Jump to content
Sign in to follow this  
mizsam

my browser is being hijacked

Recommended Posts

i am running windows 7 and i use ie and google as my browsers. i think my browsers have been hijacked. i noticed that when i tried to go to ebay.com and sign in to my account i was unable to sign in and my browser was redirected to domainsa.com and i immediately started to get different advertisements. i have run mulwarebytes, iobit malware, avast anti-virus, super anti spyware and ibot search and destroy and during the scans a couple of trojans were found. i quaranteed them. i have uninstalled and reinstalled google chrome and i am still having the same issue. please help. i don't know what to do to fix this.

Share this post


Link to post
Share on other sites

Let's see if AdwCleaner works first to clean up the redirection:

 

Download AdWareCleaner http://www.bleepingcomputer.com/download/adwcleaner/ to your desktop

1.Right-click on adwcleaner.exe and select Run As Administrator to launch the application.

2.Click on Delete button.

3.Confirm each time with OK.

4.Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.

Note: You can find the logfile at C:AdwCleaner[sn].txt as well - n is the order number.

Posted Image

Share this post


Link to post
Share on other sites

http://forums.pcpitstop.com/index.php?/topic/200278-my-browser-is-being-hijacked/# AdwCleaner v2.007 - Logfile created 11/11/2012 at 06:59:50

# Updated 06/11/2012 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Lynda - LYNDA-HP

# Boot Mode : Normal

# Running from : C:\Users\Lynda\Downloads\AdwCleaner.exe

# Option [search]

 

 

***** [services] *****

 

Found : DefaultTabSearch

Found : DefaultTabUpdate

 

***** [Files / Folders] *****

 

File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

File Found : C:\Users\Public\Desktop\eBay.lnk

File Found : C:\Windows\SysWOW64\conduitEngine.tmp

Folder Found : C:\Program Files (x86)\Application Updater

Folder Found : C:\Program Files (x86)\Common Files\spigot

Folder Found : C:\Program Files (x86)\Conduit

Folder Found : C:\Program Files (x86)\ConduitEngine

Folder Found : C:\Program Files (x86)\DefaultTab

Folder Found : C:\Program Files (x86)\GamesBar

Folder Found : C:\Program Files (x86)\IObitCom

Folder Found : C:\Program Files (x86)\Productivity_2.1

Folder Found : C:\Program Files (x86)\Yontoo

Folder Found : C:\ProgramData\blekko toolbars

Folder Found : C:\ProgramData\GamesBar

Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamesBar

Folder Found : C:\ProgramData\Tarma Installer

Folder Found : C:\ProgramData\WeCareReminder

Folder Found : C:\Users\Lynda\AppData\Local\Conduit

Folder Found : C:\Users\Lynda\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

Folder Found : C:\Users\Lynda\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc

Folder Found : C:\Users\Lynda\AppData\LocalLow\Conduit

Folder Found : C:\Users\Lynda\AppData\LocalLow\ConduitEngine

Folder Found : C:\Users\Lynda\AppData\LocalLow\IObitCom

Folder Found : C:\Users\Lynda\AppData\LocalLow\PriceGong

Folder Found : C:\Users\Lynda\AppData\LocalLow\Productivity_2.1

Folder Found : C:\Users\Lynda\AppData\Roaming\DefaultTab

 

***** [Registry] *****

 

Key Found : HKCU\Software\AppDataLow\Software\Conduit

Key Found : HKCU\Software\AppDataLow\Software\conduitEngine

Key Found : HKCU\Software\AppDataLow\Software\conduitEngine

Key Found : HKCU\Software\AppDataLow\Software\DefaultTab

Key Found : HKCU\Software\AppDataLow\Software\IObitCom

Key Found : HKCU\Software\AppDataLow\Software\PriceGong

Key Found : HKCU\Software\AppDataLow\Software\Productivity_2.1

Key Found : HKCU\Software\AppDataLow\Software\Search Settings

Key Found : HKCU\Software\AppDataLow\Toolbar

Key Found : HKCU\Software\Conduit

Key Found : HKCU\Software\DealRunner

Key Found : HKCU\Software\Default Tab

Key Found : HKCU\Software\DefaultTab

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31C7D459-9CC3-44F2-9DCA-FC11795309B4}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C44F9E21-D93F-490C-B41C-B3548BDD19FC}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0C36DAE6-46A0-4EB6-AF55-E66E14285791}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{17F772BA-A100-4F3D-8E73-47D1B5DA4B93}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31C7D459-9CC3-44F2-9DCA-FC11795309B4}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C44F9E21-D93F-490C-B41C-B3548BDD19FC}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}

Key Found : HKCU\Software\wecarereminder

Key Found : HKCU\Software\Zugo

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Found : HKLM\Software\Application Updater

Key Found : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}

Key Found : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}

Key Found : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}

Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}

Key Found : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL

Key Found : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL

Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL

Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine

Key Found : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder

Key Found : HKLM\SOFTWARE\Classes\Toolbar.BandObject

Key Found : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1

Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2384137

Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2903600

Key Found : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject

Key Found : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}

Key Found : HKLM\Software\Conduit

Key Found : HKLM\Software\conduitEngine

Key Found : HKLM\Software\conduitEngine

Key Found : HKLM\Software\Default Tab

Key Found : HKLM\Software\DefaultTab

Key Found : HKLM\Software\Freeze.com

Key Found : HKLM\Software\IObitCom

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0C36DAE6-46A0-4EB6-AF55-E66E14285791}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{17F772BA-A100-4F3D-8E73-47D1B5DA4B93}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Found : HKLM\Software\Productivity_2.1

Key Found : HKLM\Software\Search Settings

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0C36DAE6-46A0-4EB6-AF55-E66E14285791}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{17F772BA-A100-4F3D-8E73-47D1B5DA4B93}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{31C7D459-9CC3-44F2-9DCA-FC11795309B4}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C44F9E21-D93F-490C-B41C-B3548BDD19FC}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}

Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8DAC9A43-5E44-423F-A6BF-40E31AA842AE}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CB47A994-096F-485A-A735-586D2A1E8CAE}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DC8680AA-35C2-4C67-BD6C-6117C0BF4393}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0F629A7-B31C-482B-8035-BA01E5BFFDAC}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE42BF92-8AA9-4719-9F59-E503F29FCC14}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31C7D459-9CC3-44F2-9DCA-FC11795309B4}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C44F9E21-D93F-490C-B41C-B3548BDD19FC}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6EFDBA50-4ABE-4194-86F7-F3BD0A011F5B}_is1

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab Chrome

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IObitCom Toolbar

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Productivity_2.1 Toolbar

Key Found : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}

Key Found : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

Key Found : HKLM\SOFTWARE\Tarma Installer

Key Found : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

Key Found : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

Key Found : HKU\S-1-5-21-1895111836-1248595627-1161135978-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Found : HKU\S-1-5-21-1895111836-1248595627-1161135978-1001\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

Key Found : HKU\S-1-5-21-1895111836-1248595627-1161135978-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{31C7D459-9CC3-44F2-9DCA-FC11795309B4}]

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C44F9E21-D93F-490C-B41C-B3548BDD19FC}]

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{31C7D459-9CC3-44F2-9DCA-FC11795309B4}]

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{C44F9E21-D93F-490C-B41C-B3548BDD19FC}]

Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]

Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]

Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{31C7D459-9CC3-44F2-9DCA-FC11795309B4}]

Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]

Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{C44F9E21-D93F-490C-B41C-B3548BDD19FC}]

 

***** [internet Browsers] *****

 

-\\ Internet Explorer v8.0.7601.17514

 

[OK] Registry is clean.

 

-\\ Google Chrome v [unable to get version]

 

File : C:\Users\Lynda\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

[OK] File is clean.

 

*************************

 

AdwCleaner[R1].txt - [13531 octets] - [11/11/2012 06:59:50]

 

########## EOF - C:\AdwCleaner[R1].txt - [13592 octets] ##########

 

 

 

http://forums.pcpitstop.com/index.php?/topic/200278-my-browser-is-being-hijacked/ Results of screen317's Security Check version 0.99.54

Windows 7 Service Pack 1 x64 (UAC is enabled)

Internet Explorer 8 Out of date!

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

avast! Antivirus

Antivirus up to date!

`````````Anti-malware/Other Utilities Check:`````````

Ad-Aware

I SPY Treasure Hunt

I SPY Mystery

Malwarebytes Anti-Malware version 1.65.0.1400

Auslogics Registry Cleaner

Java 6 Update 22

Java 6 Update 37

Java version out of Date!

Adobe Reader X (10.1.4)

Google Chrome 23.0.1271.64

````````Process Check: objlist.exe by Laurent````````

Ad-Aware AAWService.exe is disabled!

Ad-Aware AAWTray.exe is disabled!

Alwil Software Avast5 AvastSvc.exe

Alwil Software Avast5 AvastUI.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 4%

````````````````````End of Log``````````````````````

Share this post


Link to post
Share on other sites

http://forums.pcpitstop.com/index.php?/topic/200278-my-browser-is-being-hijacked/# AdwCleaner v2.007 - Logfile created 11/11/2012 at 06:59:50

# Updated 06/11/2012 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Lynda - LYNDA-HP

# Boot Mode : Normal

# Running from : C:\Users\Lynda\Downloads\AdwCleaner.exe

# Option [search]

 

 

***** [services] *****

 

Found : DefaultTabSearch

Found : DefaultTabUpdate

 

***** [Files / Folders] *****

 

File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

File Found : C:\Users\Public\Desktop\eBay.lnk

File Found : C:\Windows\SysWOW64\conduitEngine.tmp

Folder Found : C:\Program Files (x86)\Application Updater

Folder Found : C:\Program Files (x86)\Common Files\spigot

Folder Found : C:\Program Files (x86)\Conduit

Folder Found : C:\Program Files (x86)\ConduitEngine

Folder Found : C:\Program Files (x86)\DefaultTab

Folder Found : C:\Program Files (x86)\GamesBar

Folder Found : C:\Program Files (x86)\IObitCom

Folder Found : C:\Program Files (x86)\Productivity_2.1

Folder Found : C:\Program Files (x86)\Yontoo

Folder Found : C:\ProgramData\blekko toolbars

Folder Found : C:\ProgramData\GamesBar

Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamesBar

Folder Found : C:\ProgramData\Tarma Installer

Folder Found : C:\ProgramData\WeCareReminder

Folder Found : C:\Users\Lynda\AppData\Local\Conduit

Folder Found : C:\Users\Lynda\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

Folder Found : C:\Users\Lynda\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc

Folder Found : C:\Users\Lynda\AppData\LocalLow\Conduit

Folder Found : C:\Users\Lynda\AppData\LocalLow\ConduitEngine

Folder Found : C:\Users\Lynda\AppData\LocalLow\IObitCom

Folder Found : C:\Users\Lynda\AppData\LocalLow\PriceGong

Folder Found : C:\Users\Lynda\AppData\LocalLow\Productivity_2.1

Folder Found : C:\Users\Lynda\AppData\Roaming\DefaultTab

 

***** [Registry] *****

 

Key Found : HKCU\Software\AppDataLow\Software\Conduit

Key Found : HKCU\Software\AppDataLow\Software\conduitEngine

Key Found : HKCU\Software\AppDataLow\Software\conduitEngine

Key Found : HKCU\Software\AppDataLow\Software\DefaultTab

Key Found : HKCU\Software\AppDataLow\Software\IObitCom

Key Found : HKCU\Software\AppDataLow\Software\PriceGong

Key Found : HKCU\Software\AppDataLow\Software\Productivity_2.1

Key Found : HKCU\Software\AppDataLow\Software\Search Settings

Key Found : HKCU\Software\AppDataLow\Toolbar

Key Found : HKCU\Software\Conduit

Key Found : HKCU\Software\DealRunner

Key Found : HKCU\Software\Default Tab

Key Found : HKCU\Software\DefaultTab

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31C7D459-9CC3-44F2-9DCA-FC11795309B4}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C44F9E21-D93F-490C-B41C-B3548BDD19FC}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0C36DAE6-46A0-4EB6-AF55-E66E14285791}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{17F772BA-A100-4F3D-8E73-47D1B5DA4B93}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31C7D459-9CC3-44F2-9DCA-FC11795309B4}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C44F9E21-D93F-490C-B41C-B3548BDD19FC}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}

Key Found : HKCU\Software\wecarereminder

Key Found : HKCU\Software\Zugo

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Found : HKLM\Software\Application Updater

Key Found : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}

Key Found : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}

Key Found : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}

Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}

Key Found : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL

Key Found : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL

Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL

Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine

Key Found : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder

Key Found : HKLM\SOFTWARE\Classes\Toolbar.BandObject

Key Found : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1

Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2384137

Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2903600

Key Found : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject

Key Found : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}

Key Found : HKLM\Software\Conduit

Key Found : HKLM\Software\conduitEngine

Key Found : HKLM\Software\conduitEngine

Key Found : HKLM\Software\Default Tab

Key Found : HKLM\Software\DefaultTab

Key Found : HKLM\Software\Freeze.com

Key Found : HKLM\Software\IObitCom

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0C36DAE6-46A0-4EB6-AF55-E66E14285791}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{17F772BA-A100-4F3D-8E73-47D1B5DA4B93}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Found : HKLM\Software\Productivity_2.1

Key Found : HKLM\Software\Search Settings

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0C36DAE6-46A0-4EB6-AF55-E66E14285791}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{17F772BA-A100-4F3D-8E73-47D1B5DA4B93}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{31C7D459-9CC3-44F2-9DCA-FC11795309B4}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C44F9E21-D93F-490C-B41C-B3548BDD19FC}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}

Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8DAC9A43-5E44-423F-A6BF-40E31AA842AE}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CB47A994-096F-485A-A735-586D2A1E8CAE}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DC8680AA-35C2-4C67-BD6C-6117C0BF4393}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0F629A7-B31C-482B-8035-BA01E5BFFDAC}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE42BF92-8AA9-4719-9F59-E503F29FCC14}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31C7D459-9CC3-44F2-9DCA-FC11795309B4}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C44F9E21-D93F-490C-B41C-B3548BDD19FC}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6EFDBA50-4ABE-4194-86F7-F3BD0A011F5B}_is1

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab Chrome

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IObitCom Toolbar

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Productivity_2.1 Toolbar

Key Found : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}

Key Found : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

Key Found : HKLM\SOFTWARE\Tarma Installer

Key Found : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

Key Found : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

Key Found : HKU\S-1-5-21-1895111836-1248595627-1161135978-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Found : HKU\S-1-5-21-1895111836-1248595627-1161135978-1001\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

Key Found : HKU\S-1-5-21-1895111836-1248595627-1161135978-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{31C7D459-9CC3-44F2-9DCA-FC11795309B4}]

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C44F9E21-D93F-490C-B41C-B3548BDD19FC}]

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{31C7D459-9CC3-44F2-9DCA-FC11795309B4}]

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{C44F9E21-D93F-490C-B41C-B3548BDD19FC}]

Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]

Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]

Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{31C7D459-9CC3-44F2-9DCA-FC11795309B4}]

Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]

Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{C44F9E21-D93F-490C-B41C-B3548BDD19FC}]

 

***** [internet Browsers] *****

 

-\\ Internet Explorer v8.0.7601.17514

 

[OK] Registry is clean.

 

-\\ Google Chrome v [unable to get version]

 

File : C:\Users\Lynda\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

[OK] File is clean.

 

*************************

 

AdwCleaner[R1].txt - [13531 octets] - [11/11/2012 06:59:50]

 

########## EOF - C:\AdwCleaner[R1].txt - [13592 octets] ##########

 

 

 

http://forums.pcpitstop.com/index.php?/topic/200278-my-browser-is-being-hijacked/ Results of screen317's Security Check version 0.99.54

Windows 7 Service Pack 1 x64 (UAC is enabled)

Internet Explorer 8 Out of date!

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

avast! Antivirus

Antivirus up to date!

`````````Anti-malware/Other Utilities Check:`````````

Ad-Aware

I SPY Treasure Hunt

I SPY Mystery

Malwarebytes Anti-Malware version 1.65.0.1400

Auslogics Registry Cleaner

Java 6 Update 22

Java 6 Update 37

Java version out of Date!

Adobe Reader X (10.1.4)

Google Chrome 23.0.1271.64

````````Process Check: objlist.exe by Laurent````````

Ad-Aware AAWService.exe is disabled!

Ad-Aware AAWTray.exe is disabled!

Alwil Software Avast5 AvastSvc.exe

Alwil Software Avast5 AvastUI.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 4%

````````````````````End of Log``````````````````````

Share this post


Link to post
Share on other sites

# AdwCleaner v2.007 - Logfile created 11/11/2012 at 13:05:02

# Updated 06/11/2012 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Lynda - LYNDA-HP

# Boot Mode : Normal

# Running from : C:UsersLyndaDownloadsAdwCleaner (1).exe

# Option [Delete]

 

 

***** [services] *****

 

Stopped & Deleted : DefaultTabSearch

Stopped & Deleted : DefaultTabUpdate

 

***** [Files / Folders] *****

 

File Deleted : C:ProgramDataMicrosoftWindowsStart MenuProgramseBay.lnk

File Deleted : C:UsersPublicDesktopeBay.lnk

File Deleted : C:WindowsSysWOW64conduitEngine.tmp

Folder Deleted : C:Program Files (x86)Application Updater

Folder Deleted : C:Program Files (x86)Common Filesspigot

Folder Deleted : C:Program Files (x86)Conduit

Folder Deleted : C:Program Files (x86)ConduitEngine

Folder Deleted : C:Program Files (x86)DefaultTab

Folder Deleted : C:Program Files (x86)GamesBar

Folder Deleted : C:Program Files (x86)IObitCom

Folder Deleted : C:Program Files (x86)Productivity_2.1

Folder Deleted : C:Program Files (x86)Yontoo

Folder Deleted : C:ProgramDatablekko toolbars

Folder Deleted : C:ProgramDataGamesBar

Folder Deleted : C:ProgramDataMicrosoftWindowsStart MenuProgramsGamesBar

Folder Deleted : C:ProgramDataTarma Installer

Folder Deleted : C:ProgramDataWeCareReminder

Folder Deleted : C:UsersLyndaAppDataLocalConduit

Folder Deleted : C:UsersLyndaAppDataLocalGoogleChromeUser DataDefaultExtensionskdidombaedgpfiiedeimiebkmbilgmlc

Folder Deleted : C:UsersLyndaAppDataLocalGoogleChromeUser DataDefaultExtensionsniapdbllcanepiiimjjndipklodoedlc

Folder Deleted : C:UsersLyndaAppDataLocalLowConduit

Folder Deleted : C:UsersLyndaAppDataLocalLowConduitEngine

Folder Deleted : C:UsersLyndaAppDataLocalLowIObitCom

Folder Deleted : C:UsersLyndaAppDataLocalLowPriceGong

Folder Deleted : C:UsersLyndaAppDataLocalLowProductivity_2.1

Folder Deleted : C:UsersLyndaAppDataRoamingDefaultTab

 

***** [Registry] *****

 

Key Deleted : HKCUSoftwareAppDataLowSoftwareConduit

Key Deleted : HKCUSoftwareAppDataLowSoftwareconduitEngine

Key Deleted : HKCUSoftwareAppDataLowSoftwareDefaultTab

Key Deleted : HKCUSoftwareAppDataLowSoftwareIObitCom

Key Deleted : HKCUSoftwareAppDataLowSoftwarePriceGong

Key Deleted : HKCUSoftwareAppDataLowSoftwareProductivity_2.1

Key Deleted : HKCUSoftwareAppDataLowSoftwareSearch Settings

Key Deleted : HKCUSoftwareAppDataLowToolbar

Key Deleted : HKCUSoftwareConduit

Key Deleted : HKCUSoftwareDealRunner

Key Deleted : HKCUSoftwareDefault Tab

Key Deleted : HKCUSoftwareDefaultTab

Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{31C7D459-9CC3-44F2-9DCA-FC11795309B4}

Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{6F282B65-56BF-4BD1-A8B2-A4449A05863D}

Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{C44F9E21-D93F-490C-B41C-B3548BDD19FC}

Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}

Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{0C36DAE6-46A0-4EB6-AF55-E66E14285791}

Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{17F772BA-A100-4F3D-8E73-47D1B5DA4B93}

Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{31C7D459-9CC3-44F2-9DCA-FC11795309B4}

Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}

Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{C44F9E21-D93F-490C-B41C-B3548BDD19FC}

Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}

Key Deleted : HKCUSoftwarewecarereminder

Key Deleted : HKCUSoftwareZugo

Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Deleted : HKLMSoftwareApplication Updater

Key Deleted : HKLMSOFTWAREClassesAppID{4FBBF769-ECEB-420A-B536-133B1D505C36}

Key Deleted : HKLMSOFTWAREClassesAppID{562B9316-C08A-444A-9482-62080DD851AE}

Key Deleted : HKLMSOFTWAREClassesAppID{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}

Key Deleted : HKLMSOFTWAREClassesAppID{CFDAFE39-20CE-451D-BD45-A37452F39CF0}

Key Deleted : HKLMSOFTWAREClassesAppIDIEHelperv2.5.0.DLL

Key Deleted : HKLMSOFTWAREClassesAppIDToolbar.DLL

Key Deleted : HKLMSOFTWAREClassesAppIDYontooIEClient.DLL

Key Deleted : HKLMSOFTWAREClassesConduit.Engine

Key Deleted : HKLMSOFTWAREClassesIEHelperv250.WeCareReminder

Key Deleted : HKLMSOFTWAREClassesToolbar.BandObject

Key Deleted : HKLMSOFTWAREClassesToolbar.BandObject.1

Key Deleted : HKLMSOFTWAREClassesToolbar.CT2384137

Key Deleted : HKLMSOFTWAREClassesToolbar.CT2903600

Key Deleted : HKLMSOFTWAREClassesToolbar.ToolbarHelperObject

Key Deleted : HKLMSOFTWAREClassesToolbar.ToolbarHelperObject.1

Key Deleted : HKLMSOFTWAREClassesTypeLib{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}

Key Deleted : HKLMSOFTWAREClassesTypeLib{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}

Key Deleted : HKLMSoftwareConduit

Key Deleted : HKLMSoftwareconduitEngine

Key Deleted : HKLMSoftwareDefault Tab

Key Deleted : HKLMSoftwareDefaultTab

Key Deleted : HKLMSoftwareFreeze.com

Key Deleted : HKLMSoftwareIObitCom

Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{0C36DAE6-46A0-4EB6-AF55-E66E14285791}

Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{17F772BA-A100-4F3D-8E73-47D1B5DA4B93}

Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Deleted : HKLMSoftwareProductivity_2.1

Key Deleted : HKLMSoftwareSearch Settings

Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{0C36DAE6-46A0-4EB6-AF55-E66E14285791}

Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{17F772BA-A100-4F3D-8E73-47D1B5DA4B93}

Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{31C7D459-9CC3-44F2-9DCA-FC11795309B4}

Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}

Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{99066096-8989-4612-841F-621A01D54AD7}

Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{C44F9E21-D93F-490C-B41C-B3548BDD19FC}

Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}

Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{F773BB94-6C19-4643-A570-0E429103D1C3}

Key Deleted : HKLMSOFTWAREWow6432NodeClassesCLSID{FE9271F2-6EFD-44B0-A826-84C829536E93}

Key Deleted : HKLMSOFTWAREWow6432NodeClassesInterface{F773BB94-6C19-4643-A570-0E429103D1C3}

Key Deleted : HKLMSOFTWAREWow6432NodeGoogleChromeExtensionskdidombaedgpfiiedeimiebkmbilgmlc

Key Deleted : HKLMSOFTWAREWow6432NodeGoogleChromeExtensionsniapdbllcanepiiimjjndipklodoedlc

Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{8DAC9A43-5E44-423F-A6BF-40E31AA842AE}

Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}

Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{CB47A994-096F-485A-A735-586D2A1E8CAE}

Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{DC8680AA-35C2-4C67-BD6C-6117C0BF4393}

Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{E0F629A7-B31C-482B-8035-BA01E5BFFDAC}

Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{FE42BF92-8AA9-4719-9F59-E503F29FCC14}

Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerSearchScopes{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerSearchScopes{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{31C7D459-9CC3-44F2-9DCA-FC11795309B4}

Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{C44F9E21-D93F-490C-B41C-B3548BDD19FC}

Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}

Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstall{6EFDBA50-4ABE-4194-86F7-F3BD0A011F5B}_is1

Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallConduit Engine

Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallconduitEngine

Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallDefaultTab

Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallDefaultTab Chrome

Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallIObitCom Toolbar

Key Deleted : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallProductivity_2.1 Toolbar

Key Deleted : HKLMSOFTWAREClassesInterface{1C888195-0160-4883-91B7-294C0CE2F277}

Key Deleted : HKLMSOFTWAREClassesInterface{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}

Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

Key Deleted : HKLMSOFTWARETarma Installer

Key Deleted : HKU.DEFAULTSoftwareMicrosoftInternet ExplorerSearchScopes{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

Value Deleted : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]

Value Deleted : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{31C7D459-9CC3-44F2-9DCA-FC11795309B4}]

Value Deleted : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]

Value Deleted : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{C44F9E21-D93F-490C-B41C-B3548BDD19FC}]

Value Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerURLSearchHooks [{31C7D459-9CC3-44F2-9DCA-FC11795309B4}]

Value Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerURLSearchHooks [{C44F9E21-D93F-490C-B41C-B3548BDD19FC}]

Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]

Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{31C7D459-9CC3-44F2-9DCA-FC11795309B4}]

Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]

Value Deleted : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{C44F9E21-D93F-490C-B41C-B3548BDD19FC}]

 

***** [internet Browsers] *****

 

- Internet Explorer v8.0.7601.17514

 

[OK] Registry is clean.

 

- Google Chrome v [unable to get version]

 

File : C:UsersLyndaAppDataLocalGoogleChromeUser DataDefaultPreferences

 

[OK] File is clean.

 

*************************

 

AdwCleaner[R1].txt - [13646 octets] - [11/11/2012 06:59:50]

AdwCleaner[s1].txt - [12429 octets] - [11/11/2012 13:05:02]

 

########## EOF - C:AdwCleaner[s1].txt - [12490 octets] ##########

Share this post


Link to post
Share on other sites

Let's update Java, yours is outdated ....

 

Update Java:

  • Download the latest version of Java Runtime Environment (JRE) 7u9.

    http://www.oracle.com/technetwork/java/javase/downloads/index.html

  • Scroll over to the right (JRE)

  • Click the "Download" button to the right.
  • Check the box that says: "Accept License Agreement".
  • The page will refresh.
  • Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Programs and Features programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u9-windows-i586-p.exe to install the newest version.
****Make sure to unckeck any tool bars or additional add-ons, if already checked!!

 

After doing the above, tell me how your computer is running now.

Share this post


Link to post
Share on other sites

i downloaded the latest java i removed the older version then tried to sign into ebay and i still had the old problem with the ads popping up and unable to sign into my account. the background on my desktop keeps changing pics every few minutes.

Share this post


Link to post
Share on other sites

Okay, download TFC by Old Timer http://www.geekstogo.com/forum/TFC-Temp-File-Cleaner-OldTimer-file187.html and save it to your desktop.

 

Save any unsaved work. TFC will close ALL open programs including your browser!

Double-click on TFC.exe to run it. If you are using Vista/Windows 7 right-click on the file and choose Run As Administrator.

Click the Start button to begin the cleaning process and let it run uninterrupted to completion.

Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.

 

Next, download http://www.ie7pro.com/ ... be very careful once again to uncheck and not include any bundled add-ons with this program!!

 

Once done, please download DDS from one of these links:

DDS.com

DDS.pif

  • Disable any script blocking protection
  • Double click the dds icon to run the tool.
  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt <--- will be minimized in the task tray
  • Save both reports to your desktop.
Include the contents of both logs in your next post.

The scan will instruct you to post Attach.txt as an attachment.

No need for that though ..... just post it's contents as you would any other log.

Share this post


Link to post
Share on other sites

I am over at a friends house at this moment, I downloaded the TFC as you told me to do, the program stopped responding, I lost all of my desktop icons and the icons near the clock, I am unable to shut down my computer and I am left with a very huge background picture of a boardwalk. Should I manually reboot and try the downlad again? Thank you.

Share this post


Link to post
Share on other sites

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-07.01)

.

Microsoft Windows 7 Home Premium

Boot Device: DeviceHarddiskVolume1

Install Date: 1/15/2011 4:39:34 AM

System Uptime: 11/12/2012 1:05:05 AM (0 hours ago)

.

Motherboard: FOXCONN | | 2AB7

Processor: AMD Athlon II 170u Processor | CPU 1 | 2000/200mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 454 GiB total, 414.103 GiB free.

D: is FIXED (NTFS) - 12 GiB total, 1.45 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: SBRE

Device ID: ROOTLEGACY_SBRE0000

Manufacturer:

Name: SBRE

PNP Device ID: ROOTLEGACY_SBRE0000

Service: SBRE

.

==== System Restore Points ===================

.

RP248: 10/16/2012 4:59:03 PM - Windows Update

RP249: 10/18/2012 6:10:34 PM - Installed Java 6 Update 37

RP250: 10/24/2012 8:20:37 PM - Windows Update

RP251: 10/30/2012 4:26:39 PM - Windows Update

RP252: 11/2/2012 6:15:19 PM - Windows Update

RP253: 11/5/2012 4:25:49 PM - HPSF Restore Point

RP254: 11/5/2012 5:52:25 PM - HPSF Restore Point

RP255: 11/6/2012 10:07:24 AM - Windows Update

RP256: 11/8/2012 2:37:55 PM - Removed IObit Toolbar v4.7.

RP257: 11/8/2012 4:08:17 PM - Restore Operation

RP258: 11/8/2012 4:18:00 PM - Windows Update

RP259: 11/11/2012 8:05:59 PM - Removed Java 6 Update 22

RP260: 11/11/2012 8:07:35 PM - Removed Java 6 Update 37

RP261: 11/11/2012 8:21:39 PM - Installed Java 7 Update 9

.

==== Installed Programs ======================

.

123 Free Solitaire 2009 v7.2

Ad-Aware Security Add-on

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Reader X (10.1.4)

Advanced SystemCare 4

ArcSoft Panorama Maker 5

ASPCA Tri Reminder by We-Care.com

ATI Catalyst Install Manager

Auslogics Registry Cleaner

avast! Free Antivirus

Babylon toolbar

Bejeweled 3

Bing Bar

Bing Rewards Client Installer

Blio

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Clip Art Collection

Compaq Setup Manager

Coupon Printer for Windows

CyberLink DVD Suite Deluxe

D3DX10

Express Burn

EZ Cards Creator

Farm Frenzy

FATE

File Uploader

Final Drive Nitro

GamesBar 2.0.1.73

Google Chrome

Google Update Helper

Heroes of Hellas 2 - Olympia

Hewlett-Packard ACLM.NET v1.1.2.0

HP Auto

HP Client Services

HP Customer Experience Enhancements

HP Games

HP MovieStore

HP Odometer

HP Product Detection

HP Setup

HP Support Assistant

HP Support Information

HP Update

HP Vision Hardware Diagnostics

I SPY Mystery

I SPY Spooky Mansion

I SPY Treasure Hunt

IE7Pro

IObit Malware Fighter

IObit Toolbar v4.7

Java 7 Update 9

Java Auto Updater

Jewel Keepers: Easter Island

Jewel Quest Solitaire 2

Junk Mail filter update

Kobo

LabelPrint

LightScribe System Software

Malwarebytes Anti-Malware version 1.65.0.1400

McAfee Security Scan Plus

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Office 2010

Microsoft Office Click-to-Run 2010

Microsoft Office Starter 2010 - English

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Microsoft WSE 3.0 Runtime

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Mystery P.I. - The London Caper

Nikon Message Center

Nikon Transfer

OpenOffice.org 3.3

ParetoLogic Data Recovery

PC Optimizer Pro

PDF Complete Special Edition

Penguins!

PhotoNow!

PhotoPad Image Editor

Picture Control Utility

PictureMover

Pixillion Image Converter

Plants vs. Zombies

PlayReady PC Runtime amd64

PlayReady PC Runtime x86

Poker Superstars III

Polar Bowler

Polar Golfer

Power2Go

PowerDirector

PressReader

ProgSense

Protected Folder

QuickTime

Realtek High Definition Audio Driver

Recovery Manager

RoxioNow Player

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

ShopAtHome.com Toolbar

SLOW-PCfighter

Smile Desktop version 1.0.8.286

Strongvault Online Backup

SUPERAntiSpyware

Swiki version 1.0

Swiki_IE

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update Installer for WildTangent Games App

ViewNX

Virtual Families

Virtual Villagers 4 - The Tree of Life

WildTangent Games

WildTangent Games App

WildTangent Games App (HP Games)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinMaximizer 1.2.86

Zinio Reader 4

Zuma Deluxe

.

==== Event Viewer Messages From Past Week ========

.

11/9/2012 1:10:33 AM, Error: Service Control Manager [7034] - The DefaultTabSearch service terminated unexpectedly. It has done this 1 time(s).

11/8/2012 4:19:35 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.139.1429.0).

11/8/2012 4:04:41 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running.

11/8/2012 4:04:11 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

11/8/2012 4:04:09 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-2147218173.

11/8/2012 3:35:48 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

11/8/2012 3:35:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

11/8/2012 3:35:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

11/8/2012 3:35:45 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

11/8/2012 3:35:45 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

11/8/2012 3:35:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

11/8/2012 3:35:37 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

11/8/2012 3:35:31 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswRdr aswSnx aswSP aswTdi DfsC discache NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL SBRE spldr tdx Wanarpv6 WfpLwf

11/8/2012 3:35:31 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

11/8/2012 3:35:31 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

11/8/2012 3:35:31 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

11/8/2012 3:35:31 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

11/8/2012 3:35:31 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.

11/8/2012 3:35:30 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

11/8/2012 3:35:30 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

11/8/2012 3:35:30 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

11/8/2012 3:35:30 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

11/8/2012 3:35:30 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

11/8/2012 2:53:20 PM, Error: Service Control Manager [7023] - The Windows Update service terminated with the following error: %%-2147467243

11/8/2012 2:53:19 PM, Error: Service Control Manager [7024] - The Background Intelligent Transfer Service service terminated with service-specific error %%-2147023781.

11/8/2012 2:53:19 PM, Error: Service Control Manager [7023] - The Server service terminated with the following error: The data is invalid.

11/8/2012 2:53:19 PM, Error: Microsoft-Windows-Bits-Client [16392] - The BITS service failed to start. Error 0x8007045B.

11/8/2012 2:53:18 PM, Error: Service Control Manager [7038] - The PolicyAgent service was unable to log on as NT AuthorityNetworkService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

11/8/2012 2:53:18 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

11/8/2012 2:53:18 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/8/2012 2:53:18 PM, Error: Service Control Manager [7000] - The Portable Device Enumerator Service service failed to start due to the following error: A system shutdown is in progress.

11/8/2012 2:53:18 PM, Error: Service Control Manager [7000] - The IPsec Policy Agent service failed to start due to the following error: The service did not start due to a logon failure.

11/8/2012 2:53:18 PM, Error: Service Control Manager [7000] - The Human Interface Device Access service failed to start due to the following error: A system shutdown is in progress.

11/8/2012 2:53:18 PM, Error: Service Control Manager [7000] - The Diagnostic System Host service failed to start due to the following error: A system shutdown is in progress.

11/8/2012 2:53:18 PM, Error: Service Control Manager [7000] - The Computer Browser service failed to start due to the following error: A system shutdown is in progress.

11/8/2012 2:53:18 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

11/8/2012 2:52:14 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

11/8/2012 2:52:14 PM, Error: Service Control Manager [7000] - The Spybot-S&D 2 Scanner Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/8/2012 11:08:43 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

11/12/2012 1:07:01 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SBRE

11/12/2012 1:05:45 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the IMF Service service to connect.

11/12/2012 1:05:45 AM, Error: Service Control Manager [7000] - The IMF Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/11/2012 7:59:42 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

11/11/2012 11:52:45 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the System Event Notification Service service to connect.

11/11/2012 11:52:45 PM, Error: Service Control Manager [7000] - The System Event Notification Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/11/2012 11:52:15 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Management Instrumentation service to connect.

11/11/2012 11:51:45 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Server service to connect.

11/11/2012 11:51:45 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.

11/11/2012 11:51:45 PM, Error: Service Control Manager [7000] - The Server service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/11/2012 11:51:15 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Group Policy Client service to connect.

11/11/2012 11:51:15 PM, Error: Service Control Manager [7000] - The Group Policy Client service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/11/2012 11:50:45 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the IKE and AuthIP IPsec Keying Modules service to connect.

11/11/2012 11:50:45 PM, Error: Service Control Manager [7000] - The IKE and AuthIP IPsec Keying Modules service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/11/2012 11:50:15 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the User Profile Service service to connect.

11/11/2012 11:50:15 PM, Error: Service Control Manager [7000] - The User Profile Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/11/2012 11:49:45 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Task Scheduler service to connect.

11/11/2012 11:49:45 PM, Error: Service Control Manager [7000] - The Task Scheduler service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/11/2012 11:49:15 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Shell Hardware Detection service to connect.

11/11/2012 11:48:45 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Themes service to connect.

11/11/2012 11:48:45 PM, Error: Service Control Manager [7000] - The Themes service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/11/2012 11:48:15 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Update service to connect.

11/11/2012 11:48:15 PM, Error: Service Control Manager [7000] - The Windows Update service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/11/2012 11:47:45 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Application Experience service to connect.

11/11/2012 11:47:45 PM, Error: Service Control Manager [7000] - The Application Experience service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/11/2012 11:47:15 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Background Intelligent Transfer Service service to connect.

11/11/2012 11:47:15 PM, Error: Service Control Manager [7000] - The Background Intelligent Transfer Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/11/2012 11:45:15 PM, Error: Service Control Manager [7034] - The Application Information service terminated unexpectedly. It has done this 1 time(s).

11/11/2012 11:45:15 PM, Error: Service Control Manager [7031] - The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

11/11/2012 11:45:15 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

11/11/2012 11:45:15 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

11/11/2012 11:45:15 PM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

11/11/2012 11:45:15 PM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

11/11/2012 11:45:15 PM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

11/11/2012 11:45:15 PM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

11/11/2012 11:45:15 PM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

11/11/2012 11:45:15 PM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

11/11/2012 11:45:15 PM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

11/11/2012 11:45:15 PM, Error: Service Control Manager [7031] - The Computer Browser service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

11/11/2012 11:45:15 PM, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

11/11/2012 11:45:15 PM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

11/11/2012 11:03:16 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.

11/11/2012 11:00:34 PM, Error: Service Control Manager [7022] - The Windows Defender service hung on starting.

11/11/2012 10:57:58 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.

11/11/2012 10:57:58 PM, Error: Service Control Manager [7000] - The Software Protection service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/11/2012 10:57:27 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Support Assistant Service service to connect.

11/11/2012 10:57:27 PM, Error: Service Control Manager [7000] - The HP Support Assistant Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

.

==== End Of File ===========================DDS (Ver_2012-11-07.01) - NTFS_AMD64

Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.9.2

Run by Lynda at 1:33:17 on 2012-11-12

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1791.629 [GMT -5:00]

.

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}

.

============== Running Processes ===============

.

C:Windowssystem32lsm.exe

C:Windowssystem32svchost.exe -k DcomLaunch

C:Windowssystem32svchost.exe -k RPCSS

C:Windowssystem32atiesrxx.exe

C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted

C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted

C:Windowssystem32svchost.exe -k netsvcs

C:Windowssystem32svchost.exe -k LocalService

C:Windowssystem32svchost.exe -k NetworkService

C:Program FilesAlwil SoftwareAvast5AvastSvc.exe

C:Windowssystem32atieclxx.exe

C:Windowssystem32Dwm.exe

C:WindowsExplorer.EXE

C:WindowsSystem32spoolsv.exe

C:Windowssystem32taskhost.exe

C:Windowssystem32svchost.exe -k LocalServiceNoNetwork

C:Program FilesSUPERAntiSpywareSASCORE64.EXE

C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACService.exe

C:Program Files (x86)Hewlett-PackardHP Odometerhpsysdrv.exe

C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe

C:Program Files (x86)IObitAdvanced SystemCare 4ASCTray.exe

C:Program Files (x86)IObitAdvanced SystemCare 4ASCService.exe

C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe

C:Program Files (x86)McAfee Security Scan2.1.121SSScheduler.exe

C:Windowssystem32taskeng.exe

C:Program Files (x86)IObitAdvanced SystemCare 4PMonitor.exe

C:Program Files (x86)OpenOffice.org 3programsoffice.exe

C:Program Files (x86)WebshotsSmile DesktopSmile.exe

C:Program Files (x86)OpenOffice.org 3programsoffice.bin

C:Program Files (x86)HpHP Software Updatehpwuschd2.exe

C:Program FilesAlwil SoftwareAvast5AvastUI.exe

C:ProgramDataAd-Aware Browsing Protectionadawarebp.exe

C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACDaemon.exe

C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation

C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe

C:Program Files (x86)Common FilesJavaJava Updatejusched.exe

C:Program Files (x86)Common FilesArcSoftConnection ServiceBinArcCon.ac

C:Program Files (x86)Hewlett-PackardSharedHPDrvMntSvc.exe

c:Program Files (x86)Common FilesLightScribeLSSrvc.exe

C:Program Files (x86)PDF Completepdfsvc.exe

C:Program Files (x86)RoxioRoxioNow PlayerRNowSvc.exe

C:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exe

C:Windowssystem32svchost.exe -k imgsvc

C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE

C:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exe

C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe

C:Program Files (x86)Common FilesMicrosoft SharedVirtualization HandlerCVHSVC.EXE

c:Program Files (x86)ATI TechnologiesATI.ACECore-StaticMOM.exe

C:Windowssystem32SearchIndexer.exe

C:Windowssystem32svchost.exe -k NetworkServiceNetworkRestricted

C:Program FilesWindows Media Playerwmpnetwk.exe

C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCCC.exe

C:WindowsSystem32svchost.exe -k LocalServicePeerNet

C:Program FilesInternet Exploreriexplore.exe

C:Windowssystem32MacromedFlashFlashUtil64_11_5_502_110_ActiveX.exe

C:Program Files (x86)Hewlett-PackardHP Support Frameworkhpsa_service.exe

C:WindowsSystem32svchost.exe -k secsvcs

C:Program FilesInternet Exploreriexplore.exe

C:Windowssystem32msiexec.exe

C:UsersLyndaAppDataLocalStrongVaultStrongVaultApp.exe

C:Program Files (x86)ProgSenseProgSense.exe

C:Program Files (x86)MicrosoftBingBar7.1.391.0SeaPort.exe

C:Program Files (x86)Strongvault Online BackupSMessenger.exe

C:Program FilesInternet Exploreriexplore.exe

C:Windowssystem32taskhost.exe

C:Windowssystem32taskeng.exe

C:Windowssystem32wbemwmiprvse.exe

C:WindowsSystem32cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://search.babylon.com/?affID=112670&tt=4612_1&babsrc=HP_sst&mntrId=3062618800000000000064315025b168

uURLSearchHooks: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:Program Files (x86)adawaretbadawareDx.dll

dURLSearchHooks: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:Program Files (x86)adawaretbadawareDx.dll

mWinlogon: Userinit = userinit.exe,

BHO: IE7Pro BHO: {00011268-E188-40DF-A514-835FCD78B1BF} - C:Program Files (x86)IEProIEPro.dll

BHO: IObit Toolbar: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:Program Files (x86)IObit ToolbarIE4.7iobitToolbarIE.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll

BHO: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - C:Program Files (x86)BabylonToolbarBabylonToolbar1.8.3.8bhBabylonToolbar.dll

BHO: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:Program Files (x86)adawaretbadawareDx.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre7binssv.dll

BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} -

BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAlwil SoftwareAvast5aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll

BHO: Swiki_IE: {A2B6C1C5-ACDE-415E-A965-9FCB42E95952} - C:Program Files (x86)Swiki_IEScriptHost.dll

BHO: GamesBarBHO Class: {CB0D163C-E9F4-4236-9496-0597E24B23A5} -

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:Program Files (x86)MicrosoftBingBar7.1.391.0BingExt.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre7binjp2ssv.dll

TB: Grab Pro: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:Program Files (x86)IEProIEProRecorder.dll

TB: IObit Toolbar: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:Program Files (x86)IObit ToolbarIE4.7iobitToolbarIE.dll

TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAlwil SoftwareAvast5aswWebRepIE.dll

TB: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:Program Files (x86)adawaretbadawareDx.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -

TB: Grab Pro: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:Program Files (x86)IEProIEProRecorder.dll

TB: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - C:Program Files (x86)BabylonToolbarBabylonToolbar1.8.3.8BabylonToolbarTlbr.dll

uRun: [searchEngineProtection] C:Program Files (x86)GamesbarSearchEngineProtection.exe

uRun: [Advanced SystemCare 4] C:Program Files (x86)IObitAdvanced SystemCare 4ASCTray.exe

uRun: [sUPERAntiSpyware] C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe

uRun: [Messenger] "C:Program Files (x86)Strongvault Online BackupSMessenger.exe"

mRun: [startCCC] "c:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe" MSRun

mRun: [HP Software Update] c:Program Files (x86)HPHP Software UpdateHPWuSchd2.exe

mRun: [PDF Complete] C:Program Files (x86)PDF Completepdfsty.exe

mRun: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe"

mRun: [avast] "C:Program FilesAlwil SoftwareAvast5avastUI.exe" /nogui

mRun: [Ad-Aware Browsing Protection] "C:ProgramDataAd-Aware Browsing Protectionadawarebp.exe"

mRun: [ArcSoft Connection Service] C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACDaemon.exe

mRun: [QuickTime Task] "C:Program Files (x86)QuickTimeQTTask.exe" -atboottime

mRun: [sunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe"

mRun: [sMessaging] C:UsersLyndaAppDataLocalStrongvault Online BackupSMessaging.exe

StartupFolder: C:UsersLyndaAppDataRoamingMICROS~1WindowsSTARTM~1ProgramsStartupOPENOF~1.LNK - C:Program Files (x86)OpenOffice.org 3programquickstart.exe

StartupFolder: C:UsersLyndaAppDataRoamingMICROS~1WindowsSTARTM~1ProgramsStartupPROGSE~1.LNK - C:Program Files (x86)ProgSenseprogsense.exe

StartupFolder: C:UsersLyndaAppDataRoamingMICROS~1WindowsSTARTM~1ProgramsStartupSMILED~1.LNK - C:Program Files (x86)WebshotsSmile DesktopSmile.exe

StartupFolder: C:PROGRA~3MICROS~1WindowsSTARTM~1ProgramsStartupMCAFEE~1.LNK - C:Program Files (x86)McAfee Security Scan2.1.121SSScheduler.exe

StartupFolder: C:PROGRA~3MICROS~1WindowsSTARTM~1ProgramsStartupSNAPFI~1.LNK - C:Program Files (x86)PictureMoverBinPictureMover.exe

StartupFolder: C:ProgramDataMicrosoftWindowsStart MenuProgramsStartupStrongVaultApp.exe

StartupFolder: C:PROGRA~3MICROS~1WindowsSTARTM~1ProgramsStartupSTRONG~1.LNK - C:UsersLyndaAppDataLocalStrongVaultStrongVaultApp.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: {000002a3-84fe-43f1-b958-f2c3ca804f1a} - {CD275D4E-791A-4993-9D4D-6A071EDD2709} - C:Program Files (x86)IEProIEPro.dll

IE: {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - {B119EB0C-C021-46CF-85B0-34A760E0D5FE} - C:Program Files (x86)IEProIEPro.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: NameServer = 75.75.75.75 75.75.76.76

TCP: Interfaces{3FF978B7-1DFD-4F78-B3F3-1EAA07EEA91E} : DHCPNameServer = 75.75.75.75 75.75.76.76

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:Program FilesAlwil SoftwareAvast5aswWebRepIE64.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll

x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:Program FilesAlwil SoftwareAvast5aswWebRepIE64.dll

x64-Run: [hpsysdrv] c:program files (x86)hewlett-packardHP odometerhpsysdrv.exe

x64-Run: [PC Optimizer Pro] "C:Program FilesPC Optimizer ProStartApps.exe" "C:Program FilesPC Optimizer ProPCOptimizerPro.exe -w31"

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 amd_sata;amd_sata;C:WindowsSystem32driversamd_sata.sys [2010-10-26 75904]

R0 amd_xata;amd_xata;C:WindowsSystem32driversamd_xata.sys [2010-10-26 38016]

R1 aswSnx;aswSnx;C:WindowsSystem32driversaswSnx.sys [2011-6-5 984144]

R1 aswSP;aswSP;C:WindowsSystem32driversaswSP.sys [2011-1-15 370288]

R1 SASDIFSV;SASDIFSV;C:Program FilesSUPERAntiSpywaresasdifsv64.sys [2011-7-22 14928]

R1 SASKUTIL;SASKUTIL;C:Program FilesSUPERAntiSpywaresaskutil64.sys [2011-7-12 12368]

R2 !SASCORE;SAS Core Service;C:Program FilesSUPERAntiSpywareSASCore64.exe [2012-7-11 140672]

R2 AdvancedSystemCareService;Advanced SystemCare Service;C:Program Files (x86)IObitAdvanced SystemCare 4ASCService.exe [2011-7-24 353168]

R2 AMD External Events Utility;AMD External Events Utility;C:WindowsSystem32atiesrxx.exe [2010-10-26 203264]

R2 aswFsBlk;aswFsBlk;C:WindowsSystem32driversaswFsBlk.sys [2011-1-15 25232]

R2 aswMonFlt;aswMonFlt;C:WindowsSystem32driversaswMonFlt.sys [2011-1-15 71600]

R2 avast! Antivirus;avast! Antivirus;C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [2012-11-9 44808]

R2 cvhsvc;Client Virtualization Handler;C:Program Files (x86)Common Filesmicrosoft sharedVirtualization HandlerCVHSVC.EXE [2012-1-4 822624]

R2 HP Support Assistant Service;HP Support Assistant Service;C:Program Files (x86)Hewlett-PackardHP Support FrameworkHPSA_Service.exe [2011-9-9 86072]

R2 HPClientSvc;HP Client Services;C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe [2010-8-5 291896]

R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:Program Files (x86)Hewlett-PackardSharedHPDrvMntSvc.exe [2011-3-28 94264]

R2 pdfcDispatcher;PDF Document Manager;C:Program Files (x86)PDF Completepdfsvc.exe [2010-10-26 1119768]

R2 PfFilter;PfFilter;C:Program Files (x86)IObitProtected Folderpffilter.sys [2011-7-24 36792]

R2 RoxioNow Service;RoxioNow Service;C:Program Files (x86)RoxioRoxioNow PlayerRNowSvc.exe [2010-9-11 399344]

R2 sftlist;Application Virtualization Client;C:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exe [2011-10-1 508776]

R3 BBUpdate;BBUpdate;C:Program Files (x86)MicrosoftBingBar7.1.391.0SeaPort.EXE [2012-6-11 240208]

R3 RTL8167;Realtek 8167 NT Driver;C:WindowsSystem32driversRt64win7.sys [2010-10-26 349800]

R3 Sftfs;Sftfs;C:WindowsSystem32driversSftfslh.sys [2011-10-1 764264]

R3 Sftplay;Sftplay;C:WindowsSystem32driversSftplaylh.sys [2011-10-1 268648]

R3 Sftredir;Sftredir;C:WindowsSystem32driversSftredirlh.sys [2011-10-1 25960]

R3 Sftvol;Sftvol;C:WindowsSystem32driversSftvollh.sys [2011-10-1 22376]

R3 sftvsa;Application Virtualization Service Agent;C:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exe [2011-10-1 219496]

R3 usbfilter;AMD USB Filter Driver;C:WindowsSystem32driversusbfilter.sys [2010-10-26 38456]

S2 BBSvc;BingBar Service;C:Program Files (x86)MicrosoftBingBar7.1.391.0BBSvc.EXE [2012-6-11 193616]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-3-18 138576]

S2 IMFservice;IMF Service;C:Program Files (x86)IObitIObit Malware FighterIMFsrv.exe [2011-7-24 820568]

S3 FileMonitor;FileMonitor;C:Program Files (x86)IObitIObit Malware FighterDriverswin7_amd64FileMonitor.sys [2011-10-14 20336]

S3 GamesAppService;GamesAppService; [x]

S3 McComponentHostService;McAfee Security Scan Component Host Service;C:Program Files (x86)McAfee Security Scan2.1.121McCHSvc.exe [2010-9-3 227232]

S3 RegFilter;RegFilter;C:Program Files (x86)IObitIObit Malware FighterDriverswin7_amd64RegFilter.sys [2011-10-14 33184]

S3 TsUsbFlt;TsUsbFlt;C:WindowsSystem32driversTsUsbFlt.sys [2011-7-7 59392]

S3 UrlFilter;UrlFilter;C:Program Files (x86)IObitIObit Malware FighterDriverswin7_amd64UrlFilter.sys [2011-10-14 21872]

S3 WatAdminSvc;Windows Activation Technologies Service;C:WindowsSystem32WatWatAdminSvc.exe [2011-1-16 1255736]

.

=============== Created Last 30 ================

.

2012-11-12 06:23:36 -------- d-----w- C:Program Files (x86)BabylonToolbar

2012-11-12 06:23:09 -------- d-----w- C:UsersLyndaAppDataRoamingBabylon

2012-11-12 06:23:09 -------- d-----w- C:ProgramDataBabylon

2012-11-12 06:14:55 -------- d-----w- C:UsersLyndaAppDataRoamingProgSense

2012-11-12 06:14:47 -------- d-----w- C:UsersLyndaAppDataRoamingStrongvault

2012-11-12 06:14:47 -------- d-----w- C:Program Files (x86)ProgSense

2012-11-12 06:14:23 -------- d-----w- C:UsersLyndaAppDataRoamingGrabPro

2012-11-12 06:14:23 -------- d-----w- C:downloads

2012-11-12 06:14:19 -------- d-----w- C:Program Files (x86)Common FilesMSSoap

2012-11-12 06:14:18 -------- d-----w- C:Program Files (x86)IEPro

2012-11-12 06:14:12 -------- d-----w- C:UsersLyndaAppDataLocalStrongvault Online Backup

2012-11-12 06:14:06 -------- d-----w- C:UsersLyndaAppDataLocalStronghold_LLC

2012-11-12 06:13:56 -------- d-sh--w- C:WindowsSysWow64AI_RecycleBin

2012-11-12 06:13:46 -------- d-----w- C:UsersLyndaAppDataLocalStrongVault

2012-11-12 06:13:46 -------- d-----w- C:ProgramDataStrongvault Online Backup

2012-11-12 06:13:46 -------- d-----w- C:Program Files (x86)Strongvault Online Backup

2012-11-12 03:24:50 69000 ----a-w- C:ProgramDataMicrosoftWindows DefenderDefinition Updates{762C3544-18F0-46D2-9150-E9EFF9B67994}offreg.dll

2012-11-12 01:22:33 95208 ----a-w- C:WindowsSysWow64WindowsAccessBridge-32.dll

2012-11-11 11:52:15 -------- d-----w- C:ProgramDataSUPERSetup

2012-11-09 20:45:12 -------- d-----w- C:UsersLyndaAppDataLocalCrashRpt

2012-11-09 20:44:49 -------- d-----w- C:Program Files (x86)Webshots

2012-11-09 20:09:27 9291768 ----a-w- C:ProgramDataMicrosoftWindows DefenderDefinition Updates{762C3544-18F0-46D2-9150-E9EFF9B67994}mpengine.dll

2012-11-09 04:24:55 697272 ----a-w- C:WindowsSysWow64FlashPlayerApp.exe

2012-11-08 13:47:33 -------- d-----w- C:UsersLyndaAppDataRoamingPC Cleaners

2012-11-08 13:47:07 -------- d-----w- C:UsersLyndaAppDataRoamingPCPro

2012-11-08 13:47:07 -------- d-----w- C:ProgramDataPC1Data

2012-11-08 04:57:39 -------- d-----w- C:UsersLyndaAppDataLocalDeployment

2012-11-08 04:57:39 -------- d-----w- C:UsersLyndaAppDataLocalApps

2012-11-06 05:28:15 -------- d-----w- C:ProgramDataSpybot - Search & Destroy

2012-11-06 05:27:37 -------- d-----w- C:Program Files (x86)Spybot - Search & Destroy 2

2012-11-05 15:14:04 -------- d-----w- C:UsersLyndaAppDataRoamingNCH Software

2012-11-05 06:09:40 -------- d-----w- C:ProgramDataSUPERAntiSpyware.com

2012-11-05 06:09:40 -------- d-----w- C:Program FilesSUPERAntiSpyware

2012-11-02 04:34:12 -------- d-----w- C:UsersLyndaAppDataRoamingSUPERAntiSpyware.com

2012-10-23 05:13:59 -------- d-----w- C:Program Files (x86)EZ Cards Creator

2012-10-23 05:06:13 -------- d-----w- C:Program Files (x86)SaveValet

2012-10-23 05:06:12 -------- d-----w- C:Program Files (x86)Swiki_IE

2012-10-23 05:06:02 -------- d-----w- C:Program FilesPC Optimizer Pro

2012-10-23 05:05:50 -------- d-----w- C:WindowsSChecker

2012-10-23 05:05:49 -------- d-----w- C:Program Files (x86)SwikiIE

2012-10-23 05:05:49 -------- d-----w- C:Program Files (x86)Swiki

2012-10-22 15:17:44 -------- d-----w- C:UsersLyndaAppDataLocalApple Computer

2012-10-20 04:17:53 8795216 ----a-w- C:ProgramDataMicrosoftBingBarBBSvc7.1.391.0oemBingBarSetup-Partner.EXE

.

==================== Find3M ====================

.

2012-11-12 01:22:16 821736 ----a-w- C:WindowsSysWow64npdeployJava1.dll

2012-11-12 01:22:16 746984 ----a-w- C:WindowsSysWow64deployJava1.dll

2012-11-09 04:24:55 73656 ----a-w- C:WindowsSysWow64FlashPlayerCPLApp.cpl

2012-10-30 23:51:55 984144 ----a-w- C:WindowsSystem32driversaswSnx.sys

2012-10-30 23:51:55 71600 ----a-w- C:WindowsSystem32driversaswMonFlt.sys

2012-10-30 23:51:07 41224 ----a-w- C:WindowsavastSS.scr

2012-10-15 16:59:28 54072 ----a-w- C:WindowsSystem32driversaswRdr2.sys

2012-09-14 19:19:29 2048 ----a-w- C:WindowsSystem32tzres.dll

2012-09-14 18:28:53 2048 ----a-w- C:WindowsSysWow64tzres.dll

2012-09-07 21:04:46 25928 ----a-w- C:WindowsSystem32driversmbam.sys

2012-08-31 18:19:35 1659760 ----a-w- C:WindowsSystem32driversntfs.sys

2012-08-30 18:03:45 5559664 ----a-w- C:WindowsSystem32ntoskrnl.exe

2012-08-30 17:12:02 3968880 ----a-w- C:WindowsSysWow64ntkrnlpa.exe

2012-08-30 17:12:02 3914096 ----a-w- C:WindowsSysWow64ntoskrnl.exe

2012-08-24 18:05:07 220160 ----a-w- C:WindowsSystem32wintrust.dll

2012-08-24 18:05:06 1188864 ----a-w- C:WindowsSystem32wininet.dll

2012-08-24 16:57:48 981504 ----a-w- C:WindowsSysWow64wininet.dll

2012-08-24 16:57:48 172544 ----a-w- C:WindowsSysWow64wintrust.dll

2012-08-24 15:59:30 1638912 ----a-w- C:WindowsSystem32mshtml.tlb

2012-08-24 15:20:39 1638912 ----a-w- C:WindowsSysWow64mshtml.tlb

2012-08-22 18:12:50 1913200 ----a-w- C:WindowsSystem32driverstcpip.sys

2012-08-22 18:12:40 950128 ----a-w- C:WindowsSystem32driversndis.sys

2012-08-22 18:12:40 376688 ----a-w- C:WindowsSystem32driversnetio.sys

2012-08-22 18:12:33 288624 ----a-w- C:WindowsSystem32driversFWPKCLNT.SYS

2012-08-21 21:01:00 245760 ----a-w- C:WindowsSystem32OxpsConverter.exe

2012-08-20 18:48:44 362496 ----a-w- C:WindowsSystem32wow64win.dll

2012-08-20 18:48:44 243200 ----a-w- C:WindowsSystem32wow64.dll

2012-08-20 18:48:44 13312 ----a-w- C:WindowsSystem32wow64cpu.dll

2012-08-20 18:48:43 215040 ----a-w- C:WindowsSystem32winsrv.dll

2012-08-20 18:48:37 16384 ----a-w- C:WindowsSystem32ntvdm64.dll

2012-08-20 18:48:35 424448 ----a-w- C:WindowsSystem32KernelBase.dll

2012-08-20 18:46:22 338432 ----a-w- C:WindowsSystem32conhost.exe

2012-08-20 17:40:21 14336 ----a-w- C:WindowsSysWow64ntvdm64.dll

2012-08-20 17:38:44 44032 ----a-w- C:Windowsapppatchacwow64.dll

2012-08-20 17:38:26 25600 ----a-w- C:WindowsSysWow64setup16.exe

2012-08-20 17:37:19 5120 ----a-w- C:WindowsSysWow64wow32.dll

2012-08-20 17:37:18 274944 ----a-w- C:WindowsSysWow64KernelBase.dll

2012-08-20 15:38:21 7680 ----a-w- C:WindowsSysWow64instnm.exe

2012-08-20 15:38:20 2048 ----a-w- C:WindowsSysWow64user.exe

2012-08-20 15:33:28 6144 ---ha-w- C:WindowsSysWow64api-ms-win-security-base-l1-1-0.dll

2012-08-20 15:33:28 4608 ---ha-w- C:WindowsSysWow64api-ms-win-core-threadpool-l1-1-0.dll

2012-08-20 15:33:28 3584 ---ha-w- C:WindowsSysWow64api-ms-win-core-xstate-l1-1-0.dll

2012-08-20 15:33:28 3072 ---ha-w- C:WindowsSysWow64api-ms-win-core-util-l1-1-0.dll

.

============= FINISH: 1:34:43.59 ===============

DDS (Ver_2012-11-07.01) - NTFS_AMD64

Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.9.2

Run by Lynda at 1:33:17 on 2012-11-12

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1791.629 [GMT -5:00]

.

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}

.

============== Running Processes ===============

.

C:Windowssystem32lsm.exe

C:Windowssystem32svchost.exe -k DcomLaunch

C:Windowssystem32svchost.exe -k RPCSS

C:Windowssystem32atiesrxx.exe

C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted

C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted

C:Windowssystem32svchost.exe -k netsvcs

C:Windowssystem32svchost.exe -k LocalService

C:Windowssystem32svchost.exe -k NetworkService

C:Program FilesAlwil SoftwareAvast5AvastSvc.exe

C:Windowssystem32atieclxx.exe

C:Windowssystem32Dwm.exe

C:WindowsExplorer.EXE

C:WindowsSystem32spoolsv.exe

C:Windowssystem32taskhost.exe

C:Windowssystem32svchost.exe -k LocalServiceNoNetwork

C:Program FilesSUPERAntiSpywareSASCORE64.EXE

C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACService.exe

C:Program Files (x86)Hewlett-PackardHP Odometerhpsysdrv.exe

C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe

C:Program Files (x86)IObitAdvanced SystemCare 4ASCTray.exe

C:Program Files (x86)IObitAdvanced SystemCare 4ASCService.exe

C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe

C:Program Files (x86)McAfee Security Scan2.1.121SSScheduler.exe

C:Windowssystem32taskeng.exe

C:Program Files (x86)IObitAdvanced SystemCare 4PMonitor.exe

C:Program Files (x86)OpenOffice.org 3programsoffice.exe

C:Program Files (x86)WebshotsSmile DesktopSmile.exe

C:Program Files (x86)OpenOffice.org 3programsoffice.bin

C:Program Files (x86)HpHP Software Updatehpwuschd2.exe

C:Program FilesAlwil SoftwareAvast5AvastUI.exe

C:ProgramDataAd-Aware Browsing Protectionadawarebp.exe

C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACDaemon.exe

C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation

C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe

C:Program Files (x86)Common FilesJavaJava Updatejusched.exe

C:Program Files (x86)Common FilesArcSoftConnection ServiceBinArcCon.ac

C:Program Files (x86)Hewlett-PackardSharedHPDrvMntSvc.exe

c:Program Files (x86)Common FilesLightScribeLSSrvc.exe

C:Program Files (x86)PDF Completepdfsvc.exe

C:Program Files (x86)RoxioRoxioNow PlayerRNowSvc.exe

C:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exe

C:Windowssystem32svchost.exe -k imgsvc

C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE

C:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exe

C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe

C:Program Files (x86)Common FilesMicrosoft SharedVirtualization HandlerCVHSVC.EXE

c:Program Files (x86)ATI TechnologiesATI.ACECore-StaticMOM.exe

C:Windowssystem32SearchIndexer.exe

C:Windowssystem32svchost.exe -k NetworkServiceNetworkRestricted

C:Program FilesWindows Media Playerwmpnetwk.exe

C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCCC.exe

C:WindowsSystem32svchost.exe -k LocalServicePeerNet

C:Program FilesInternet Exploreriexplore.exe

C:Windowssystem32MacromedFlashFlashUtil64_11_5_502_110_ActiveX.exe

C:Program Files (x86)Hewlett-PackardHP Support Frameworkhpsa_service.exe

C:WindowsSystem32svchost.exe -k secsvcs

C:Program FilesInternet Exploreriexplore.exe

C:Windowssystem32msiexec.exe

C:UsersLyndaAppDataLocalStrongVaultStrongVaultApp.exe

C:Program Files (x86)ProgSenseProgSense.exe

C:Program Files (x86)MicrosoftBingBar7.1.391.0SeaPort.exe

C:Program Files (x86)Strongvault Online BackupSMessenger.exe

C:Program FilesInternet Exploreriexplore.exe

C:Windowssystem32taskhost.exe

C:Windowssystem32taskeng.exe

C:Windowssystem32wbemwmiprvse.exe

C:WindowsSystem32cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://search.babylon.com/?affID=112670&tt=4612_1&babsrc=HP_sst&mntrId=3062618800000000000064315025b168

uURLSearchHooks: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:Program Files (x86)adawaretbadawareDx.dll

dURLSearchHooks: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:Program Files (x86)adawaretbadawareDx.dll

mWinlogon: Userinit = userinit.exe,

BHO: IE7Pro BHO: {00011268-E188-40DF-A514-835FCD78B1BF} - C:Program Files (x86)IEProIEPro.dll

BHO: IObit Toolbar: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:Program Files (x86)IObit ToolbarIE4.7iobitToolbarIE.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll

BHO: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - C:Program Files (x86)BabylonToolbarBabylonToolbar1.8.3.8bhBabylonToolbar.dll

BHO: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:Program Files (x86)adawaretbadawareDx.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre7binssv.dll

BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} -

BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAlwil SoftwareAvast5aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll

BHO: Swiki_IE: {A2B6C1C5-ACDE-415E-A965-9FCB42E95952} - C:Program Files (x86)Swiki_IEScriptHost.dll

BHO: GamesBarBHO Class: {CB0D163C-E9F4-4236-9496-0597E24B23A5} -

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:Program Files (x86)MicrosoftBingBar7.1.391.0BingExt.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre7binjp2ssv.dll

TB: Grab Pro: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:Program Files (x86)IEProIEProRecorder.dll

TB: IObit Toolbar: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:Program Files (x86)IObit ToolbarIE4.7iobitToolbarIE.dll

TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAlwil SoftwareAvast5aswWebRepIE.dll

TB: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:Program Files (x86)adawaretbadawareDx.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -

TB: Grab Pro: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:Program Files (x86)IEProIEProRecorder.dll

TB: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - C:Program Files (x86)BabylonToolbarBabylonToolbar1.8.3.8BabylonToolbarTlbr.dll

uRun: [searchEngineProtection] C:Program Files (x86)GamesbarSearchEngineProtection.exe

uRun: [Advanced SystemCare 4] C:Program Files (x86)IObitAdvanced SystemCare 4ASCTray.exe

uRun: [sUPERAntiSpyware] C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe

uRun: [Messenger] "C:Program Files (x86)Strongvault Online BackupSMessenger.exe"

mRun: [startCCC] "c:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe" MSRun

mRun: [HP Software Update] c:Program Files (x86)HPHP Software UpdateHPWuSchd2.exe

mRun: [PDF Complete] C:Program Files (x86)PDF Completepdfsty.exe

mRun: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe"

mRun: [avast] "C:Program FilesAlwil SoftwareAvast5avastUI.exe" /nogui

mRun: [Ad-Aware Browsing Protection] "C:ProgramDataAd-Aware Browsing Protectionadawarebp.exe"

mRun: [ArcSoft Connection Service] C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACDaemon.exe

mRun: [QuickTime Task] "C:Program Files (x86)QuickTimeQTTask.exe" -atboottime

mRun: [sunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe"

mRun: [sMessaging] C:UsersLyndaAppDataLocalStrongvault Online BackupSMessaging.exe

StartupFolder: C:UsersLyndaAppDataRoamingMICROS~1WindowsSTARTM~1ProgramsStartupOPENOF~1.LNK - C:Program Files (x86)OpenOffice.org 3programquickstart.exe

StartupFolder: C:UsersLyndaAppDataRoamingMICROS~1WindowsSTARTM~1ProgramsStartupPROGSE~1.LNK - C:Program Files (x86)ProgSenseprogsense.exe

StartupFolder: C:UsersLyndaAppDataRoamingMICROS~1WindowsSTARTM~1ProgramsStartupSMILED~1.LNK - C:Program Files (x86)WebshotsSmile DesktopSmile.exe

StartupFolder: C:PROGRA~3MICROS~1WindowsSTARTM~1ProgramsStartupMCAFEE~1.LNK - C:Program Files (x86)McAfee Security Scan2.1.121SSScheduler.exe

StartupFolder: C:PROGRA~3MICROS~1WindowsSTARTM~1ProgramsStartupSNAPFI~1.LNK - C:Program Files (x86)PictureMoverBinPictureMover.exe

StartupFolder: C:ProgramDataMicrosoftWindowsStart MenuProgramsStartupStrongVaultApp.exe

StartupFolder: C:PROGRA~3MICROS~1WindowsSTARTM~1ProgramsStartupSTRONG~1.LNK - C:UsersLyndaAppDataLocalStrongVaultStrongVaultApp.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: {000002a3-84fe-43f1-b958-f2c3ca804f1a} - {CD275D4E-791A-4993-9D4D-6A071EDD2709} - C:Program Files (x86)IEProIEPro.dll

IE: {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - {B119EB0C-C021-46CF-85B0-34A760E0D5FE} - C:Program Files (x86)IEProIEPro.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: NameServer = 75.75.75.75 75.75.76.76

TCP: Interfaces{3FF978B7-1DFD-4F78-B3F3-1EAA07EEA91E} : DHCPNameServer = 75.75.75.75 75.75.76.76

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:Program FilesAlwil SoftwareAvast5aswWebRepIE64.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll

x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:Program FilesAlwil SoftwareAvast5aswWebRepIE64.dll

x64-Run: [hpsysdrv] c:program files (x86)hewlett-packardHP odometerhpsysdrv.exe

x64-Run: [PC Optimizer Pro] "C:Program FilesPC Optimizer ProStartApps.exe" "C:Program FilesPC Optimizer ProPCOptimizerPro.exe -w31"

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 amd_sata;amd_sata;C:WindowsSystem32driversamd_sata.sys [2010-10-26 75904]

R0 amd_xata;amd_xata;C:WindowsSystem32driversamd_xata.sys [2010-10-26 38016]

R1 aswSnx;aswSnx;C:WindowsSystem32driversaswSnx.sys [2011-6-5 984144]

R1 aswSP;aswSP;C:WindowsSystem32driversaswSP.sys [2011-1-15 370288]

R1 SASDIFSV;SASDIFSV;C:Program FilesSUPERAntiSpywaresasdifsv64.sys [2011-7-22 14928]

R1 SASKUTIL;SASKUTIL;C:Program FilesSUPERAntiSpywaresaskutil64.sys [2011-7-12 12368]

R2 !SASCORE;SAS Core Service;C:Program FilesSUPERAntiSpywareSASCore64.exe [2012-7-11 140672]

R2 AdvancedSystemCareService;Advanced SystemCare Service;C:Program Files (x86)IObitAdvanced SystemCare 4ASCService.exe [2011-7-24 353168]

R2 AMD External Events Utility;AMD External Events Utility;C:WindowsSystem32atiesrxx.exe [2010-10-26 203264]

R2 aswFsBlk;aswFsBlk;C:WindowsSystem32driversaswFsBlk.sys [2011-1-15 25232]

R2 aswMonFlt;aswMonFlt;C:WindowsSystem32driversaswMonFlt.sys [2011-1-15 71600]

R2 avast! Antivirus;avast! Antivirus;C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [2012-11-9 44808]

R2 cvhsvc;Client Virtualization Handler;C:Program Files (x86)Common Filesmicrosoft sharedVirtualization HandlerCVHSVC.EXE [2012-1-4 822624]

R2 HP Support

Share this post


Link to post
Share on other sites

I am over at a friends house at this moment, I downloaded the TFC as you told me to do, the program stopped responding, I lost all of my desktop icons and the icons near the clock, I am unable to shut down my computer and I am left with a very huge background picture of a boardwalk. Should I manually reboot and try the downlad again? Thank you.

 

You will see in my instructions using TFC, that everything on your desktop will disappear!

TFC will close ALL open programs including your browser!

You will also need to let it run. At times, you may be thinking that it's stopped working ... be patient. When it's done, it will show you a message. You can reboot then.

Share this post


Link to post
Share on other sites

You have several programs and browser tool bars that are no good! Please click on Control Panel, then Programs and Features....

 

Uninstall ALL of these unwanted items:

Babylon toolbar

Bing Bar

Bing Rewards Client Installer

GamesBar 2.0.1.73

IObit Malware Fighter

IObit Toolbar v4.7

PC Optimizer Pro

ShopAtHome.com Toolbar

 

Let me know if you're still being redirected.

Share this post


Link to post
Share on other sites

I couldn't find bing rewards or shop at home to remove them. Iobit malwarefighter had a file missing so thst didn't get removed. I tried going into ebay and behold i did not have the previous problem. I was able to sign in and navagate the site correctly. Does this mean I'm good to go and the problem is solved? Also, should I have 2 anti-virus programs running at the same time? If not, which should I keep? McAffee or Avast? Thank you so much.

Share this post


Link to post
Share on other sites

No, you don't want two Anti-virus programs running at the same time! Please read this article on 'how' to uninstall McAfee:

http://www.myfixes.com/articles/mcrem

 

After you've done that, please download HiJackThis! from http://www.filehippo...oad_hijackthis/ to your Downloads folder. Right click on it and choose to run as Administrator. Next click 'Do a System Scan and Save logfile'.

The HJT log will open in notepad.

 

Copy and paste the contents of the HJT log in your next reply.

Share this post


Link to post
Share on other sites
i tried going into tinyurl.com to manually remove mcafee but could not get into that site. Message was sorry this page cannot be displayed.I then tried to go into my mail and yahoo had me sign in again and put all these security codes. Is this now comprimised?

Share this post


Link to post
Share on other sites

You're still being redirected ... tinyurl.com is not the address I linked you to!

 

Did you, by chance, do a system restore when you thought TFC borked your computer?

 

You need to follow my specific instructions, or I can't help you or what your computer does. Do you follow me on this?

Share this post


Link to post
Share on other sites

ogfile of Trend Micro HijackThis v2.0.4

Scan saved at 10:03:54 PM, on 11/12/2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v8.00 (8.00.7601.17514)

Boot mode: Normal

Running processes:

C:Program Files (x86)Hewlett-PackardHP Odometerhpsysdrv.exe

C:Program Files (x86)IObitAdvanced SystemCare 4ASCTray.exe

C:Program Files (x86)Strongvault Online BackupSMessenger.exe

C:ProgramDataMicrosoftWindowsStart MenuProgramsStartupStrongVaultApp.exe

C:UsersLyndaAppDataLocalStrongVaultStrongVaultApp.exe

C:Program Files (x86)OpenOffice.org 3programsoffice.exe

C:Program Files (x86)ProgSenseprogsense.exe

C:Program Files (x86)OpenOffice.org 3programsoffice.bin

C:Program Files (x86)HpHP Software Updatehpwuschd2.exe

C:Program FilesAlwil SoftwareAvast5AvastUI.exe

C:ProgramDataAd-Aware Browsing Protectionadawarebp.exe

C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACDaemon.exe

C:Program Files (x86)Common FilesJavaJava Updatejusched.exe

C:Program Files (x86)Common FilesArcSoftConnection ServiceBinArcCon.ac

C:Program Files (x86)Trend MicroHiJackThisHiJackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://g.msn.com/CQDSK/1

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yahoo.com/?ilc=31

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://g.msn.com/CQDSK/1

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://g.msn.com/CQDSK/1

R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =

R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =

R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =

R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =

R3 - URLSearchHook: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:Program Files (x86)adawaretbadawareDx.dll

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:Program Files (x86)IEProiepro.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll

O2 - BHO: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:Program Files (x86)adawaretbadawareDx.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre7binssv.dll

O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:UsersLyndaAppDataRoamingDefaultTabDefaultTabDefaultTabBHO.dll (file missing)

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAlwil SoftwareAvast5aswWebRepIE.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll

O2 - BHO: Swiki_IE - {A2B6C1C5-ACDE-415E-A965-9FCB42E95952} - C:Program Files (x86)Swiki_IEScriptHost.dll

O2 - BHO: GamesBarBHO Class - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:Program Files (x86)GamesBar2.0.1.73oberontb.dll (file missing)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre7binjp2ssv.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:Program FilesAlwil SoftwareAvast5aswWebRepIE.dll

O3 - Toolbar: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:Program Files (x86)adawaretbadawareDx.dll

O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:Program Files (x86)IEProIEProRecorder.dll

O4 - HKLM..Run: [startCCC] "c:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe" MSRun

O4 - HKLM..Run: [HP Software Update] c:Program Files (x86)HPHP Software UpdateHPWuSchd2.exe

O4 - HKLM..Run: [PDF Complete] C:Program Files (x86)PDF Completepdfsty.exe

O4 - HKLM..Run: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe"

O4 - HKLM..Run: [avast] "C:Program FilesAlwil SoftwareAvast5avastUI.exe" /nogui

O4 - HKLM..Run: [Ad-Aware Browsing Protection] "C:ProgramDataAd-Aware Browsing Protectionadawarebp.exe"

O4 - HKLM..Run: [ArcSoft Connection Service] C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACDaemon.exe

O4 - HKLM..Run: [QuickTime Task] "C:Program Files (x86)QuickTimeQTTask.exe" -atboottime

O4 - HKLM..Run: [sunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe"

O4 - HKLM..Run: [sMessaging] C:UsersLyndaAppDataLocalStrongvault Online BackupSMessaging.exe

O4 - HKCU..Run: [searchEngineProtection] C:Program Files (x86)GamesbarSearchEngineProtection.exe

O4 - HKCU..Run: [Advanced SystemCare 4] C:Program Files (x86)IObitAdvanced SystemCare 4ASCTray.exe

O4 - HKCU..Run: [sUPERAntiSpyware] C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe

O4 - HKCU..Run: [Messenger] "C:Program Files (x86)Strongvault Online BackupSMessenger.exe"

O4 - Startup: OpenOffice.org 3.3.lnk = C:Program Files (x86)OpenOffice.org 3programquickstart.exe

O4 - Startup: ProgSense.lnk = C:Program Files (x86)ProgSenseprogsense.exe

O4 - Global Startup: Snapfish PictureMover.lnk = C:Program Files (x86)PictureMoverBinPictureMover.exe

O4 - Global Startup: StrongVaultApp.exe

O4 - Global Startup: StrongVaultApp.exe.lnk = LyndaAppDataLocalStrongVaultStrongVaultApp.exe

O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:Program Files (x86)IEProiepro.dll

O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:Program Files (x86)IEProiepro.dll

O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:Program Files (x86)IEProiepro.dll

O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:Program Files (x86)IEProiepro.dll

O9 - Extra button: @C:Program Files (x86)Windows LiveWriterWindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:Program Files (x86)Windows LiveWriterWindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll

O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)

O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)

O10 - Unknown file in Winsock LSP: c:program files (x86)common filesmicrosoft sharedwindows livewlidnsp.dll

O10 - Unknown file in Winsock LSP: c:program files (x86)common filesmicrosoft sharedwindows livewlidnsp.dll

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:Program FilesSUPERAntiSpywareSASCORE64.EXE

O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACService.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe

O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:Program Files (x86)IObitAdvanced SystemCare 4ASCService.exe

O23 - Service: @%SystemRoot%system32Alg.exe,-112 (ALG) - Unknown owner - C:WindowsSystem32alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:Windowssystem32atiesrxx.exe (file missing)

O23 - Service: avast! Antivirus - AVAST Software - C:Program FilesAlwil SoftwareAvast5AvastSvc.exe

O23 - Service: @%SystemRoot%system32efssvc.dll,-100 (EFS) - Unknown owner - C:WindowsSystem32lsass.exe (file missing)

O23 - Service: @%systemroot%system32fxsresm.dll,-118 (Fax) - Unknown owner - C:Windowssystem32fxssvc.exe (file missing)

O23 - Service: GamesAppService - Unknown owner - (no file)

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:Program Files (x86)GoogleUpdateGoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:Program Files (x86)GoogleUpdateGoogleUpdate.exe

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:Program Files (x86)Hewlett-PackardHP Support Frameworkhpsa_service.exe

O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe

O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:Program Files (x86)Hewlett-PackardSharedHPDrvMntSvc.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:Program Files (x86)Hewlett-PackardSharedhpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program Files (x86)Common FilesInstallShieldDriver11Intel 32IDriverT.exe

O23 - Service: IMF Service (IMFservice) - Unknown owner - C:Program Files (x86)IObitIObit Malware FighterIMFsrv.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:Windowssystem32lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:Program Files (x86)Common FilesLightScribeLSSrvc.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:WindowsSystem32msdtc.exe (file missing)

O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:Program Files (x86)PDF Completepdfsvc.exe

O23 - Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:Windowssystem32lsass.exe (file missing)

O23 - Service: RoxioNow Service - Roxio - C:Program Files (x86)RoxioRoxioNow PlayerRNowSvc.exe

O23 - Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) - Unknown owner - C:Windowssystem32locator.exe (file missing)

O23 - Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) - Unknown owner - C:Windowssystem32lsass.exe (file missing)

O23 - Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) - Unknown owner - C:WindowsSystem32spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%system32sppsvc.exe,-101 (sppsvc) - Unknown owner - C:Windowssystem32sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:Windowssystem32UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%system32vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:Windowssystem32lsass.exe (file missing)

O23 - Service: @%SystemRoot%system32vds.exe,-100 (vds) - Unknown owner - C:WindowsSystem32vds.exe (file missing)

O23 - Service: @%systemroot%system32vssvc.exe,-102 (VSS) - Unknown owner - C:Windowssystem32vssvc.exe (file missing)

O23 - Service: @%SystemRoot%system32WatWatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:Windowssystem32WatWatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%system32wbengine.exe,-104 (wbengine) - Unknown owner - C:Windowssystem32wbengine.exe (file missing)

O23 - Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:Windowssystem32wbemWmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)

--

End of file - 12527 bytes

 

This is the log from Hijack. Tinyurl was in the instructions to get rid of McAfee in my fixes. I am really trying to do exactly what you are telling me to do. I'm sorry I am upsetting you. I don't want to do that as I appreciate all of your time and help.

Share this post


Link to post
Share on other sites

No! Please don't do a system restore :)

 

Please follow these instructions exactly!!

 

Download Combofix from any of the links below, and save it to your desktop.<--Important

Link 1

Link 2

Link 3

 

Click on this link Here to see a list of programs that should be disabled.

The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

If your anti-virus or firewall complains, please allow this script to run as it is not malicious.

Next: Disconnect from the internet. If you are on Cable or DSL, unplug your computer from the modem.

Next: Please disable all onboard security programs (all running with back ground protection) as it may hinder the scanner from working.

This includes Antivirus, Firewall, and any Spyware scanners that run in the background.

  • Double click combofix.exe and follow the prompts.
  • When finished, it will produce a log for you.
Note: Do not mouseclick combofix's window while its running. That may cause it to stall

Please be patient while the scan runs, at times it may appear to stall.

When finished and after reboot (in case it asks to reboot), it should open a log, combofix.txt.

Post this log in your next reply

After rebooting ensure your Security applications have been re-enabled.

 

In your next reply post:

ComboFix.txt

***A guide and tutorial on "How to use Combofix" can be found here:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

 

IF CF won't run:

During the download, rename Combofix.exe to sVchost.exe

Share this post


Link to post
Share on other sites
i apoligize i am having problems understanding things. i disabled avast, but don't know if my computer has any onboard security programs as i do not know how to locate them. i am going to disconnect my computer from the dsl modem and i am going to run the combo fix and i will post the log as soon as i can. i apoligize again and i really appreciate your help. thank you. lynda Edited by mizsam

Share this post


Link to post
Share on other sites

I unpluged the computer from the internet and disabled super anti spyware, malware anti malware and adware security addon and avast. I couldn't find a firewall in this system so that has not been disabled. should i go ahead and start running combofix.exe?

Share this post


Link to post
Share on other sites
i've been running Combofix since 6:30 am and it is still running. Since 4:00 PM its been on completed stage_48. the cursor is still blinking. Shoud this be taking this long to run? Should i let it continue? many thanks again.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

Click here to Read Amazon Reviews!



×