1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

HJT log- major problems...

Discussion in 'Virus & Other Malware Removal' started by lisaa7002, Jul 27, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. lisaa7002

    lisaa7002 Thread Starter

    Joined:
    Jul 14, 2003
    Messages:
    1,249
    I have had several small problems with my computer- WMP not playing dvds (plays cds fine) being the most noticeable one. I have had the problem for a while, but didn't think about it much. Yesterday I went to the device manager to see if there was a driver update and my device manager comes up blank. I looked for solutions and decided to run Microsoft security essentials only to find it isn't updating. I tried a restore, and now I'm having problems with other programs. Had to reinstall chrome. Ran HJT and it is a MESS. The big thing is I don't know how long this has been going on because everything appears to be working fine except dvd playback on WMP. Help - please and thank you!
    Just did a pcpitstop overdrive scan & it's not finding any hardware installed either- , but still everything seems to be working...

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 2:54:58 PM, on 7/27/2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16447)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe
    C:\Program Files (x86)\AWS\WeatherBug\Weather.exe
    C:\Program Files (x86)\Freecorder\FLVSrvc.exe
    C:\Program Files (x86)\Ralink\Common\RaUI.exe
    C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\HP\Downloads\HiJackThis (1).exe
    C:\Program Files (x86)\File Type Assistant\tsassist.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O2 - BHO: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: StartNow Toolbar - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll (file missing)
    O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll" (file missing)
    O3 - Toolbar: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
    O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
    O4 - HKLM\..\Run: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
    O4 - HKLM\..\Run: [StartNowToolbarHelper] "C:\Program Files (x86)\StartNow Toolbar\ToolbarHelper.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
    O4 - HKLM\..\Run: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
    O4 - HKLM\..\RunOnce: [SpybotDeletingA6811] command.com /c del "C:\Program Files (x86)\Complitly\[email protected]\chrome\content\options.xul"
    O4 - HKLM\..\RunOnce: [SpybotDeletingC2572] cmd.exe /c del "C:\Program Files (x86)\Complitly\[email protected]\chrome\content\options.xul"
    O4 - HKCU\..\Run: [Garmin Lifetime Updater] C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized
    O4 - HKCU\..\Run: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe 1
    O4 - HKCU\..\Run: [Google Update] "C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\RunOnce: [SpybotDeletingB5052] command.com /c del "C:\Program Files (x86)\Complitly\[email protected]\chrome\content\options.xul"
    O4 - HKCU\..\RunOnce: [SpybotDeletingD9974] cmd.exe /c del "C:\Program Files (x86)\Complitly\[email protected]\chrome\content\options.xul"
    O4 - HKCU\..\RunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f
    O4 - HKCU\..\RunOnce: [adawarebp_XP] reg.exe delete "HKCU\Software\adawarebp" /f
    O4 - HKUS\S-1-5-18\..\Run: [20090604] C:\Program Files (x86)\Encore\Hoyle\RegApp\encore_reg.exe /r "C:\Program Files (x86)\Encore\Hoyle\RegApp\encore_reg.rpd" (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [20090604] C:\Program Files (x86)\Encore\Hoyle\RegApp\encore_reg.exe /r "C:\Program Files (x86)\Encore\Hoyle\RegApp\encore_reg.rpd" (User 'Default user')
    O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files (x86)\Ralink\Common\RaUI.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Free YouTube Download - C:\Users\HP\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
    O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\HP\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
    O16 - DPF: {72376E32-8AF2-473F-BE32-E5D0F39C865D} (CUpdateAdvisorCtrl Object) - http://www.cyberlink.com/prog/win7/js/UpdateAdvisor.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.shockwave.com/content/heavyweapon/sis/popcaploader_v10.cab
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
    O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
    O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
    O23 - Service: Ralink Registry Writer 64 (RalinkRegistryWriter64) - Ralink Technology, Corp. - C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
    O23 - Service: RaMediaServer - Unknown owner - C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: GFI VIPRE Antivirus Service (SBAMSvc) - GFI Software - C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Updater Service for StartNow Toolbar - Unknown owner - C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 12959 bytes


    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
    Run by HP at 15:46:18 on 2012-07-27
    Microsoft Windows 7 Enterprise 6.1.7601.1.1252.1.1033.18.3966.1997 [GMT -4:00]
    .
    AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
    AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
    SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\Ati2evxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
    C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
    C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
    C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\Ati2evxx.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe
    C:\Program Files (x86)\AWS\WeatherBug\Weather.exe
    C:\Program Files (x86)\Freecorder\FLVSrvc.exe
    C:\Program Files (x86)\Ralink\Common\RaUI.exe
    C:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
    C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\HP\Downloads\HiJackThis (1).exe
    C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\PCPitstop\Info Center\InfoCenter.exe
    C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10q_ActiveX.exe
    C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uInternet Settings,ProxyOverride = *.local
    mWinlogon: Userinit=userinit.exe,
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    BHO: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: StartNow Toolbar: {5911488e-9d1e-40ec-8cbb-06b231cc153f} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll"
    TB: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
    TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
    uRun: [Garmin Lifetime Updater] C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized
    uRun: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe 1
    uRun: [Google Update] "C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRunOnce: [SpybotDeletingB5052] command.com /c del "C:\Program Files (x86)\Complitly\[email protected]\chrome\content\options.xul"
    uRunOnce: [SpybotDeletingD9974] cmd.exe /c del "C:\Program Files (x86)\Complitly\[email protected]\chrome\content\options.xul"
    uRunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f
    uRunOnce: [adawarebp_XP] reg.exe delete "HKCU\Software\adawarebp" /f
    mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
    mRun: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
    mRun: [StartNowToolbarHelper] "C:\Program Files (x86)\StartNow Toolbar\ToolbarHelper.exe"
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
    mRun: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
    mRun: [Info Center] C:\Program Files (x86)\PCPitstop\Info Center\InfoCenter.exe
    mRun: [PC Pitstop PC Matic Reminder] C:\Program Files (x86)\PCPitstop\PC Matic\Reminder-PCMatic.exe
    mRun: [PC Pitstop Diskmd3 Reminder] C:\Program Files (x86)\PCPitstop\DiskMD3\Reminder-Diskmd3.exe
    mRunOnce: [SpybotDeletingA6811] command.com /c del "C:\Program Files (x86)\Complitly\[email protected]\chrome\content\options.xul"
    mRunOnce: [SpybotDeletingC2572] cmd.exe /c del "C:\Program Files (x86)\Complitly\[email protected]\chrome\content\options.xul"
    dRun: [20090604] C:\Program Files (x86)\Encore\Hoyle\RegApp\encore_reg.exe /r "C:\Program Files (x86)\Encore\Hoyle\RegApp\encore_reg.rpd"
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\RALINK~1.LNK - C:\Program Files (x86)\Ralink\Common\RaUI.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    mPolicies-system: EnableLinkedConnections = 1 (0x1)
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
    IE: Free YouTube Download - C:\Users\HP\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
    IE: Free YouTube to MP3 Converter - C:\Users\HP\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
    DPF: {72376E32-8AF2-473F-BE32-E5D0F39C865D} - hxxp://www.cyberlink.com/prog/win7/js/UpdateAdvisor.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://www.shockwave.com/content/heavyweapon/sis/popcaploader_v10.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{0A9AD0CA-4EC4-45C6-8D47-19E45E95599D} : DhcpNameServer = 66.82.4.8
    TCP: Interfaces\{389B61E4-0C16-4078-9447-F684DE31E424} : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{4C8B2FCB-16B3-456F-8F35-6C5D98A49F05} : DhcpNameServer = 192.168.42.129
    TCP: Interfaces\{6BDE2193-66C4-45FE-9427-FCF25808BB15} : DhcpNameServer = 192.168.42.129
    TCP: Interfaces\{AFC46BC8-F915-451E-833D-EC51CBC72303} : DhcpNameServer = 192.168.1.1
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    BHO-X64: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
    BHO-X64: Ad-Aware Security Toolbar - No File
    BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB-X64: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
    TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll"
    TB-X64: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
    TB-X64: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
    mRun-x64: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
    mRun-x64: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
    mRun-x64: [StartNowToolbarHelper] "C:\Program Files (x86)\StartNow Toolbar\ToolbarHelper.exe"
    mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
    mRun-x64: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
    mRun-x64: [Info Center] C:\Program Files (x86)\PCPitstop\Info Center\InfoCenter.exe
    mRun-x64: [PC Pitstop PC Matic Reminder] C:\Program Files (x86)\PCPitstop\PC Matic\Reminder-PCMatic.exe
    mRun-x64: [PC Pitstop Diskmd3 Reminder] C:\Program Files (x86)\PCPitstop\DiskMD3\Reminder-Diskmd3.exe
    mRunOnce-x64: [SpybotDeletingA6811] command.com /c del "C:\Program Files (x86)\Complitly\[email protected]\chrome\content\options.xul"
    mRunOnce-x64: [SpybotDeletingC2572] cmd.exe /c del "C:\Program Files (x86)\Complitly\[email protected]\chrome\content\options.xul"
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9slmbad6.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=3&q={searchTerms}
    FF - prefs.js: browser.startup.homepage - hxxp://www.gamehouse.com/
    FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&q=
    FF - prefs.js: network.proxy.type - 0
    FF - component: C:\Program Files (x86)\HughesNet Download Manager\Firefox\Extension\components\vmsfdmff.dll
    FF - component: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9slmbad6.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\components\RadioWMPCoreGecko19.dll
    FF - component: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9slmbad6.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\components\RadioWMPCoreGecko5.dll
    FF - component: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9slmbad6.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\components\RadioWMPCoreGecko6.dll
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
    FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll
    FF - plugin: C:\Program Files (x86)\Vizzed\Vizzed Retro Game Room\NpVizzedRgr.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Users\HP\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
    FF - plugin: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9slmbad6.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\plugins\np-mswmp.dll
    FF - plugin: C:\Windows\system32\Wat\npWatWeb.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]
    R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
    R0 SI3112r;ATI 4379 SATARaid Controller;C:\Windows\system32\DRIVERS\SI3112r.sys --> C:\Windows\system32\DRIVERS\SI3112r.sys [?]
    R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);C:\Windows\system32\DRIVERS\tdrpm258.sys --> C:\Windows\system32\DRIVERS\tdrpm258.sys [?]
    R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
    R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-7-18 140672]
    R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/10/08 11:33:17];C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl [2009-9-1 146928]
    R2 afcdpsrv;Acronis Nonstop Backup service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2010-10-8 2480048]
    R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE [2012-2-10 193816]
    R2 RalinkRegistryWriter;Ralink Registry Writer;C:\Program Files (x86)\Ralink\Common\RaRegistry.exe [2012-3-26 374112]
    R2 RalinkRegistryWriter64;Ralink Registry Writer 64;C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe [2012-3-26 451936]
    R2 Updater Service for StartNow Toolbar;Updater Service for StartNow Toolbar;C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe [2011-7-27 267488]
    R3 afcdp;afcdp;C:\Windows\system32\DRIVERS\afcdp.sys --> C:\Windows\system32\DRIVERS\afcdp.sys [?]
    R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE [2012-2-10 240408]
    R3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista;C:\Windows\system32\DRIVERS\netr28ux.sys --> C:\Windows\system32\DRIVERS\netr28ux.sys [?]
    S2 Ad-Aware Service;Ad-Aware Service;C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2012-7-12 1239952]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 RaMediaServer;RaMediaServer;C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [2012-3-26 619872]
    S2 SBAMSvc;GFI VIPRE Antivirus Service;C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2011-12-19 3289032]
    S2 sbapifs;sbapifs;C:\Windows\system32\DRIVERS\sbapifs.sys --> C:\Windows\system32\DRIVERS\sbapifs.sys [?]
    S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-7-27 1153368]
    S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
    S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-3 113120]
    S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
    S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
    S3 PCPitstop Scheduling;PCPitstop Scheduling;C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe [2012-7-27 91848]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
    S3 sbhips;sbhips;C:\Windows\system32\drivers\sbhips.sys --> C:\Windows\system32\drivers\sbhips.sys [?]
    S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2012-07-27 18:38:06 -------- d-----w- C:\Users\HP\AppData\Local\adaware
    2012-07-27 18:37:53 0 ----a-w- C:\Users\HP\AppData\Roaming\adaware-installer-reboot-required.tmp
    2012-07-27 18:37:49 60536 ----a-w- C:\Windows\System32\drivers\sbhips.sys
    2012-07-27 18:37:48 45936 ----a-w- C:\Windows\System32\sbbd.exe
    2012-07-27 18:36:23 -------- d-----w- C:\Users\HP\AppData\Local\Downloaded Installations
    2012-07-27 18:32:03 -------- d-----w- C:\Users\HP\AppData\Local\adawarebp
    2012-07-27 18:31:41 -------- d-----w- C:\Program Files (x86)\adawaretb
    2012-07-27 17:25:24 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2012-07-27 17:25:24 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
    2012-07-27 17:08:03 927800 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7C14610B-7759-4FB7-81D9-D4F80C174D86}\gapaengine.dll
    2012-07-27 17:08:00 9133488 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2AF2DDAE-8A1F-4F14-8AA9-B1883AC19DE8}\mpengine.dll
    2012-07-27 17:06:07 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
    2012-07-27 17:06:04 -------- d-----w- C:\Program Files\Microsoft Security Client
    2012-07-27 11:15:04 3148800 ----a-w- C:\Windows\System32\win32k.sys
    2012-07-27 10:54:47 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
    2012-07-27 10:51:03 2622464 ----a-w- C:\Windows\System32\wucltux.dll
    2012-07-27 10:50:55 99840 ----a-w- C:\Windows\System32\wudriver.dll
    2012-07-27 10:50:42 36864 ----a-w- C:\Windows\System32\wuapp.exe
    2012-07-27 10:50:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
    2012-07-24 16:37:11 -------- d-----w- C:\Program Files (x86)\Total Video Converter
    2012-07-18 19:53:29 -------- d-----w- C:\Program Files (x86)\Oracle
    2012-07-15 13:15:18 -------- d-----w- C:\Users\HP\AppData\Roaming\rokapublish
    2012-07-12 16:18:00 -------- d-----w- C:\Users\HP\AppData\Roaming\Synthesia
    2012-07-12 04:30:52 -------- d-----w- C:\Program Files (x86)\Ad-Aware Antivirus
    2012-07-12 04:29:07 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection
    2012-07-12 04:29:01 -------- d-----w- C:\Program Files (x86)\Toolbar Cleaner
    2012-07-12 04:16:35 -------- d-----w- C:\Users\HP\AppData\Roaming\Ad-Aware Antivirus
    2012-07-11 16:36:44 -------- d-----w- C:\Users\HP\AppData\Roaming\Boolat Games
    2012-07-07 01:22:14 -------- d-----w- C:\Program Files (x86)\Snood
    2012-07-06 15:43:39 -------- d-----w- C:\Users\HP\AppData\Local\YoYo_Games_Ltd
    2012-07-06 15:43:27 -------- d-----w- C:\Users\HP\AppData\Local\GameMaker8.1
    2012-07-06 15:42:54 -------- d-----w- C:\Users\HP\GameMaker 8.1
    2012-07-06 15:42:54 -------- d-----w- C:\Users\HP\AppData\Roaming\GameMaker
    2012-07-01 20:22:12 -------- d-----w- C:\Users\HP\AppData\Local\MusE
    2012-07-01 20:21:52 -------- d-----w- C:\Program Files (x86)\MuseScore
    2012-06-29 20:14:05 -------- d-----w- C:\Program Files (x86)\Minecraft PC Gamer Demo
    2012-06-29 20:01:45 -------- d-----w- C:\Users\HP\AppData\Roaming\.minecraft
    .
    ==================== Find3M ====================
    .
    2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll
    2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
    2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
    2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
    2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
    2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
    2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll
    2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
    2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
    2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
    2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
    2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
    2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
    2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
    2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
    2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
    2012-05-27 00:27:24 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-05-27 00:27:23 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2012-05-04 11:00:43 366592 ----a-w- C:\Windows\System32\qdvd.dll
    2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll
    .
    ============= FINISH: 15:47:13.86 ===============
     
  2. lisaa7002

    lisaa7002 Thread Starter

    Joined:
    Jul 14, 2003
    Messages:
    1,249
    Bump- please :)
     
  3. lisaa7002

    lisaa7002 Thread Starter

    Joined:
    Jul 14, 2003
    Messages:
    1,249
    bump PLEASE... again....
     
  4. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    Hi Lisaa7002, my name is Mark and I will be helping you.

    Reading your symptoms I would not suspect the problems to be Malware related, but we shall carry out some checks.

    First uninstall Adaware as it will cause conflicts with MSE, MSE is a much better Anti Virus.

    I would also advise you to uninstall Spybot S&D as it is no longer a recommended Anti Spyware program then install SUPERAntiSpyware. Do not run any scans until requested.

    I would also advise you to uninstall Advanced SystemCare 3 as it is completely unnecessary and can do harm to the system, it may even be the cause of your problems.

    Now please follow these instructions and post the log produced, please also post the Attach.txt log from DDS, you should find it on your desktop, if not please repeat the scan and then copy and paste the log into your next reply.




    Please download Malwarebytes Anti-Malware [​IMG] and save it to your desktop.
    • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
    • Double-click on the renamed file to install, then follow these instructions for doing a Quick Scan in normal mode.
    • Malwarebytes will automatically check for updates as soon as it is launched.
    • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
    Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
    • Double click on the Malwarebytes icon on your desktop to launch the program
    • Under the Scanner tab, make sure the Perform Quick Scan option is selected.
    • Click on the Scan button.
    • When finished, a message box will say "The scan completed successfully. Click Show Results to display all objects found".
    • NOTE: If no detections are found a log will automatically open in Notepad, please copy and paste the log back here and close all windows, in this case you do not need to continue.
    • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
    • Make sure that everything is checked and then click Remove Selected.
    • When removal is completed, a log report will open in Notepad.
    • The log is automatically saved and can be viewed by clicking the Logs tab.
    • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
    • Exit Malwarebytes when done.
    If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

    Note: A 14-day trial of Malwarebytes Anti-Malware PRO is available as an option when first installing the free version so all users can test the real-time protection component for a period of two weeks. When the limited time period expires those features will be deactivated and locked. Enabling the Protection Module feature again requires registration and purchase of a license key that includes free lifetime upgrades and support. If you continue to use the free version, there is no requirement to buy a license...you can just use it as a stand-alone scanner.
    NOTE: Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).
     
  5. lisaa7002

    lisaa7002 Thread Starter

    Joined:
    Jul 14, 2003
    Messages:
    1,249
    Thanks for the response. Just seeing this on my way to bed. Will uninstall Adaware, Spy, and Advanced 3 (thought that might be causing some problems- have only run it 2 times and this last time things seemed worse afterward.) Will uninstall Mal too, before i reinstall & do as you asked. Was able to get MSE to update since I first posted, but device manager is still coming up blank.
     
  6. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    From what you have just posted it does sound likely that Advanced System Care may have made incorrect changes to the registry, I would suggest you use System Restore and take it back to before it was used, this may help correct the problem.

    Windows 7 System Restore Guide
     
  7. lisaa7002

    lisaa7002 Thread Starter

    Joined:
    Jul 14, 2003
    Messages:
    1,249
    Restored to earliest point it gave me. Device manager is still blank.

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 10:23:24 AM, on 8/8/2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16447)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe
    C:\Program Files (x86)\Freecorder\FLVSrvc.exe
    C:\Program Files (x86)\Ralink\Common\RaUI.exe
    C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\HP\Downloads\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT1060933
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFree.dll
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\HP\AppData\Roaming\Complitly\Complitly.dll
    O2 - BHO: Freecorder - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFree.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: StartNow Toolbar - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll (file missing)
    O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll" (file missing)
    O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFree.dll
    O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
    O4 - HKLM\..\Run: [StartNowToolbarHelper] "C:\Program Files (x86)\StartNow Toolbar\ToolbarHelper.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
    O4 - HKCU\..\Run: [Garmin Lifetime Updater] C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized
    O4 - HKCU\..\Run: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe 1
    O4 - HKCU\..\Run: [Google Update] "C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [20090604] C:\Program Files (x86)\Encore\Hoyle\RegApp\encore_reg.exe /r "C:\Program Files (x86)\Encore\Hoyle\RegApp\encore_reg.rpd" (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [20090604] C:\Program Files (x86)\Encore\Hoyle\RegApp\encore_reg.exe /r "C:\Program Files (x86)\Encore\Hoyle\RegApp\encore_reg.rpd" (User 'Default user')
    O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files (x86)\Ralink\Common\RaUI.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Free YouTube Download - C:\Users\HP\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
    O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\HP\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
    O16 - DPF: {72376E32-8AF2-473F-BE32-E5D0F39C865D} (CUpdateAdvisorCtrl Object) - http://www.cyberlink.com/prog/win7/js/UpdateAdvisor.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.shockwave.com/content/heavyweapon/sis/popcaploader_v10.cab
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
    O23 - Service: Ralink Registry Writer 64 (RalinkRegistryWriter64) - Ralink Technology, Corp. - C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
    O23 - Service: RaMediaServer - Unknown owner - C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 11625 bytes
    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
    Run by HP at 10:27:24 on 2012-08-08
    Microsoft Windows 7 Enterprise 6.1.7601.1.1252.1.1033.18.3966.2011 [GMT -4:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\Windows\system32\Ati2evxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\Ati2evxx.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
    C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
    C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe
    C:\Program Files (x86)\Freecorder\FLVSrvc.exe
    C:\Program Files (x86)\Ralink\Common\RaUI.exe
    C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
    C:\Windows\system32\taskhost.exe
    C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\taskeng.exe
    C:\Users\HP\Downloads\HiJackThis.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1060933
    uInternet Settings,ProxyOverride = *.local
    uURLSearchHooks: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFree.dll
    mURLSearchHooks: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFree.dll
    mWinlogon: Userinit=userinit.exe,
    BHO: Complitly: {0fb6a909-6086-458f-bd92-1f8ee10042a0} - C:\Users\HP\AppData\Roaming\Complitly\Complitly.dll
    BHO: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFree.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: StartNow Toolbar: {5911488e-9d1e-40ec-8cbb-06b231cc153f} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll"
    TB: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFree.dll
    TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
    uRun: [Garmin Lifetime Updater] C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized
    uRun: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe 1
    uRun: [Google Update] "C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
    mRun: [StartNowToolbarHelper] "C:\Program Files (x86)\StartNow Toolbar\ToolbarHelper.exe"
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
    dRun: [20090604] C:\Program Files (x86)\Encore\Hoyle\RegApp\encore_reg.exe /r "C:\Program Files (x86)\Encore\Hoyle\RegApp\encore_reg.rpd"
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\RALINK~1.LNK - C:\Program Files (x86)\Ralink\Common\RaUI.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    mPolicies-system: EnableLinkedConnections = 1 (0x1)
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
    IE: Free YouTube Download - C:\Users\HP\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
    IE: Free YouTube to MP3 Converter - C:\Users\HP\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
    DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
    DPF: {72376E32-8AF2-473F-BE32-E5D0F39C865D} - hxxp://www.cyberlink.com/prog/win7/js/UpdateAdvisor.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://www.shockwave.com/content/heavyweapon/sis/popcaploader_v10.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{0A9AD0CA-4EC4-45C6-8D47-19E45E95599D} : DhcpNameServer = 66.82.4.8
    TCP: Interfaces\{389B61E4-0C16-4078-9447-F684DE31E424} : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{4C8B2FCB-16B3-456F-8F35-6C5D98A49F05} : DhcpNameServer = 192.168.42.129
    TCP: Interfaces\{6BDE2193-66C4-45FE-9427-FCF25808BB15} : DhcpNameServer = 192.168.42.129
    TCP: Interfaces\{AFC46BC8-F915-451E-833D-EC51CBC72303} : DhcpNameServer = 192.168.1.1
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
    BHO-X64: Complitly: {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\HP\AppData\Roaming\Complitly\Complitly.dll
    BHO-X64: Complitly - No File
    BHO-X64: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFree.dll
    BHO-X64: Freecorder - No File
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB-X64: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
    TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll"
    TB-X64: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFree.dll
    TB-X64: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
    mRun-x64: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
    mRun-x64: [StartNowToolbarHelper] "C:\Program Files (x86)\StartNow Toolbar\ToolbarHelper.exe"
    mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9slmbad6.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=3&q={searchTerms}
    FF - prefs.js: browser.startup.homepage - hxxp://www.gamehouse.com/
    FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=2&q=
    FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
    FF - prefs.js: network.proxy.type - 0
    FF - component: C:\Program Files (x86)\HughesNet Download Manager\Firefox\Extension\components\vmsfdmff.dll
    FF - component: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9slmbad6.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\components\RadioWMPCoreGecko19.dll
    FF - component: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9slmbad6.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\components\RadioWMPCoreGecko5.dll
    FF - component: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9slmbad6.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\components\RadioWMPCoreGecko6.dll
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
    FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
    FF - plugin: C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll
    FF - plugin: C:\Program Files (x86)\Vizzed\Vizzed Retro Game Room\NpVizzedRgr.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Users\HP\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
    FF - plugin: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9slmbad6.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\plugins\np-mswmp.dll
    FF - plugin: C:\Windows\system32\Wat\npWatWeb.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
    FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
    FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
    R0 SI3112r;ATI 4379 SATARaid Controller;C:\Windows\system32\DRIVERS\SI3112r.sys --> C:\Windows\system32\DRIVERS\SI3112r.sys [?]
    R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);C:\Windows\system32\DRIVERS\tdrpm258.sys --> C:\Windows\system32\DRIVERS\tdrpm258.sys [?]
    R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
    R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-7-18 140672]
    R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/10/08 11:33:17];C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl [2009-9-1 146928]
    R2 afcdpsrv;Acronis Nonstop Backup service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2010-10-8 2480048]
    R2 RalinkRegistryWriter;Ralink Registry Writer;C:\Program Files (x86)\Ralink\Common\RaRegistry.exe [2012-3-26 374112]
    R2 RalinkRegistryWriter64;Ralink Registry Writer 64;C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe [2012-3-26 451936]
    R3 afcdp;afcdp;C:\Windows\system32\DRIVERS\afcdp.sys --> C:\Windows\system32\DRIVERS\afcdp.sys [?]
    R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE [2012-2-10 240408]
    R3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista;C:\Windows\system32\DRIVERS\netr28ux.sys --> C:\Windows\system32\DRIVERS\netr28ux.sys [?]
    S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE [2012-2-10 193816]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 RaMediaServer;RaMediaServer;C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [2012-3-26 619872]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-1 250056]
    S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
    S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-3 113120]
    S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
    S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
    S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2012-08-08 14:20:06 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1F74038A-A020-457B-8498-BDF2B5C0BCB9}\offreg.dll
    2012-08-07 15:21:18 927800 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5553B2B3-E372-4D75-A73D-6AE8192B3C6E}\gapaengine.dll
    2012-08-07 14:51:20 9013136 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1F74038A-A020-457B-8498-BDF2B5C0BCB9}\mpengine.dll
    2012-08-07 14:16:38 -------- d-----w- C:\ProgramData\GFI Software
    2012-07-30 14:30:56 -------- d-----w- C:\Judy McGown
    2012-07-29 04:01:47 -------- d-----w- C:\Users\HP\AppData\Roaming\WeatherBug
    2012-07-27 18:36:23 -------- d-----w- C:\Users\HP\AppData\Local\Downloaded Installations
    2012-07-27 18:32:03 -------- d-----w- C:\Users\HP\AppData\Local\adawarebp
    2012-07-27 17:25:24 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2012-07-27 17:25:24 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
    2012-07-24 16:37:11 -------- d-----w- C:\Program Files (x86)\Total Video Converter
    2012-07-18 19:53:29 -------- d-----w- C:\Program Files (x86)\Oracle
    2012-07-18 19:25:00 -------- d-----w- C:\Program Files (x86)\Conduit
    2012-07-18 19:24:57 -------- d-----w- C:\Users\HP\AppData\Local\Conduit
    2012-07-18 19:23:53 -------- d-----w- C:\Users\HP\AppData\Roaming\Complitly
    2012-07-18 19:23:53 -------- d-----w- C:\Program Files (x86)\Complitly
    2012-07-16 14:09:54 9013136 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2012-07-15 13:15:18 -------- d-----w- C:\Users\HP\AppData\Roaming\rokapublish
    2012-07-12 16:18:00 -------- d-----w- C:\Users\HP\AppData\Roaming\Synthesia
    2012-07-12 07:17:57 3148800 ----a-w- C:\Windows\System32\win32k.sys
    2012-07-12 04:30:58 119416 ----a-w- C:\Windows\System32\drivers\SbFwIm.sys
    2012-07-12 04:29:07 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection
    2012-07-11 16:36:44 -------- d-----w- C:\Users\HP\AppData\Roaming\Boolat Games
    2012-07-11 14:04:29 2004480 ----a-w- C:\Windows\System32\msxml6.dll
    2012-07-11 14:04:28 1881600 ----a-w- C:\Windows\System32\msxml3.dll
    2012-07-11 14:04:28 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
    2012-07-11 14:04:27 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
    2012-07-11 14:04:27 2048 ----a-w- C:\Windows\System32\msxml3r.dll
    2012-07-11 14:04:27 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
    2012-07-11 13:53:58 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
    2012-07-11 13:53:57 340992 ----a-w- C:\Windows\System32\schannel.dll
    2012-07-11 13:53:57 307200 ----a-w- C:\Windows\System32\ncrypt.dll
    2012-07-11 13:53:57 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
    2012-07-11 13:53:57 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
    2012-07-11 13:53:57 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
    2012-07-11 13:53:56 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
    2012-07-11 13:53:56 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
    2012-07-11 13:53:55 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
    .
    ==================== Find3M ====================
    .
    2012-08-07 16:34:52 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-08-07 16:34:51 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-06-30 15:08:31 249856 ----a-w- C:\Windows\Setup1.exe
    2012-06-30 15:08:30 73216 ----a-w- C:\Windows\ST6UNST.EXE
    2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
    2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
    2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
    2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
    2012-06-02 19:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
    2012-06-02 19:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
    2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll
    2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    .
    ============= FINISH: 10:27:58.88 ===============
     
  8. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    There was no need to post new logs from DDS or HJT unless I asked for them ;).

    Please now follow the instructions given earlier to run Malwarebytes and post the log. Also run the System File Checker:


    • Windows 7 System File Checker
    • Click on Start and type cmd in the search box. Right click on cmd in the popup menu and select Run as Administrator.
    • Another box will open, at the Command Prompt, type sfc /scannow and press Enter. (Note the gap between the c and the /)
    • Let the check run to completion.
      To find the log
    • Copy & Paste the following command at the Command Prompt and press Enter:
      findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >%userprofile%\Desktop\sfcdetails.txt
    • This will place a file on your desktop called sfcdetails.txt which contains the results of the scan.
    • Zip up the file and attach it to your next post.
     
  9. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    Due to the lack of response I am now marking this thread as resolved.

    If you do wish to continue then please post back and let me know.

    My spare time is limited for dealing with Malware problems so I will only subscribe to a certain number of threads at any one time to be sure I have sufficient time available to analyse logs without having to rush or delay my replies. All the time that I am waiting for replies is time I could be using to help someone else.
     
  10. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1062851