla Firefox Packages
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 7 Ultra Edition
neroxml
Ominent toolbar  
Optimizer Pro v3.2
PhotoShowExpress
PPTCheucker
Quickset64
QuickTime
RBVirtualFolder64Inst
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek USB 2.0 Card Reader
RealUpgrade 1.1
Registry Dr
Roxio Activation Module
Roxio BackOnTrack
Roxio Burn
Roxio Creator Starter
Roxio Express Labeler 3
Roxio File Backup
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2898855v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2837615) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition 
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition 
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 
Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition 
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition 
Security Update for Microsoft Office Word 2007 (KB2837617) 32-Bit Edition 
Shopping Sidekick
Skype Toolbars
Skype™ 5.10
Snap.Do
Snap.Do Engine
Software Version Updater
Sonic CinePlayer Decoder Pack
Swift Browse 1.0.0
Synaptics Pointing Device Driver
Tetris
The KMPlayer (remove only)
topbuyer
tOpdeal
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
ValueApps
Wajam
WIDCOMM Bluetooth Software
WildTangent Games
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth  (03/24/2010 6.3.0.2501)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
YAC
.
==== Event Viewer Messages From Past Week ========
.
26/02/2014 19:44:16, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
26/02/2014 19:40:27, Error: Service Control Manager [7043]  - The Windows Update service did not shut down properly after receiving a preshutdown control.
20/02/2014 20:47:30, Error: Microsoft-Windows-WLAN-AutoConfig [10003]  - WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll
.
==== End Of File ===========================
 
RogueKiller log:
 
RogueKiller V8.8.9 [Feb 24 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Saira [Admin rights]
Mode : Scan -- Date : 02/26/2014 19:53:44
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 1 ¤¤¤
[sUSP PATH] Bubble Dock.exe -- C:\Users\Saira\AppData\Roaming\Nosibay\Bubble Dock\Bubble Dock.exe [7] -> KILLED [TermProc]
 
¤¤¤ Registry Entries : 5 ¤¤¤
[DNS][PUM] HKLM\[...]\CCSet\[...]\{BAFB1BF0-63A1-4173-A7EA-40666FC523A5} : NameServer (0.0.0.0 [(Private Address) (XX)]) -> FOUND
[DNS][PUM] HKLM\[...]\CS001\[...]\{BAFB1BF0-63A1-4173-A7EA-40666FC523A5} : NameServer (0.0.0.0 [(Private Address) (XX)]) -> FOUND
[DNS][PUM] HKLM\[...]\CS002\[...]\{BAFB1BF0-63A1-4173-A7EA-40666FC523A5} : NameServer (0.0.0.0 [(Private Address) (XX)]) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
 
¤¤¤ Scheduled tasks : 10 ¤¤¤
[V2][sUSP PATH] Hoolapp For Android : C:\Users\Saira\AppData\Roaming\HOOLAP~1\UPDATE~1\UPDATE~1.EXE - /Check [x] -> FOUND
[V2][sUSP PATH] Hoolapp Init : C:\Users\Saira\AppData\Roaming\HOOLAP~1\Hoolapp.exe - /Minimized [x] -> FOUND
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Browser Addons : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9500325AS +++++
--- User ---
[MBR] f684335170754dc0c9ca3f01ee5526b8
[bSP] 195b22b5b29f25123f9b824ab5ab5b1b : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30926848 | Size: 461838 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[0]_S_02262014_195344.txt >>
 
 
 
Hope to hear from you soon.
Many thanks
Sapna :)
Link to post
Share on other sites

Make sure you have created a system restore point as mentioned in my initial reply to you.

Uninstall all of these from your add/remove programs if possible:

Bubble Dock (remove only)
Delta Chrome Toolbar
Delta toolbar
dealppeak
DealsCompare
DP1815
IB Updater 2.0.0.574
IB Updater Service
Mobogenie
Optimizer Pro v3.2
Ominent toolbar
Feven 1.7
Snap.Do
Snap.Do Engine
Wajam


Then.............

Lets clean out any adware/spyware now: (this will require a reboot so save all your work)

Please download AdwCleaner from HERE or HERE to your desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

Last..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

  • 2 weeks later...
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.