Jump to content


Photo

my browser is being hijacked

hijack

  • This topic is locked This topic is locked
83 replies to this topic

#1 mizsam

mizsam

    Member

  • Members
  • 61 posts

Posted 10 November 2012 - 11:34 PM

i am running windows 7 and i use ie and google as my browsers. i think my browsers have been hijacked. i noticed that when i tried to go to ebay.com and sign in to my account i was unable to sign in and my browser was redirected to domainsa.com and i immediately started to get different advertisements. i have run mulwarebytes, iobit malware, avast anti-virus, super anti spyware and ibot search and destroy and during the scans a couple of trojans were found. i quaranteed them. i have uninstalled and reinstalled google chrome and i am still having the same issue. please help. i don't know what to do to fix this.

#2 Jacee

Jacee

    Madam Admin <aka> Maude

  • Admins
  • 27,826 posts
  • Gender:Female


Posted 11 November 2012 - 12:42 AM

Let's see if AdwCleaner works first to clean up the redirection:

Download AdWareCleaner http://www.bleepingc...oad/adwcleaner/ to your desktop
1.Right-click on adwcleaner.exe and select Run As Administrator to launch the application.
2.Click on Delete button.
3.Confirm each time with OK.
4.Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.
Note: You can find the logfile at C:AdwCleaner[Sn].txt as well - n is the order number.
Posted Image

MS - MVP Consumer Security 2006 thru 2014


#3 mizsam

mizsam

    Member

  • Members
  • 61 posts

Posted 11 November 2012 - 07:09 AM

http://forums.pcpits...eing-hijacked/# AdwCleaner v2.007 - Logfile created 11/11/2012 at 06:59:50
# Updated 06/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Lynda - LYNDA-HP
# Boot Mode : Normal
# Running from : C:\Users\Lynda\Downloads\AdwCleaner.exe
# Option [Search]


***** [Services] *****

Found : DefaultTabSearch
Found : DefaultTabUpdate

***** [Files / Folders] *****

File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Found : C:\Users\Public\Desktop\eBay.lnk
File Found : C:\Windows\SysWOW64\conduitEngine.tmp
Folder Found : C:\Program Files (x86)\Application Updater
Folder Found : C:\Program Files (x86)\Common Files\spigot
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\ConduitEngine
Folder Found : C:\Program Files (x86)\DefaultTab
Folder Found : C:\Program Files (x86)\GamesBar
Folder Found : C:\Program Files (x86)\IObitCom
Folder Found : C:\Program Files (x86)\Productivity_2.1
Folder Found : C:\Program Files (x86)\Yontoo
Folder Found : C:\ProgramData\blekko toolbars
Folder Found : C:\ProgramData\GamesBar
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamesBar
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\ProgramData\WeCareReminder
Folder Found : C:\Users\Lynda\AppData\Local\Conduit
Folder Found : C:\Users\Lynda\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Folder Found : C:\Users\Lynda\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
Folder Found : C:\Users\Lynda\AppData\LocalLow\Conduit
Folder Found : C:\Users\Lynda\AppData\LocalLow\ConduitEngine
Folder Found : C:\Users\Lynda\AppData\LocalLow\IObitCom
Folder Found : C:\Users\Lynda\AppData\LocalLow\PriceGong
Folder Found : C:\Users\Lynda\AppData\LocalLow\Productivity_2.1
Folder Found : C:\Users\Lynda\AppData\Roaming\DefaultTab

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\conduitEngine
Key Found : HKCU\Software\AppDataLow\Software\conduitEngine
Key Found : HKCU\Software\AppDataLow\Software\DefaultTab
Key Found : HKCU\Software\AppDataLow\Software\IObitCom
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\Productivity_2.1
Key Found : HKCU\Software\AppDataLow\Software\Search Settings
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\DealRunner
Key Found : HKCU\Software\Default Tab
Key Found : HKCU\Software\DefaultTab
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31C7D459-9CC3-44F2-9DCA-FC11795309B4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C44F9E21-D93F-490C-B41C-B3548BDD19FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0C36DAE6-46A0-4EB6-AF55-E66E14285791}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{17F772BA-A100-4F3D-8E73-47D1B5DA4B93}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31C7D459-9CC3-44F2-9DCA-FC11795309B4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C44F9E21-D93F-490C-B41C-B3548BDD19FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKCU\Software\wecarereminder
Key Found : HKCU\Software\Zugo
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\Software\Application Updater
Key Found : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Found : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Key Found : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Found : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder
Key Found : HKLM\SOFTWARE\Classes\Toolbar.BandObject
Key Found : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2384137
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2903600
Key Found : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
Key Found : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\conduitEngine
Key Found : HKLM\Software\conduitEngine
Key Found : HKLM\Software\Default Tab
Key Found : HKLM\Software\DefaultTab
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\Software\IObitCom
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0C36DAE6-46A0-4EB6-AF55-E66E14285791}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{17F772BA-A100-4F3D-8E73-47D1B5DA4B93}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\Software\Productivity_2.1
Key Found : HKLM\Software\Search Settings
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0C36DAE6-46A0-4EB6-AF55-E66E14285791}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{17F772BA-A100-4F3D-8E73-47D1B5DA4B93}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{31C7D459-9CC3-44F2-9DCA-FC11795309B4}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C44F9E21-D93F-490C-B41C-B3548BDD19FC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8DAC9A43-5E44-423F-A6BF-40E31AA842AE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CB47A994-096F-485A-A735-586D2A1E8CAE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DC8680AA-35C2-4C67-BD6C-6117C0BF4393}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0F629A7-B31C-482B-8035-BA01E5BFFDAC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE42BF92-8AA9-4719-9F59-E503F29FCC14}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31C7D459-9CC3-44F2-9DCA-FC11795309B4}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C44F9E21-D93F-490C-B41C-B3548BDD19FC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6EFDBA50-4ABE-4194-86F7-F3BD0A011F5B}_is1
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab Chrome
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IObitCom Toolbar
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Productivity_2.1 Toolbar
Key Found : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Found : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKLM\SOFTWARE\Tarma Installer
Key Found : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKU\S-1-5-21-1895111836-1248595627-1161135978-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKU\S-1-5-21-1895111836-1248595627-1161135978-1001\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKU\S-1-5-21-1895111836-1248595627-1161135978-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{31C7D459-9CC3-44F2-9DCA-FC11795309B4}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C44F9E21-D93F-490C-B41C-B3548BDD19FC}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{31C7D459-9CC3-44F2-9DCA-FC11795309B4}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{C44F9E21-D93F-490C-B41C-B3548BDD19FC}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{31C7D459-9CC3-44F2-9DCA-FC11795309B4}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{C44F9E21-D93F-490C-B41C-B3548BDD19FC}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Lynda\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [13531 octets] - [11/11/2012 06:59:50]

########## EOF - C:\AdwCleaner[R1].txt - [13592 octets] ##########



http://forums.pcpits...being-hijacked/ Results of screen317's Security Check version 0.99.54
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Ad-Aware
I SPY Treasure Hunt
I SPY Mystery
Malwarebytes Anti-Malware version 1.65.0.1400
Auslogics Registry Cleaner
Java™ 6 Update 22
Java™ 6 Update 37
Java version out of Date!
Adobe Reader X (10.1.4)
Google Chrome 23.0.1271.64
````````Process Check: objlist.exe by Laurent````````
Ad-Aware AAWService.exe is disabled!
Ad-Aware AAWTray.exe is disabled!
Alwil Software Avast5 AvastSvc.exe
Alwil Software Avast5 AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 4%
````````````````````End of Log``````````````````````

#4 mizsam

mizsam

    Member

  • Members
  • 61 posts

Posted 11 November 2012 - 07:09 AM

http://forums.pcpits...eing-hijacked/# AdwCleaner v2.007 - Logfile created 11/11/2012 at 06:59:50
# Updated 06/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Lynda - LYNDA-HP
# Boot Mode : Normal
# Running from : C:\Users\Lynda\Downloads\AdwCleaner.exe
# Option [Search]


***** [Services] *****

Found : DefaultTabSearch
Found : DefaultTabUpdate

***** [Files / Folders] *****

File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Found : C:\Users\Public\Desktop\eBay.lnk
File Found : C:\Windows\SysWOW64\conduitEngine.tmp
Folder Found : C:\Program Files (x86)\Application Updater
Folder Found : C:\Program Files (x86)\Common Files\spigot
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\ConduitEngine
Folder Found : C:\Program Files (x86)\DefaultTab
Folder Found : C:\Program Files (x86)\GamesBar
Folder Found : C:\Program Files (x86)\IObitCom
Folder Found : C:\Program Files (x86)\Productivity_2.1
Folder Found : C:\Program Files (x86)\Yontoo
Folder Found : C:\ProgramData\blekko toolbars
Folder Found : C:\ProgramData\GamesBar
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamesBar
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\ProgramData\WeCareReminder
Folder Found : C:\Users\Lynda\AppData\Local\Conduit
Folder Found : C:\Users\Lynda\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Folder Found : C:\Users\Lynda\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
Folder Found : C:\Users\Lynda\AppData\LocalLow\Conduit
Folder Found : C:\Users\Lynda\AppData\LocalLow\ConduitEngine
Folder Found : C:\Users\Lynda\AppData\LocalLow\IObitCom
Folder Found : C:\Users\Lynda\AppData\LocalLow\PriceGong
Folder Found : C:\Users\Lynda\AppData\LocalLow\Productivity_2.1
Folder Found : C:\Users\Lynda\AppData\Roaming\DefaultTab

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\conduitEngine
Key Found : HKCU\Software\AppDataLow\Software\conduitEngine
Key Found : HKCU\Software\AppDataLow\Software\DefaultTab
Key Found : HKCU\Software\AppDataLow\Software\IObitCom
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\Productivity_2.1
Key Found : HKCU\Software\AppDataLow\Software\Search Settings
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\DealRunner
Key Found : HKCU\Software\Default Tab
Key Found : HKCU\Software\DefaultTab
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31C7D459-9CC3-44F2-9DCA-FC11795309B4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C44F9E21-D93F-490C-B41C-B3548BDD19FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0C36DAE6-46A0-4EB6-AF55-E66E14285791}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{17F772BA-A100-4F3D-8E73-47D1B5DA4B93}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31C7D459-9CC3-44F2-9DCA-FC11795309B4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C44F9E21-D93F-490C-B41C-B3548BDD19FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKCU\Software\wecarereminder
Key Found : HKCU\Software\Zugo
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\Software\Application Updater
Key Found : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Found : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Key Found : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Found : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder
Key Found : HKLM\SOFTWARE\Classes\Toolbar.BandObject
Key Found : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2384137
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2903600
Key Found : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
Key Found : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\conduitEngine
Key Found : HKLM\Software\conduitEngine
Key Found : HKLM\Software\Default Tab
Key Found : HKLM\Software\DefaultTab
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\Software\IObitCom
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0C36DAE6-46A0-4EB6-AF55-E66E14285791}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{17F772BA-A100-4F3D-8E73-47D1B5DA4B93}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\Software\Productivity_2.1
Key Found : HKLM\Software\Search Settings
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0C36DAE6-46A0-4EB6-AF55-E66E14285791}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{17F772BA-A100-4F3D-8E73-47D1B5DA4B93}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{31C7D459-9CC3-44F2-9DCA-FC11795309B4}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C44F9E21-D93F-490C-B41C-B3548BDD19FC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8DAC9A43-5E44-423F-A6BF-40E31AA842AE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CB47A994-096F-485A-A735-586D2A1E8CAE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DC8680AA-35C2-4C67-BD6C-6117C0BF4393}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0F629A7-B31C-482B-8035-BA01E5BFFDAC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE42BF92-8AA9-4719-9F59-E503F29FCC14}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31C7D459-9CC3-44F2-9DCA-FC11795309B4}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C44F9E21-D93F-490C-B41C-B3548BDD19FC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6EFDBA50-4ABE-4194-86F7-F3BD0A011F5B}_is1
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab Chrome
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IObitCom Toolbar
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Productivity_2.1 Toolbar
Key Found : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Found : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKLM\SOFTWARE\Tarma Installer
Key Found : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKU\S-1-5-21-1895111836-1248595627-1161135978-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKU\S-1-5-21-1895111836-1248595627-1161135978-1001\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKU\S-1-5-21-1895111836-1248595627-1161135978-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{31C7D459-9CC3-44F2-9DCA-FC11795309B4}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C44F9E21-D93F-490C-B41C-B3548BDD19FC}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{31C7D459-9CC3-44F2-9DCA-FC11795309B4}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{C44F9E21-D93F-490C-B41C-B3548BDD19FC}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{31C7D459-9CC3-44F2-9DCA-FC11795309B4}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{C44F9E21-D93F-490C-B41C-B3548BDD19FC}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Lynda\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [13531 octets] - [11/11/2012 06:59:50]

########## EOF - C:\AdwCleaner[R1].txt - [13592 octets] ##########



http://forums.pcpits...being-hijacked/ Results of screen317's Security Check version 0.99.54
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Ad-Aware
I SPY Treasure Hunt
I SPY Mystery
Malwarebytes Anti-Malware version 1.65.0.1400
Auslogics Registry Cleaner
Java™ 6 Update 22
Java™ 6 Update 37
Java version out of Date!
Adobe Reader X (10.1.4)
Google Chrome 23.0.1271.64
````````Process Check: objlist.exe by Laurent````````
Ad-Aware AAWService.exe is disabled!
Ad-Aware AAWTray.exe is disabled!
Alwil Software Avast5 AvastSvc.exe
Alwil Software Avast5 AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 4%
````````````````````End of Log``````````````````````

#5 Jacee

Jacee

    Madam Admin <aka> Maude

  • Admins
  • 27,826 posts
  • Gender:Female


Posted 11 November 2012 - 11:37 AM

Please follow these two steps when you start AdwCleaner
2.Click on Delete button.
3.Confirm each time with OK.

MS - MVP Consumer Security 2006 thru 2014


#6 mizsam

mizsam

    Member

  • Members
  • 61 posts

Posted 11 November 2012 - 05:25 PM

# AdwCleaner v2.007 - Logfile created 11/11/2012 at 13:05:02 # Updated 06/11/2012 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Lynda - LYNDA-HP # Boot Mode : Normal # Running from : C:UsersLyndaDownloadsAdwCleaner (1).exe # Option [Delete] ***** [Services] ***** Stopped & Deleted : DefaultTabSearch Stopped & Deleted : DefaultTabUpdate ***** [Files / Folders] ***** File Deleted : C:ProgramDataMicrosoftWindowsStart MenuProgramseBay.lnk File Deleted : C:UsersPublicDesktopeBay.lnk File Deleted : C:WindowsSysWOW64conduitEngine.tmp Folder Deleted : C:Program Files (x86)Application Updater Folder Deleted : C:Program Files (x86)Common Filesspigot Folder Deleted : C:Program Files (x86)Conduit Folder Deleted : C:Program Files (x86)ConduitEngine Folder Deleted : C:Program Files (x86)DefaultTab Folder Deleted : C:Program Files (x86)GamesBar Folder Deleted : C:Program Files (x86)IObitCom Folder Deleted : C:Program Files (x86)Productivity_2.1 Folder Deleted : C:Program Files (x86)Yontoo Folder Deleted : C:ProgramDatablekko toolbars Folder Deleted : C:ProgramDataGamesBar Folder Deleted : C:ProgramDataMicrosoftWindowsStart MenuProgramsGamesBar Folder Deleted : C:ProgramDataTarma Installer Folder Deleted : C:ProgramDataWeCareReminder Folder Deleted : C:UsersLyndaAppDataLocalConduit Folder Deleted : C:UsersLyndaAppDataLocalGoogleChromeUser DataDefaultExtensionskdidombaedgpfiiedeimiebkmbilgmlc Folder Deleted : C:UsersLyndaAppDataLocalGoogleChromeUser DataDefaultExtensionsniapdbllcanepiiimjjndipklodoedlc Folder Deleted : C:UsersLyndaAppDataLocalLowConduit Folder Deleted : C:UsersLyndaAppDataLocalLowConduitEngine Folder Deleted : C:UsersLyndaAppDataLocalLowIObitCom Folder Deleted : C:UsersLyndaAppDataLocalLowPriceGong Folder Deleted : C:UsersLyndaAppDataLocalLowProductivity_2.1 Folder Deleted : C:UsersLyndaAppDataRoamingDefaultTab ***** [Registry] ***** Key Deleted : HKCUSoftwareAppDataLowSoftwareConduit Key Deleted : HKCUSoftwareAppDataLowSoftwareconduitEngine Key Deleted : HKCUSoftwareAppDataLowSoftwareDefaultTab Key Deleted : HKCUSoftwareAppDataLowSoftwareIObitCom Key Deleted : HKCUSoftwareAppDataLowSoftwarePriceGong Key Deleted : HKCUSoftwareAppDataLowSoftwareProductivity_2.1 Key Deleted : HKCUSoftwareAppDataLowSoftwareSearch Settings Key Deleted : HKCUSoftwareAppDataLowToolbar Key Deleted : HKCUSoftwareConduit Key Deleted : HKCUSoftwareDealRunner Key Deleted : HKCUSoftwareDefault Tab Key Deleted : HKCUSoftwareDefaultTab Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{31C7D459-9CC3-44F2-9DCA-FC11795309B4} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{6F282B65-56BF-4BD1-A8B2-A4449A05863D} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{C44F9E21-D93F-490C-B41C-B3548BDD19FC} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{0C36DAE6-46A0-4EB6-AF55-E66E14285791} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{17F772BA-A100-4F3D-8E73-47D1B5DA4B93} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{31C7D459-9CC3-44F2-9DCA-FC11795309B4} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{98279C38-DE4B-4BCF-93C9-8EC26069D6F4} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{C44F9E21-D93F-490C-B41C-B3548BDD19FC} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} Key Deleted : HKCUSoftwarewecarereminder Key Deleted : HKCUSoftwareZugo Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKLMSoftwareApplication Updater Key Deleted : HKLMSOFTWAREClassesAppID{4FBBF769-ECEB-420A-B536-133B1D505C36} Key Deleted : HKLMSOFTWAREClassesAppID{562B9316-C08A-444A-9482-62080DD851AE} Key Deleted : HKLMSOFTWAREClassesAppID{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169} Key Deleted : HKLMSOFTWAREClassesAppID{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Key Deleted : HKLMSOFTWAREClassesAppIDIEHelperv2.5.0.DLL Key Deleted : HKLMSOFTWAREClassesAppIDToolbar.DLL Key Deleted : HKLMSOFTWAREClassesAppIDYontooIEClient.DLL Key Deleted : HKLMSOFTWAREClassesConduit.Engine Key Deleted : HKLMSOFTWAREClassesIEHelperv250.WeCareReminder Key Deleted : HKLMSOFTWAREClassesToolbar.BandObject Key Deleted : HKLMSOFTWAREClassesToolbar.BandObject.1 Key Deleted : HKLMSOFTWAREClassesToolbar.CT2384137 Key Deleted : HKLMSOFTWAREClassesToolbar.CT2903600 Key Deleted : HKLMSOFTWAREClassesToolbar.ToolbarHelperObject Key Deleted : HKLMSOFTWAREClassesToolbar.ToolbarHelperObject.1 Key Deleted : HKLMSOFTWAREClassesTypeLib{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A} Key Deleted : HKLMSOFTWAREClassesTypeLib{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE} Key Deleted : HKLMSoftwareConduit Key Deleted : HKLMSoftwareconduitEngine Key Deleted : HKLMSoftwareDefault Tab Key Deleted : HKLMSoftwareDefaultTab Key Deleted : HKLMSoftwareFreeze.com Key Deleted : HKLMSoftwareIObitCom Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{0C36DAE6-46A0-4EB6-AF55-E66E14285791} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{17F772BA-A100-4F3D-8E73-47D1B5DA4B93} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKLMSoftwareProductivity_2.1 Key Deleted : HKLMSoftwareSearch Settings Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{0C36DAE6-46A0-4EB6-AF55-E66E14285791} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{17F772BA-A100-4F3D-8E73-47D1B5DA4B93} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{31C7D459-9CC3-44F2-9DCA-FC11795309B4} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{98279C38-DE4B-4BCF-93C9-8EC26069D6F4} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{99066096-8989-4612-841F-621A01D54AD7} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{C44F9E21-D93F-490C-B41C-B3548BDD19FC} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{F773BB94-6C19-4643-A570-0E429103D1C3} Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{FE9271F2-6EFD-44B0-A826-84C829536E93} Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{F773BB94-6C19-4643-A570-0E429103D1C3} Key Deleted : HKLMSOFTWAREWow6432NodeGoogleChromeExtensionskdidombaedgpfiiedeimiebkmbilgmlc Key Deleted : HKLMSOFTWAREWow6432NodeGoogleChromeExtensionsniapdbllcanepiiimjjndipklodoedlc Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{8DAC9A43-5E44-423F-A6BF-40E31AA842AE} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{CB47A994-096F-485A-A735-586D2A1E8CAE} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{DC8680AA-35C2-4C67-BD6C-6117C0BF4393} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{E0F629A7-B31C-482B-8035-BA01E5BFFDAC} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{FE42BF92-8AA9-4719-9F59-E503F29FCC14} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerSearchScopes{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerSearchScopes{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{31C7D459-9CC3-44F2-9DCA-FC11795309B4} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{C44F9E21-D93F-490C-B41C-B3548BDD19FC} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstall{6EFDBA50-4ABE-4194-86F7-F3BD0A011F5B}_is1 Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallConduit Engine Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallconduitEngine Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallDefaultTab Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallDefaultTab Chrome Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallIObitCom Toolbar Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallProductivity_2.1 Toolbar Key Deleted : HKLMSOFTWAREClassesInterface{1C888195-0160-4883-91B7-294C0CE2F277} Key Deleted : HKLMSOFTWAREClassesInterface{99ACA0F7-D864-45CB-8C40-FD42A077E7CA} Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Key Deleted : HKLMSOFTWARETarma Installer Key Deleted : HKU.DEFAULTSoftwareMicrosoftInternet ExplorerSearchScopes{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} Value Deleted : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}] Value Deleted : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{31C7D459-9CC3-44F2-9DCA-FC11795309B4}] Value Deleted : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}] Value Deleted : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{C44F9E21-D93F-490C-B41C-B3548BDD19FC}] Value Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerURLSearchHooks [{31C7D459-9CC3-44F2-9DCA-FC11795309B4}] Value Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerURLSearchHooks [{C44F9E21-D93F-490C-B41C-B3548BDD19FC}] Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}] Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{31C7D459-9CC3-44F2-9DCA-FC11795309B4}] Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}] Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{C44F9E21-D93F-490C-B41C-B3548BDD19FC}] ***** [Internet Browsers] ***** - Internet Explorer v8.0.7601.17514 [OK] Registry is clean. - Google Chrome v [Unable to get version] File : C:UsersLyndaAppDataLocalGoogleChromeUser DataDefaultPreferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [13646 octets] - [11/11/2012 06:59:50] AdwCleaner[S1].txt - [12429 octets] - [11/11/2012 13:05:02] ########## EOF - C:AdwCleaner[S1].txt - [12490 octets] ##########

#7 Jacee

Jacee

    Madam Admin <aka> Maude

  • Admins
  • 27,826 posts
  • Gender:Female


Posted 11 November 2012 - 06:19 PM

Let's update Java, yours is outdated ....

Update Java:
  • Download the latest version of Java Runtime Environment (JRE) 7u9.
    http://www.oracle.co...oads/index.html
  • Scroll over to the right (JRE)
  • Click the "Download" button to the right.
  • Check the box that says: "Accept License Agreement".
  • The page will refresh.
  • Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Programs and Features programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u9-windows-i586-p.exe to install the newest version.
****Make sure to unckeck any tool bars or additional add-ons, if already checked!!

After doing the above, tell me how your computer is running now.

MS - MVP Consumer Security 2006 thru 2014


#8 mizsam

mizsam

    Member

  • Members
  • 61 posts

Posted 11 November 2012 - 08:36 PM

i downloaded the latest java i removed the older version then tried to sign into ebay and i still had the old problem with the ads popping up and unable to sign into my account. the background on my desktop keeps changing pics every few minutes.

#9 Jacee

Jacee

    Madam Admin <aka> Maude

  • Admins
  • 27,826 posts
  • Gender:Female


Posted 11 November 2012 - 10:28 PM

Okay, download TFC by Old Timer http://www.geekstogo...er-file187.html and save it to your desktop.

Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it. If you are using Vista/Windows 7 right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.

Next, download http://www.ie7pro.com/ ... be very careful once again to uncheck and not include any bundled add-ons with this program!!

Once done, please download DDS from one of these links:
DDS.com
DDS.pif
  • Disable any script blocking protection
  • Double click the dds icon to run the tool.
  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt <--- will be minimized in the task tray
  • Save both reports to your desktop.
Include the contents of both logs in your next post.
The scan will instruct you to post Attach.txt as an attachment.
No need for that though ..... just post it's contents as you would any other log.

MS - MVP Consumer Security 2006 thru 2014


#10 mizsam

mizsam

    Member

  • Members
  • 61 posts

Posted 11 November 2012 - 11:56 PM

I am over at a friends house at this moment, I downloaded the TFC as you told me to do, the program stopped responding, I lost all of my desktop icons and the icons near the clock, I am unable to shut down my computer and I am left with a very huge background picture of a boardwalk. Should I manually reboot and try the downlad again? Thank you.

#11 mizsam

mizsam

    Member

  • Members
  • 61 posts

Posted 12 November 2012 - 04:01 AM

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-07.01)
.
Microsoft Windows 7 Home Premium
Boot Device: DeviceHarddiskVolume1
Install Date: 1/15/2011 4:39:34 AM
System Uptime: 11/12/2012 1:05:05 AM (0 hours ago)
.
Motherboard: FOXCONN | | 2AB7
Processor: AMD Athlon™ II 170u Processor | CPU 1 | 2000/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 454 GiB total, 414.103 GiB free.
D: is FIXED (NTFS) - 12 GiB total, 1.45 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: SBRE
Device ID: ROOTLEGACY_SBRE0000
Manufacturer:
Name: SBRE
PNP Device ID: ROOTLEGACY_SBRE0000
Service: SBRE
.
==== System Restore Points ===================
.
RP248: 10/16/2012 4:59:03 PM - Windows Update
RP249: 10/18/2012 6:10:34 PM - Installed Java™ 6 Update 37
RP250: 10/24/2012 8:20:37 PM - Windows Update
RP251: 10/30/2012 4:26:39 PM - Windows Update
RP252: 11/2/2012 6:15:19 PM - Windows Update
RP253: 11/5/2012 4:25:49 PM - HPSF Restore Point
RP254: 11/5/2012 5:52:25 PM - HPSF Restore Point
RP255: 11/6/2012 10:07:24 AM - Windows Update
RP256: 11/8/2012 2:37:55 PM - Removed IObit Toolbar v4.7.
RP257: 11/8/2012 4:08:17 PM - Restore Operation
RP258: 11/8/2012 4:18:00 PM - Windows Update
RP259: 11/11/2012 8:05:59 PM - Removed Java™ 6 Update 22
RP260: 11/11/2012 8:07:35 PM - Removed Java™ 6 Update 37
RP261: 11/11/2012 8:21:39 PM - Installed Java 7 Update 9
.
==== Installed Programs ======================
.
123 Free Solitaire 2009 v7.2
Ad-Aware Security Add-on
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.4)
Advanced SystemCare 4
ArcSoft Panorama Maker 5
ASPCA Tri Reminder by We-Care.com
ATI Catalyst Install Manager
Auslogics Registry Cleaner
avast! Free Antivirus
Babylon toolbar
Bejeweled 3
Bing Bar
Bing Rewards Client Installer
Blio
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Clip Art Collection
Compaq Setup Manager
Coupon Printer for Windows
CyberLink DVD Suite Deluxe
D3DX10
Express Burn
EZ Cards Creator
Farm Frenzy
FATE
File Uploader
Final Drive Nitro
GamesBar 2.0.1.73
Google Chrome
Google Update Helper
Heroes of Hellas 2 - Olympia
Hewlett-Packard ACLM.NET v1.1.2.0
HP Auto
HP Client Services
HP Customer Experience Enhancements
HP Games
HP MovieStore
HP Odometer
HP Product Detection
HP Setup
HP Support Assistant
HP Support Information
HP Update
HP Vision Hardware Diagnostics
I SPY Mystery
I SPY Spooky Mansion
I SPY Treasure Hunt
IE7Pro
IObit Malware Fighter
IObit Toolbar v4.7
Java 7 Update 9
Java Auto Updater
Jewel Keepers: Easter Island
Jewel Quest Solitaire 2
Junk Mail filter update
Kobo
LabelPrint
LightScribe System Software
Malwarebytes Anti-Malware version 1.65.0.1400
McAfee Security Scan Plus
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft WSE 3.0 Runtime
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mystery P.I. - The London Caper
Nikon Message Center
Nikon Transfer
OpenOffice.org 3.3
ParetoLogic Data Recovery
PC Optimizer Pro
PDF Complete Special Edition
Penguins!
PhotoNow!
PhotoPad Image Editor
Picture Control Utility
PictureMover
Pixillion Image Converter
Plants vs. Zombies
PlayReady PC Runtime amd64
PlayReady PC Runtime x86
Poker Superstars III
Polar Bowler
Polar Golfer
Power2Go
PowerDirector
PressReader
ProgSense
Protected Folder
QuickTime
Realtek High Definition Audio Driver
Recovery Manager
RoxioNow Player
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
ShopAtHome.com Toolbar
SLOW-PCfighter
Smile Desktop version 1.0.8.286
Strongvault Online Backup
SUPERAntiSpyware
Swiki version 1.0
Swiki_IE
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update Installer for WildTangent Games App
ViewNX
Virtual Families
Virtual Villagers 4 - The Tree of Life
WildTangent Games
WildTangent Games App
WildTangent Games App (HP Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinMaximizer 1.2.86
Zinio Reader 4
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
11/9/2012 1:10:33 AM, Error: Service Control Manager [7034] - The DefaultTabSearch service terminated unexpectedly. It has done this 1 time(s).
11/8/2012 4:19:35 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.139.1429.0).
11/8/2012 4:04:41 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running.
11/8/2012 4:04:11 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
11/8/2012 4:04:09 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-2147218173.
11/8/2012 3:35:48 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
11/8/2012 3:35:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
11/8/2012 3:35:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
11/8/2012 3:35:45 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
11/8/2012 3:35:45 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
11/8/2012 3:35:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/8/2012 3:35:37 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
11/8/2012 3:35:31 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswRdr aswSnx aswSP aswTdi DfsC discache NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL SBRE spldr tdx Wanarpv6 WfpLwf
11/8/2012 3:35:31 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
11/8/2012 3:35:31 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
11/8/2012 3:35:31 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
11/8/2012 3:35:31 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
11/8/2012 3:35:31 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.
11/8/2012 3:35:30 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
11/8/2012 3:35:30 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
11/8/2012 3:35:30 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
11/8/2012 3:35:30 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/8/2012 3:35:30 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
11/8/2012 2:53:20 PM, Error: Service Control Manager [7023] - The Windows Update service terminated with the following error: %%-2147467243
11/8/2012 2:53:19 PM, Error: Service Control Manager [7024] - The Background Intelligent Transfer Service service terminated with service-specific error %%-2147023781.
11/8/2012 2:53:19 PM, Error: Service Control Manager [7023] - The Server service terminated with the following error: The data is invalid.
11/8/2012 2:53:19 PM, Error: Microsoft-Windows-Bits-Client [16392] - The BITS service failed to start. Error 0x8007045B.
11/8/2012 2:53:18 PM, Error: Service Control Manager [7038] - The PolicyAgent service was unable to log on as NT AuthorityNetworkService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
11/8/2012 2:53:18 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
11/8/2012 2:53:18 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/8/2012 2:53:18 PM, Error: Service Control Manager [7000] - The Portable Device Enumerator Service service failed to start due to the following error: A system shutdown is in progress.
11/8/2012 2:53:18 PM, Error: Service Control Manager [7000] - The IPsec Policy Agent service failed to start due to the following error: The service did not start due to a logon failure.
11/8/2012 2:53:18 PM, Error: Service Control Manager [7000] - The Human Interface Device Access service failed to start due to the following error: A system shutdown is in progress.
11/8/2012 2:53:18 PM, Error: Service Control Manager [7000] - The Diagnostic System Host service failed to start due to the following error: A system shutdown is in progress.
11/8/2012 2:53:18 PM, Error: Service Control Manager [7000] - The Computer Browser service failed to start due to the following error: A system shutdown is in progress.
11/8/2012 2:53:18 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
11/8/2012 2:52:14 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
11/8/2012 2:52:14 PM, Error: Service Control Manager [7000] - The Spybot-S&D 2 Scanner Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/8/2012 11:08:43 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
11/12/2012 1:07:01 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SBRE
11/12/2012 1:05:45 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the IMF Service service to connect.
11/12/2012 1:05:45 AM, Error: Service Control Manager [7000] - The IMF Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/11/2012 7:59:42 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
11/11/2012 11:52:45 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the System Event Notification Service service to connect.
11/11/2012 11:52:45 PM, Error: Service Control Manager [7000] - The System Event Notification Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/11/2012 11:52:15 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Management Instrumentation service to connect.
11/11/2012 11:51:45 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Server service to connect.
11/11/2012 11:51:45 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
11/11/2012 11:51:45 PM, Error: Service Control Manager [7000] - The Server service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/11/2012 11:51:15 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Group Policy Client service to connect.
11/11/2012 11:51:15 PM, Error: Service Control Manager [7000] - The Group Policy Client service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/11/2012 11:50:45 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the IKE and AuthIP IPsec Keying Modules service to connect.
11/11/2012 11:50:45 PM, Error: Service Control Manager [7000] - The IKE and AuthIP IPsec Keying Modules service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/11/2012 11:50:15 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the User Profile Service service to connect.
11/11/2012 11:50:15 PM, Error: Service Control Manager [7000] - The User Profile Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/11/2012 11:49:45 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Task Scheduler service to connect.
11/11/2012 11:49:45 PM, Error: Service Control Manager [7000] - The Task Scheduler service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/11/2012 11:49:15 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Shell Hardware Detection service to connect.
11/11/2012 11:48:45 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Themes service to connect.
11/11/2012 11:48:45 PM, Error: Service Control Manager [7000] - The Themes service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/11/2012 11:48:15 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Update service to connect.
11/11/2012 11:48:15 PM, Error: Service Control Manager [7000] - The Windows Update service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/11/2012 11:47:45 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Application Experience service to connect.
11/11/2012 11:47:45 PM, Error: Service Control Manager [7000] - The Application Experience service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/11/2012 11:47:15 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Background Intelligent Transfer Service service to connect.
11/11/2012 11:47:15 PM, Error: Service Control Manager [7000] - The Background Intelligent Transfer Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/11/2012 11:45:15 PM, Error: Service Control Manager [7034] - The Application Information service terminated unexpectedly. It has done this 1 time(s).
11/11/2012 11:45:15 PM, Error: Service Control Manager [7031] - The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/11/2012 11:45:15 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/11/2012 11:45:15 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/11/2012 11:45:15 PM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/11/2012 11:45:15 PM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/11/2012 11:45:15 PM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/11/2012 11:45:15 PM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/11/2012 11:45:15 PM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/11/2012 11:45:15 PM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/11/2012 11:45:15 PM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/11/2012 11:45:15 PM, Error: Service Control Manager [7031] - The Computer Browser service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/11/2012 11:45:15 PM, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/11/2012 11:45:15 PM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/11/2012 11:03:16 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
11/11/2012 11:00:34 PM, Error: Service Control Manager [7022] - The Windows Defender service hung on starting.
11/11/2012 10:57:58 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.
11/11/2012 10:57:58 PM, Error: Service Control Manager [7000] - The Software Protection service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/11/2012 10:57:27 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Support Assistant Service service to connect.
11/11/2012 10:57:27 PM, Error: Service Control Manager [7000] - The HP Support Assistant Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
DDS (Ver_2012-11-07.01) - NTFS_AMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.9.2
Run by Lynda at 1:33:17 on 2012-11-12
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1791.629 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
.
============== Running Processes ===============
.
C:Windowssystem32lsm.exe
C:Windowssystem32svchost.exe -k DcomLaunch
C:Windowssystem32svchost.exe -k RPCSS
C:Windowssystem32atiesrxx.exe
C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted
C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted
C:Windowssystem32svchost.exe -k netsvcs
C:Windowssystem32svchost.exe -k LocalService
C:Windowssystem32svchost.exe -k NetworkService
C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
C:Windowssystem32atieclxx.exe
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:WindowsSystem32spoolsv.exe
C:Windowssystem32taskhost.exe
C:Windowssystem32svchost.exe -k LocalServiceNoNetwork
C:Program FilesSUPERAntiSpywareSASCORE64.EXE
C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACService.exe
C:Program Files (x86)Hewlett-PackardHP Odometerhpsysdrv.exe
C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
C:Program Files (x86)IObitAdvanced SystemCare 4ASCTray.exe
C:Program Files (x86)IObitAdvanced SystemCare 4ASCService.exe
C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe
C:Program Files (x86)McAfee Security Scan2.1.121SSScheduler.exe
C:Windowssystem32taskeng.exe
C:Program Files (x86)IObitAdvanced SystemCare 4PMonitor.exe
C:Program Files (x86)OpenOffice.org 3programsoffice.exe
C:Program Files (x86)WebshotsSmile DesktopSmile.exe
C:Program Files (x86)OpenOffice.org 3programsoffice.bin
C:Program Files (x86)HpHP Software Updatehpwuschd2.exe
C:Program FilesAlwil SoftwareAvast5AvastUI.exe
C:ProgramDataAd-Aware Browsing Protectionadawarebp.exe
C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACDaemon.exe
C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation
C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe
C:Program Files (x86)Common FilesJavaJava Updatejusched.exe
C:Program Files (x86)Common FilesArcSoftConnection ServiceBinArcCon.ac
C:Program Files (x86)Hewlett-PackardSharedHPDrvMntSvc.exe
c:Program Files (x86)Common FilesLightScribeLSSrvc.exe
C:Program Files (x86)PDF Completepdfsvc.exe
C:Program Files (x86)RoxioRoxioNow PlayerRNowSvc.exe
C:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exe
C:Windowssystem32svchost.exe -k imgsvc
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE
C:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exe
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe
C:Program Files (x86)Common FilesMicrosoft SharedVirtualization HandlerCVHSVC.EXE
c:Program Files (x86)ATI TechnologiesATI.ACECore-StaticMOM.exe
C:Windowssystem32SearchIndexer.exe
C:Windowssystem32svchost.exe -k NetworkServiceNetworkRestricted
C:Program FilesWindows Media Playerwmpnetwk.exe
C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCCC.exe
C:WindowsSystem32svchost.exe -k LocalServicePeerNet
C:Program FilesInternet Exploreriexplore.exe
C:Windowssystem32MacromedFlashFlashUtil64_11_5_502_110_ActiveX.exe
C:Program Files (x86)Hewlett-PackardHP Support Frameworkhpsa_service.exe
C:WindowsSystem32svchost.exe -k secsvcs
C:Program FilesInternet Exploreriexplore.exe
C:Windowssystem32msiexec.exe
C:UsersLyndaAppDataLocalStrongVaultStrongVaultApp.exe
C:Program Files (x86)ProgSenseProgSense.exe
C:Program Files (x86)MicrosoftBingBar7.1.391.0SeaPort.exe
C:Program Files (x86)Strongvault Online BackupSMessenger.exe
C:Program FilesInternet Exploreriexplore.exe
C:Windowssystem32taskhost.exe
C:Windowssystem32taskeng.exe
C:Windowssystem32wbemwmiprvse.exe
C:WindowsSystem32cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.babylon.com/?affID=112670&tt=4612_1&babsrc=HP_sst&mntrId=3062618800000000000064315025b168
uURLSearchHooks: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:Program Files (x86)adawaretbadawareDx.dll
dURLSearchHooks: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:Program Files (x86)adawaretbadawareDx.dll
mWinlogon: Userinit = userinit.exe,
BHO: IE7Pro BHO: {00011268-E188-40DF-A514-835FCD78B1BF} - C:Program Files (x86)IEProIEPro.dll
BHO: IObit Toolbar: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:Program Files (x86)IObit ToolbarIE4.7iobitToolbarIE.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
BHO: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - C:Program Files (x86)BabylonToolbarBabylonToolbar1.8.3.8bhBabylonToolbar.dll
BHO: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:Program Files (x86)adawaretbadawareDx.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre7binssv.dll
BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} -
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAlwil SoftwareAvast5aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
BHO: Swiki_IE: {A2B6C1C5-ACDE-415E-A965-9FCB42E95952} - C:Program Files (x86)Swiki_IEScriptHost.dll
BHO: GamesBarBHO Class: {CB0D163C-E9F4-4236-9496-0597E24B23A5} -
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:Program Files (x86)MicrosoftBingBar7.1.391.0BingExt.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre7binjp2ssv.dll
TB: Grab Pro: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:Program Files (x86)IEProIEProRecorder.dll
TB: IObit Toolbar: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:Program Files (x86)IObit ToolbarIE4.7iobitToolbarIE.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAlwil SoftwareAvast5aswWebRepIE.dll
TB: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:Program Files (x86)adawaretbadawareDx.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Grab Pro: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:Program Files (x86)IEProIEProRecorder.dll
TB: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - C:Program Files (x86)BabylonToolbarBabylonToolbar1.8.3.8BabylonToolbarTlbr.dll
uRun: [SearchEngineProtection] C:Program Files (x86)GamesbarSearchEngineProtection.exe
uRun: [Advanced SystemCare 4] C:Program Files (x86)IObitAdvanced SystemCare 4ASCTray.exe
uRun: [SUPERAntiSpyware] C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe
uRun: [Messenger] "C:Program Files (x86)Strongvault Online BackupSMessenger.exe"
mRun: [StartCCC] "c:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe" MSRun
mRun: [HP Software Update] c:Program Files (x86)HPHP Software UpdateHPWuSchd2.exe
mRun: [PDF Complete] C:Program Files (x86)PDF Completepdfsty.exe
mRun: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe"
mRun: [avast] "C:Program FilesAlwil SoftwareAvast5avastUI.exe" /nogui
mRun: [Ad-Aware Browsing Protection] "C:ProgramDataAd-Aware Browsing Protectionadawarebp.exe"
mRun: [ArcSoft Connection Service] C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACDaemon.exe
mRun: [QuickTime Task] "C:Program Files (x86)QuickTimeQTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe"
mRun: [SMessaging] C:UsersLyndaAppDataLocalStrongvault Online BackupSMessaging.exe
StartupFolder: C:UsersLyndaAppDataRoamingMICROS~1WindowsSTARTM~1ProgramsStartupOPENOF~1.LNK - C:Program Files (x86)OpenOffice.org 3programquickstart.exe
StartupFolder: C:UsersLyndaAppDataRoamingMICROS~1WindowsSTARTM~1ProgramsStartupPROGSE~1.LNK - C:Program Files (x86)ProgSenseprogsense.exe
StartupFolder: C:UsersLyndaAppDataRoamingMICROS~1WindowsSTARTM~1ProgramsStartupSMILED~1.LNK - C:Program Files (x86)WebshotsSmile DesktopSmile.exe
StartupFolder: C:PROGRA~3MICROS~1WindowsSTARTM~1ProgramsStartupMCAFEE~1.LNK - C:Program Files (x86)McAfee Security Scan2.1.121SSScheduler.exe
StartupFolder: C:PROGRA~3MICROS~1WindowsSTARTM~1ProgramsStartupSNAPFI~1.LNK - C:Program Files (x86)PictureMoverBinPictureMover.exe
StartupFolder: C:ProgramDataMicrosoftWindowsStart MenuProgramsStartupStrongVaultApp.exe
StartupFolder: C:PROGRA~3MICROS~1WindowsSTARTM~1ProgramsStartupSTRONG~1.LNK - C:UsersLyndaAppDataLocalStrongVaultStrongVaultApp.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {000002a3-84fe-43f1-b958-f2c3ca804f1a} - {CD275D4E-791A-4993-9D4D-6A071EDD2709} - C:Program Files (x86)IEProIEPro.dll
IE: {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - {B119EB0C-C021-46CF-85B0-34A760E0D5FE} - C:Program Files (x86)IEProIEPro.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces{3FF978B7-1DFD-4F78-B3F3-1EAA07EEA91E} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:Program FilesAlwil SoftwareAvast5aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:Program FilesAlwil SoftwareAvast5aswWebRepIE64.dll
x64-Run: [hpsysdrv] c:program files (x86)hewlett-packardHP odometerhpsysdrv.exe
x64-Run: [PC Optimizer Pro] "C:Program FilesPC Optimizer ProStartApps.exe" "C:Program FilesPC Optimizer ProPCOptimizerPro.exe -w31"
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:WindowsSystem32driversamd_sata.sys [2010-10-26 75904]
R0 amd_xata;amd_xata;C:WindowsSystem32driversamd_xata.sys [2010-10-26 38016]
R1 aswSnx;aswSnx;C:WindowsSystem32driversaswSnx.sys [2011-6-5 984144]
R1 aswSP;aswSP;C:WindowsSystem32driversaswSP.sys [2011-1-15 370288]
R1 SASDIFSV;SASDIFSV;C:Program FilesSUPERAntiSpywaresasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:Program FilesSUPERAntiSpywaresaskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:Program FilesSUPERAntiSpywareSASCore64.exe [2012-7-11 140672]
R2 AdvancedSystemCareService;Advanced SystemCare Service;C:Program Files (x86)IObitAdvanced SystemCare 4ASCService.exe [2011-7-24 353168]
R2 AMD External Events Utility;AMD External Events Utility;C:WindowsSystem32atiesrxx.exe [2010-10-26 203264]
R2 aswFsBlk;aswFsBlk;C:WindowsSystem32driversaswFsBlk.sys [2011-1-15 25232]
R2 aswMonFlt;aswMonFlt;C:WindowsSystem32driversaswMonFlt.sys [2011-1-15 71600]
R2 avast! Antivirus;avast! Antivirus;C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [2012-11-9 44808]
R2 cvhsvc;Client Virtualization Handler;C:Program Files (x86)Common Filesmicrosoft sharedVirtualization HandlerCVHSVC.EXE [2012-1-4 822624]
R2 HP Support Assistant Service;HP Support Assistant Service;C:Program Files (x86)Hewlett-PackardHP Support FrameworkHPSA_Service.exe [2011-9-9 86072]
R2 HPClientSvc;HP Client Services;C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe [2010-8-5 291896]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:Program Files (x86)Hewlett-PackardSharedHPDrvMntSvc.exe [2011-3-28 94264]
R2 pdfcDispatcher;PDF Document Manager;C:Program Files (x86)PDF Completepdfsvc.exe [2010-10-26 1119768]
R2 PfFilter;PfFilter;C:Program Files (x86)IObitProtected Folderpffilter.sys [2011-7-24 36792]
R2 RoxioNow Service;RoxioNow Service;C:Program Files (x86)RoxioRoxioNow PlayerRNowSvc.exe [2010-9-11 399344]
R2 sftlist;Application Virtualization Client;C:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exe [2011-10-1 508776]
R3 BBUpdate;BBUpdate;C:Program Files (x86)MicrosoftBingBar7.1.391.0SeaPort.EXE [2012-6-11 240208]
R3 RTL8167;Realtek 8167 NT Driver;C:WindowsSystem32driversRt64win7.sys [2010-10-26 349800]
R3 Sftfs;Sftfs;C:WindowsSystem32driversSftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:WindowsSystem32driversSftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:WindowsSystem32driversSftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:WindowsSystem32driversSftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exe [2011-10-1 219496]
R3 usbfilter;AMD USB Filter Driver;C:WindowsSystem32driversusbfilter.sys [2010-10-26 38456]
S2 BBSvc;BingBar Service;C:Program Files (x86)MicrosoftBingBar7.1.391.0BBSvc.EXE [2012-6-11 193616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-3-18 138576]
S2 IMFservice;IMF Service;C:Program Files (x86)IObitIObit Malware FighterIMFsrv.exe [2011-7-24 820568]
S3 FileMonitor;FileMonitor;C:Program Files (x86)IObitIObit Malware FighterDriverswin7_amd64FileMonitor.sys [2011-10-14 20336]
S3 GamesAppService;GamesAppService; [x]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:Program Files (x86)McAfee Security Scan2.1.121McCHSvc.exe [2010-9-3 227232]
S3 RegFilter;RegFilter;C:Program Files (x86)IObitIObit Malware FighterDriverswin7_amd64RegFilter.sys [2011-10-14 33184]
S3 TsUsbFlt;TsUsbFlt;C:WindowsSystem32driversTsUsbFlt.sys [2011-7-7 59392]
S3 UrlFilter;UrlFilter;C:Program Files (x86)IObitIObit Malware FighterDriverswin7_amd64UrlFilter.sys [2011-10-14 21872]
S3 WatAdminSvc;Windows Activation Technologies Service;C:WindowsSystem32WatWatAdminSvc.exe [2011-1-16 1255736]
.
=============== Created Last 30 ================
.
2012-11-12 06:23:36 -------- d-----w- C:Program Files (x86)BabylonToolbar
2012-11-12 06:23:09 -------- d-----w- C:UsersLyndaAppDataRoamingBabylon
2012-11-12 06:23:09 -------- d-----w- C:ProgramDataBabylon
2012-11-12 06:14:55 -------- d-----w- C:UsersLyndaAppDataRoamingProgSense
2012-11-12 06:14:47 -------- d-----w- C:UsersLyndaAppDataRoamingStrongvault
2012-11-12 06:14:47 -------- d-----w- C:Program Files (x86)ProgSense
2012-11-12 06:14:23 -------- d-----w- C:UsersLyndaAppDataRoamingGrabPro
2012-11-12 06:14:23 -------- d-----w- C:downloads
2012-11-12 06:14:19 -------- d-----w- C:Program Files (x86)Common FilesMSSoap
2012-11-12 06:14:18 -------- d-----w- C:Program Files (x86)IEPro
2012-11-12 06:14:12 -------- d-----w- C:UsersLyndaAppDataLocalStrongvault Online Backup
2012-11-12 06:14:06 -------- d-----w- C:UsersLyndaAppDataLocalStronghold_LLC
2012-11-12 06:13:56 -------- d-sh--w- C:WindowsSysWow64AI_RecycleBin
2012-11-12 06:13:46 -------- d-----w- C:UsersLyndaAppDataLocalStrongVault
2012-11-12 06:13:46 -------- d-----w- C:ProgramDataStrongvault Online Backup
2012-11-12 06:13:46 -------- d-----w- C:Program Files (x86)Strongvault Online Backup
2012-11-12 03:24:50 69000 ----a-w- C:ProgramDataMicrosoftWindows DefenderDefinition Updates{762C3544-18F0-46D2-9150-E9EFF9B67994}offreg.dll
2012-11-12 01:22:33 95208 ----a-w- C:WindowsSysWow64WindowsAccessBridge-32.dll
2012-11-11 11:52:15 -------- d-----w- C:ProgramDataSUPERSetup
2012-11-09 20:45:12 -------- d-----w- C:UsersLyndaAppDataLocalCrashRpt
2012-11-09 20:44:49 -------- d-----w- C:Program Files (x86)Webshots
2012-11-09 20:09:27 9291768 ----a-w- C:ProgramDataMicrosoftWindows DefenderDefinition Updates{762C3544-18F0-46D2-9150-E9EFF9B67994}mpengine.dll
2012-11-09 04:24:55 697272 ----a-w- C:WindowsSysWow64FlashPlayerApp.exe
2012-11-08 13:47:33 -------- d-----w- C:UsersLyndaAppDataRoamingPC Cleaners
2012-11-08 13:47:07 -------- d-----w- C:UsersLyndaAppDataRoamingPCPro
2012-11-08 13:47:07 -------- d-----w- C:ProgramDataPC1Data
2012-11-08 04:57:39 -------- d-----w- C:UsersLyndaAppDataLocalDeployment
2012-11-08 04:57:39 -------- d-----w- C:UsersLyndaAppDataLocalApps
2012-11-06 05:28:15 -------- d-----w- C:ProgramDataSpybot - Search & Destroy
2012-11-06 05:27:37 -------- d-----w- C:Program Files (x86)Spybot - Search & Destroy 2
2012-11-05 15:14:04 -------- d-----w- C:UsersLyndaAppDataRoamingNCH Software
2012-11-05 06:09:40 -------- d-----w- C:ProgramDataSUPERAntiSpyware.com
2012-11-05 06:09:40 -------- d-----w- C:Program FilesSUPERAntiSpyware
2012-11-02 04:34:12 -------- d-----w- C:UsersLyndaAppDataRoamingSUPERAntiSpyware.com
2012-10-23 05:13:59 -------- d-----w- C:Program Files (x86)EZ Cards Creator
2012-10-23 05:06:13 -------- d-----w- C:Program Files (x86)SaveValet
2012-10-23 05:06:12 -------- d-----w- C:Program Files (x86)Swiki_IE
2012-10-23 05:06:02 -------- d-----w- C:Program FilesPC Optimizer Pro
2012-10-23 05:05:50 -------- d-----w- C:WindowsSChecker
2012-10-23 05:05:49 -------- d-----w- C:Program Files (x86)SwikiIE
2012-10-23 05:05:49 -------- d-----w- C:Program Files (x86)Swiki
2012-10-22 15:17:44 -------- d-----w- C:UsersLyndaAppDataLocalApple Computer
2012-10-20 04:17:53 8795216 ----a-w- C:ProgramDataMicrosoftBingBarBBSvc7.1.391.0oemBingBarSetup-Partner.EXE
.
==================== Find3M ====================
.
2012-11-12 01:22:16 821736 ----a-w- C:WindowsSysWow64npdeployJava1.dll
2012-11-12 01:22:16 746984 ----a-w- C:WindowsSysWow64deployJava1.dll
2012-11-09 04:24:55 73656 ----a-w- C:WindowsSysWow64FlashPlayerCPLApp.cpl
2012-10-30 23:51:55 984144 ----a-w- C:WindowsSystem32driversaswSnx.sys
2012-10-30 23:51:55 71600 ----a-w- C:WindowsSystem32driversaswMonFlt.sys
2012-10-30 23:51:07 41224 ----a-w- C:WindowsavastSS.scr
2012-10-15 16:59:28 54072 ----a-w- C:WindowsSystem32driversaswRdr2.sys
2012-09-14 19:19:29 2048 ----a-w- C:WindowsSystem32tzres.dll
2012-09-14 18:28:53 2048 ----a-w- C:WindowsSysWow64tzres.dll
2012-09-07 21:04:46 25928 ----a-w- C:WindowsSystem32driversmbam.sys
2012-08-31 18:19:35 1659760 ----a-w- C:WindowsSystem32driversntfs.sys
2012-08-30 18:03:45 5559664 ----a-w- C:WindowsSystem32ntoskrnl.exe
2012-08-30 17:12:02 3968880 ----a-w- C:WindowsSysWow64ntkrnlpa.exe
2012-08-30 17:12:02 3914096 ----a-w- C:WindowsSysWow64ntoskrnl.exe
2012-08-24 18:05:07 220160 ----a-w- C:WindowsSystem32wintrust.dll
2012-08-24 18:05:06 1188864 ----a-w- C:WindowsSystem32wininet.dll
2012-08-24 16:57:48 981504 ----a-w- C:WindowsSysWow64wininet.dll
2012-08-24 16:57:48 172544 ----a-w- C:WindowsSysWow64wintrust.dll
2012-08-24 15:59:30 1638912 ----a-w- C:WindowsSystem32mshtml.tlb
2012-08-24 15:20:39 1638912 ----a-w- C:WindowsSysWow64mshtml.tlb
2012-08-22 18:12:50 1913200 ----a-w- C:WindowsSystem32driverstcpip.sys
2012-08-22 18:12:40 950128 ----a-w- C:WindowsSystem32driversndis.sys
2012-08-22 18:12:40 376688 ----a-w- C:WindowsSystem32driversnetio.sys
2012-08-22 18:12:33 288624 ----a-w- C:WindowsSystem32driversFWPKCLNT.SYS
2012-08-21 21:01:00 245760 ----a-w- C:WindowsSystem32OxpsConverter.exe
2012-08-20 18:48:44 362496 ----a-w- C:WindowsSystem32wow64win.dll
2012-08-20 18:48:44 243200 ----a-w- C:WindowsSystem32wow64.dll
2012-08-20 18:48:44 13312 ----a-w- C:WindowsSystem32wow64cpu.dll
2012-08-20 18:48:43 215040 ----a-w- C:WindowsSystem32winsrv.dll
2012-08-20 18:48:37 16384 ----a-w- C:WindowsSystem32ntvdm64.dll
2012-08-20 18:48:35 424448 ----a-w- C:WindowsSystem32KernelBase.dll
2012-08-20 18:46:22 338432 ----a-w- C:WindowsSystem32conhost.exe
2012-08-20 17:40:21 14336 ----a-w- C:WindowsSysWow64ntvdm64.dll
2012-08-20 17:38:44 44032 ----a-w- C:Windowsapppatchacwow64.dll
2012-08-20 17:38:26 25600 ----a-w- C:WindowsSysWow64setup16.exe
2012-08-20 17:37:19 5120 ----a-w- C:WindowsSysWow64wow32.dll
2012-08-20 17:37:18 274944 ----a-w- C:WindowsSysWow64KernelBase.dll
2012-08-20 15:38:21 7680 ----a-w- C:WindowsSysWow64instnm.exe
2012-08-20 15:38:20 2048 ----a-w- C:WindowsSysWow64user.exe
2012-08-20 15:33:28 6144 ---ha-w- C:WindowsSysWow64api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33:28 4608 ---ha-w- C:WindowsSysWow64api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33:28 3584 ---ha-w- C:WindowsSysWow64api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33:28 3072 ---ha-w- C:WindowsSysWow64api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 1:34:43.59 ===============

[b]DDS (Ver_2012-11-07.01) - NTFS_AMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.9.2
Run by Lynda at 1:33:17 on 2012-11-12
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1791.629 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
.
============== Running Processes ===============
.
C:Windowssystem32lsm.exe
C:Windowssystem32svchost.exe -k DcomLaunch
C:Windowssystem32svchost.exe -k RPCSS
C:Windowssystem32atiesrxx.exe
C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted
C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted
C:Windowssystem32svchost.exe -k netsvcs
C:Windowssystem32svchost.exe -k LocalService
C:Windowssystem32svchost.exe -k NetworkService
C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
C:Windowssystem32atieclxx.exe
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:WindowsSystem32spoolsv.exe
C:Windowssystem32taskhost.exe
C:Windowssystem32svchost.exe -k LocalServiceNoNetwork
C:Program FilesSUPERAntiSpywareSASCORE64.EXE
C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACService.exe
C:Program Files (x86)Hewlett-PackardHP Odometerhpsysdrv.exe
C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
C:Program Files (x86)IObitAdvanced SystemCare 4ASCTray.exe
C:Program Files (x86)IObitAdvanced SystemCare 4ASCService.exe
C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe
C:Program Files (x86)McAfee Security Scan2.1.121SSScheduler.exe
C:Windowssystem32taskeng.exe
C:Program Files (x86)IObitAdvanced SystemCare 4PMonitor.exe
C:Program Files (x86)OpenOffice.org 3programsoffice.exe
C:Program Files (x86)WebshotsSmile DesktopSmile.exe
C:Program Files (x86)OpenOffice.org 3programsoffice.bin
C:Program Files (x86)HpHP Software Updatehpwuschd2.exe
C:Program FilesAlwil SoftwareAvast5AvastUI.exe
C:ProgramDataAd-Aware Browsing Protectionadawarebp.exe
C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACDaemon.exe
C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation
C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe
C:Program Files (x86)Common FilesJavaJava Updatejusched.exe
C:Program Files (x86)Common FilesArcSoftConnection ServiceBinArcCon.ac
C:Program Files (x86)Hewlett-PackardSharedHPDrvMntSvc.exe
c:Program Files (x86)Common FilesLightScribeLSSrvc.exe
C:Program Files (x86)PDF Completepdfsvc.exe
C:Program Files (x86)RoxioRoxioNow PlayerRNowSvc.exe
C:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exe
C:Windowssystem32svchost.exe -k imgsvc
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE
C:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exe
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe
C:Program Files (x86)Common FilesMicrosoft SharedVirtualization HandlerCVHSVC.EXE
c:Program Files (x86)ATI TechnologiesATI.ACECore-StaticMOM.exe
C:Windowssystem32SearchIndexer.exe
C:Windowssystem32svchost.exe -k NetworkServiceNetworkRestricted
C:Program FilesWindows Media Playerwmpnetwk.exe
C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCCC.exe
C:WindowsSystem32svchost.exe -k LocalServicePeerNet
C:Program FilesInternet Exploreriexplore.exe
C:Windowssystem32MacromedFlashFlashUtil64_11_5_502_110_ActiveX.exe
C:Program Files (x86)Hewlett-PackardHP Support Frameworkhpsa_service.exe
C:WindowsSystem32svchost.exe -k secsvcs
C:Program FilesInternet Exploreriexplore.exe
C:Windowssystem32msiexec.exe
C:UsersLyndaAppDataLocalStrongVaultStrongVaultApp.exe
C:Program Files (x86)ProgSenseProgSense.exe
C:Program Files (x86)MicrosoftBingBar7.1.391.0SeaPort.exe
C:Program Files (x86)Strongvault Online BackupSMessenger.exe
C:Program FilesInternet Exploreriexplore.exe
C:Windowssystem32taskhost.exe
C:Windowssystem32taskeng.exe
C:Windowssystem32wbemwmiprvse.exe
C:WindowsSystem32cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.babylon.com/?affID=112670&tt=4612_1&babsrc=HP_sst&mntrId=3062618800000000000064315025b168
uURLSearchHooks: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:Program Files (x86)adawaretbadawareDx.dll
dURLSearchHooks: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:Program Files (x86)adawaretbadawareDx.dll
mWinlogon: Userinit = userinit.exe,
BHO: IE7Pro BHO: {00011268-E188-40DF-A514-835FCD78B1BF} - C:Program Files (x86)IEProIEPro.dll
BHO: IObit Toolbar: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:Program Files (x86)IObit ToolbarIE4.7iobitToolbarIE.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
BHO: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - C:Program Files (x86)BabylonToolbarBabylonToolbar1.8.3.8bhBabylonToolbar.dll
BHO: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:Program Files (x86)adawaretbadawareDx.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre7binssv.dll
BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} -
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAlwil SoftwareAvast5aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
BHO: Swiki_IE: {A2B6C1C5-ACDE-415E-A965-9FCB42E95952} - C:Program Files (x86)Swiki_IEScriptHost.dll
BHO: GamesBarBHO Class: {CB0D163C-E9F4-4236-9496-0597E24B23A5} -
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:Program Files (x86)MicrosoftBingBar7.1.391.0BingExt.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre7binjp2ssv.dll
TB: Grab Pro: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:Program Files (x86)IEProIEProRecorder.dll
TB: IObit Toolbar: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:Program Files (x86)IObit ToolbarIE4.7iobitToolbarIE.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAlwil SoftwareAvast5aswWebRepIE.dll
TB: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:Program Files (x86)adawaretbadawareDx.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Grab Pro: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:Program Files (x86)IEProIEProRecorder.dll
TB: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - C:Program Files (x86)BabylonToolbarBabylonToolbar1.8.3.8BabylonToolbarTlbr.dll
uRun: [SearchEngineProtection] C:Program Files (x86)GamesbarSearchEngineProtection.exe
uRun: [Advanced SystemCare 4] C:Program Files (x86)IObitAdvanced SystemCare 4ASCTray.exe
uRun: [SUPERAntiSpyware] C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe
uRun: [Messenger] "C:Program Files (x86)Strongvault Online BackupSMessenger.exe"
mRun: [StartCCC] "c:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe" MSRun
mRun: [HP Software Update] c:Program Files (x86)HPHP Software UpdateHPWuSchd2.exe
mRun: [PDF Complete] C:Program Files (x86)PDF Completepdfsty.exe
mRun: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe"
mRun: [avast] "C:Program FilesAlwil SoftwareAvast5avastUI.exe" /nogui
mRun: [Ad-Aware Browsing Protection] "C:ProgramDataAd-Aware Browsing Protectionadawarebp.exe"
mRun: [ArcSoft Connection Service] C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACDaemon.exe
mRun: [QuickTime Task] "C:Program Files (x86)QuickTimeQTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe"
mRun: [SMessaging] C:UsersLyndaAppDataLocalStrongvault Online BackupSMessaging.exe
StartupFolder: C:UsersLyndaAppDataRoamingMICROS~1WindowsSTARTM~1ProgramsStartupOPENOF~1.LNK - C:Program Files (x86)OpenOffice.org 3programquickstart.exe
StartupFolder: C:UsersLyndaAppDataRoamingMICROS~1WindowsSTARTM~1ProgramsStartupPROGSE~1.LNK - C:Program Files (x86)ProgSenseprogsense.exe
StartupFolder: C:UsersLyndaAppDataRoamingMICROS~1WindowsSTARTM~1ProgramsStartupSMILED~1.LNK - C:Program Files (x86)WebshotsSmile DesktopSmile.exe
StartupFolder: C:PROGRA~3MICROS~1WindowsSTARTM~1ProgramsStartupMCAFEE~1.LNK - C:Program Files (x86)McAfee Security Scan2.1.121SSScheduler.exe
StartupFolder: C:PROGRA~3MICROS~1WindowsSTARTM~1ProgramsStartupSNAPFI~1.LNK - C:Program Files (x86)PictureMoverBinPictureMover.exe
StartupFolder: C:ProgramDataMicrosoftWindowsStart MenuProgramsStartupStrongVaultApp.exe
StartupFolder: C:PROGRA~3MICROS~1WindowsSTARTM~1ProgramsStartupSTRONG~1.LNK - C:UsersLyndaAppDataLocalStrongVaultStrongVaultApp.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {000002a3-84fe-43f1-b958-f2c3ca804f1a} - {CD275D4E-791A-4993-9D4D-6A071EDD2709} - C:Program Files (x86)IEProIEPro.dll
IE: {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - {B119EB0C-C021-46CF-85B0-34A760E0D5FE} - C:Program Files (x86)IEProIEPro.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces{3FF978B7-1DFD-4F78-B3F3-1EAA07EEA91E} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:Program FilesAlwil SoftwareAvast5aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:Program FilesAlwil SoftwareAvast5aswWebRepIE64.dll
x64-Run: [hpsysdrv] c:program files (x86)hewlett-packardHP odometerhpsysdrv.exe
x64-Run: [PC Optimizer Pro] "C:Program FilesPC Optimizer ProStartApps.exe" "C:Program FilesPC Optimizer ProPCOptimizerPro.exe -w31"
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:WindowsSystem32driversamd_sata.sys [2010-10-26 75904]
R0 amd_xata;amd_xata;C:WindowsSystem32driversamd_xata.sys [2010-10-26 38016]
R1 aswSnx;aswSnx;C:WindowsSystem32driversaswSnx.sys [2011-6-5 984144]
R1 aswSP;aswSP;C:WindowsSystem32driversaswSP.sys [2011-1-15 370288]
R1 SASDIFSV;SASDIFSV;C:Program FilesSUPERAntiSpywaresasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:Program FilesSUPERAntiSpywaresaskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:Program FilesSUPERAntiSpywareSASCore64.exe [2012-7-11 140672]
R2 AdvancedSystemCareService;Advanced SystemCare Service;C:Program Files (x86)IObitAdvanced SystemCare 4ASCService.exe [2011-7-24 353168]
R2 AMD External Events Utility;AMD External Events Utility;C:WindowsSystem32atiesrxx.exe [2010-10-26 203264]
R2 aswFsBlk;aswFsBlk;C:WindowsSystem32driversaswFsBlk.sys [2011-1-15 25232]
R2 aswMonFlt;aswMonFlt;C:WindowsSystem32driversaswMonFlt.sys [2011-1-15 71600]
R2 avast! Antivirus;avast! Antivirus;C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [2012-11-9 44808]
R2 cvhsvc;Client Virtualization Handler;C:Program Files (x86)Common Filesmicrosoft sharedVirtualization HandlerCVHSVC.EXE [2012-1-4 822624]
R2 HP Support

#12 Jacee

Jacee

    Madam Admin <aka> Maude

  • Admins
  • 27,826 posts
  • Gender:Female


Posted 12 November 2012 - 12:43 PM

I am over at a friends house at this moment, I downloaded the TFC as you told me to do, the program stopped responding, I lost all of my desktop icons and the icons near the clock, I am unable to shut down my computer and I am left with a very huge background picture of a boardwalk. Should I manually reboot and try the downlad again? Thank you.

You will see in my instructions using TFC, that everything on your desktop will disappear!

TFC will close ALL open programs including your browser!

You will also need to let it run. At times, you may be thinking that it's stopped working ... be patient. When it's done, it will show you a message. You can reboot then.

MS - MVP Consumer Security 2006 thru 2014


#13 Jacee

Jacee

    Madam Admin <aka> Maude

  • Admins
  • 27,826 posts
  • Gender:Female


Posted 12 November 2012 - 01:13 PM

You have several programs and browser tool bars that are no good! Please click on Control Panel, then Programs and Features....

Uninstall ALL of these unwanted items:
Babylon toolbar
Bing Bar
Bing Rewards Client Installer
GamesBar 2.0.1.73
IObit Malware Fighter
IObit Toolbar v4.7
PC Optimizer Pro
ShopAtHome.com Toolbar


Let me know if you're still being redirected.

MS - MVP Consumer Security 2006 thru 2014


#14 mizsam

mizsam

    Member

  • Members
  • 61 posts

Posted 12 November 2012 - 05:07 PM

I couldn't find bing rewards or shop at home to remove them. Iobit malwarefighter had a file missing so thst didn't get removed. I tried going into ebay and behold i did not have the previous problem. I was able to sign in and navagate the site correctly. Does this mean I'm good to go and the problem is solved? Also, should I have 2 anti-virus programs running at the same time? If not, which should I keep? McAffee or Avast? Thank you so much.


#15 Jacee

Jacee

    Madam Admin <aka> Maude

  • Admins
  • 27,826 posts
  • Gender:Female


Posted 12 November 2012 - 05:30 PM

No, you don't want two Anti-virus programs running at the same time! Please read this article on 'how' to uninstall McAfee:
http://www.myfixes.com/articles/mcrem

After you've done that, please download HiJackThis! from http://www.filehippo...oad_hijackthis/ to your Downloads folder. Right click on it and choose to run as Administrator. Next click 'Do a System Scan and Save logfile'.
The HJT log will open in notepad.

Copy and paste the contents of the HJT log in your next reply.

MS - MVP Consumer Security 2006 thru 2014


#16 mizsam

mizsam

    Member

  • Members
  • 61 posts

Posted 12 November 2012 - 07:43 PM

i tried going into tinyurl.com to manually remove mcafee but could not get into that site. Message was sorry this page cannot be displayed.I then tried to go into my mail and yahoo had me sign in again and put all these security codes. Is this now comprimised?

#17 Jacee

Jacee

    Madam Admin <aka> Maude

  • Admins
  • 27,826 posts
  • Gender:Female


Posted 12 November 2012 - 09:40 PM

You're still being redirected ... tinyurl.com is not the address I linked you to!

Did you, by chance, do a system restore when you thought TFC borked your computer?

You need to follow my specific instructions, or I can't help you or what your computer does. Do you follow me on this?

MS - MVP Consumer Security 2006 thru 2014


#18 mizsam

mizsam

    Member

  • Members
  • 61 posts

Posted 12 November 2012 - 10:08 PM

ogfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:03:54 PM, on 11/12/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:Program Files (x86)Hewlett-PackardHP Odometerhpsysdrv.exe
C:Program Files (x86)IObitAdvanced SystemCare 4ASCTray.exe
C:Program Files (x86)Strongvault Online BackupSMessenger.exe
C:ProgramDataMicrosoftWindowsStart MenuProgramsStartupStrongVaultApp.exe
C:UsersLyndaAppDataLocalStrongVaultStrongVaultApp.exe
C:Program Files (x86)OpenOffice.org 3programsoffice.exe
C:Program Files (x86)ProgSenseprogsense.exe
C:Program Files (x86)OpenOffice.org 3programsoffice.bin
C:Program Files (x86)HpHP Software Updatehpwuschd2.exe
C:Program FilesAlwil SoftwareAvast5AvastUI.exe
C:ProgramDataAd-Aware Browsing Protectionadawarebp.exe
C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACDaemon.exe
C:Program Files (x86)Common FilesJavaJava Updatejusched.exe
C:Program Files (x86)Common FilesArcSoftConnection ServiceBinArcCon.ac
C:Program Files (x86)Trend MicroHiJackThisHiJackThis.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://g.msn.com/CQDSK/1
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yahoo.com/?ilc=31
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://g.msn.com/CQDSK/1
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://g.msn.com/CQDSK/1
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 - URLSearchHook: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:Program Files (x86)adawaretbadawareDx.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:Program Files (x86)IEProiepro.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 - BHO: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:Program Files (x86)adawaretbadawareDx.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre7binssv.dll
O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:UsersLyndaAppDataRoamingDefaultTabDefaultTabDefaultTabBHO.dll (file missing)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAlwil SoftwareAvast5aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Swiki_IE - {A2B6C1C5-ACDE-415E-A965-9FCB42E95952} - C:Program Files (x86)Swiki_IEScriptHost.dll
O2 - BHO: GamesBarBHO Class - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:Program Files (x86)GamesBar2.0.1.73oberontb.dll (file missing)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre7binjp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAlwil SoftwareAvast5aswWebRepIE.dll
O3 - Toolbar: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:Program Files (x86)adawaretbadawareDx.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:Program Files (x86)IEProIEProRecorder.dll
O4 - HKLM..Run: [StartCCC] "c:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe" MSRun
O4 - HKLM..Run: [HP Software Update] c:Program Files (x86)HPHP Software UpdateHPWuSchd2.exe
O4 - HKLM..Run: [PDF Complete] C:Program Files (x86)PDF Completepdfsty.exe
O4 - HKLM..Run: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe"
O4 - HKLM..Run: [avast] "C:Program FilesAlwil SoftwareAvast5avastUI.exe" /nogui
O4 - HKLM..Run: [Ad-Aware Browsing Protection] "C:ProgramDataAd-Aware Browsing Protectionadawarebp.exe"
O4 - HKLM..Run: [ArcSoft Connection Service] C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACDaemon.exe
O4 - HKLM..Run: [QuickTime Task] "C:Program Files (x86)QuickTimeQTTask.exe" -atboottime
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe"
O4 - HKLM..Run: [SMessaging] C:UsersLyndaAppDataLocalStrongvault Online BackupSMessaging.exe
O4 - HKCU..Run: [SearchEngineProtection] C:Program Files (x86)GamesbarSearchEngineProtection.exe
O4 - HKCU..Run: [Advanced SystemCare 4] C:Program Files (x86)IObitAdvanced SystemCare 4ASCTray.exe
O4 - HKCU..Run: [SUPERAntiSpyware] C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe
O4 - HKCU..Run: [Messenger] "C:Program Files (x86)Strongvault Online BackupSMessenger.exe"
O4 - Startup: OpenOffice.org 3.3.lnk = C:Program Files (x86)OpenOffice.org 3programquickstart.exe
O4 - Startup: ProgSense.lnk = C:Program Files (x86)ProgSenseprogsense.exe
O4 - Global Startup: Snapfish PictureMover.lnk = C:Program Files (x86)PictureMoverBinPictureMover.exe
O4 - Global Startup: StrongVaultApp.exe
O4 - Global Startup: StrongVaultApp.exe.lnk = LyndaAppDataLocalStrongVaultStrongVaultApp.exe
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:Program Files (x86)IEProiepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:Program Files (x86)IEProiepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:Program Files (x86)IEProiepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:Program Files (x86)IEProiepro.dll
O9 - Extra button: @C:Program Files (x86)Windows LiveWriterWindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:Program Files (x86)Windows LiveWriterWindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O10 - Unknown file in Winsock LSP: c:program files (x86)common filesmicrosoft sharedwindows livewlidnsp.dll
O10 - Unknown file in Winsock LSP: c:program files (x86)common filesmicrosoft sharedwindows livewlidnsp.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.ad...Plus/1.6/gp.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:Program FilesSUPERAntiSpywareSASCORE64.EXE
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:Program Files (x86)IObitAdvanced SystemCare 4ASCService.exe
O23 - Service: @%SystemRoot%system32Alg.exe,-112 (ALG) - Unknown owner - C:WindowsSystem32alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:Windowssystem32atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
O23 - Service: @%SystemRoot%system32efssvc.dll,-100 (EFS) - Unknown owner - C:WindowsSystem32lsass.exe (file missing)
O23 - Service: @%systemroot%system32fxsresm.dll,-118 (Fax) - Unknown owner - C:Windowssystem32fxssvc.exe (file missing)
O23 - Service: GamesAppService - Unknown owner - (no file)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:Program Files (x86)Hewlett-PackardHP Support Frameworkhpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:Program Files (x86)Hewlett-PackardSharedHPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:Program Files (x86)Hewlett-PackardSharedhpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program Files (x86)Common FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: IMF Service (IMFservice) - Unknown owner - C:Program Files (x86)IObitIObit Malware FighterIMFsrv.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:Program Files (x86)Common FilesLightScribeLSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:WindowsSystem32msdtc.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:Program Files (x86)PDF Completepdfsvc.exe
O23 - Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: RoxioNow Service - Roxio - C:Program Files (x86)RoxioRoxioNow PlayerRNowSvc.exe
O23 - Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) - Unknown owner - C:Windowssystem32locator.exe (file missing)
O23 - Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) - Unknown owner - C:WindowsSystem32spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%system32sppsvc.exe,-101 (sppsvc) - Unknown owner - C:Windowssystem32sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:Windowssystem32UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%system32vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:Windowssystem32lsass.exe (file missing)
O23 - Service: @%SystemRoot%system32vds.exe,-100 (vds) - Unknown owner - C:WindowsSystem32vds.exe (file missing)
O23 - Service: @%systemroot%system32vssvc.exe,-102 (VSS) - Unknown owner - C:Windowssystem32vssvc.exe (file missing)
O23 - Service: @%SystemRoot%system32WatWatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:Windowssystem32WatWatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%system32wbengine.exe,-104 (wbengine) - Unknown owner - C:Windowssystem32wbengine.exe (file missing)
O23 - Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:Windowssystem32wbemWmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)
--
End of file - 12527 bytes

This is the log from Hijack. Tinyurl was in the instructions to get rid of McAfee in my fixes. I am really trying to do exactly what you are telling me to do. I'm sorry I am upsetting you. I don't want to do that as I appreciate all of your time and help.

#19 mizsam

mizsam

    Member

  • Members
  • 61 posts

Posted 12 November 2012 - 10:11 PM

P.S. I didnt do a system restore. Should I try that? I did do a system restore about 4 days ago but it didn't fix the probem.

#20 Jacee

Jacee

    Madam Admin <aka> Maude

  • Admins
  • 27,826 posts
  • Gender:Female


Posted 12 November 2012 - 11:01 PM

No! Please don't do a system restore :)

Please follow these instructions exactly!!

Download Combofix from any of the links below, and save it to your desktop.<--Important
Link 1
Link 2
Link 3

Click on this link Here to see a list of programs that should be disabled.
The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
If your anti-virus or firewall complains, please allow this script to run as it is not malicious.
Next: Disconnect from the internet. If you are on Cable or DSL, unplug your computer from the modem.
Next: Please disable all onboard security programs (all running with back ground protection) as it may hinder the scanner from working.
This includes Antivirus, Firewall, and any Spyware scanners that run in the background.
  • Double click combofix.exe and follow the prompts.
  • When finished, it will produce a log for you.
Note: Do not mouseclick combofix's window while its running. That may cause it to stall
Please be patient while the scan runs, at times it may appear to stall.
When finished and after reboot (in case it asks to reboot), it should open a log, combofix.txt.
Post this log in your next reply
After rebooting ensure your Security applications have been re-enabled.

In your next reply post:
ComboFix.txt
***A guide and tutorial on "How to use Combofix" can be found here:
http://www.bleepingc...to-use-combofix

IF CF won't run:
During the download, rename Combofix.exe to sVchost.exe

MS - MVP Consumer Security 2006 thru 2014





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users