1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Mr

Discussion in 'Virus & Other Malware Removal' started by obxtony, Apr 6, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. obxtony

    obxtony Thread Starter

    Joined:
    Aug 17, 2008
    Messages:
    117
    Hello again ...after a long absence!
    I recently lost my wife and during the time I was carrying out my legal duties etc my Daughter and grandson were staying with me. I allowed my Grandson full use of my pc but since then it has not been working properly. Proggrames stop, when I type the typing stops, nwhen I try and connect either Yahoo messenger or MSN messenger the connection is intermittent. I bought and loaded the full version of AVG and ran a FULL scan. It came up with a LOT of viruses which it had removed, some it said it could NOT do so. These were all Trojan Horse_r.BFJ. I consequently bought and downloaded several other av's and scanned the pc. Many viruses were captured and removed and now when I do a full scan with AVG it sdays my pc is clean. However I still have the remaining problems that the pc is slow and again sometimes typing is intermittent. The messengers are both very bad still. When I first tried to download these Anti Viruses the pc would not let me so I had to download to a cd from a friends laptop. I also notice that my HP pc does not come with a windows 7 cd, so I have no way of doing a full system restore. ALSO!! I cannot restore my pc to a previous restore point.
    Any help would be (as usual) greatfully accepted.
    I beg you to remember that I am 74 years old and not the brightest spark in the fire!!
    I hope I get these downloads right.
    Again, with anticipation, my deepest thanks
    obxtony (tony Cahill).
    here is the Hijack This log:
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 22:03:27, on 04/04/2012
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal
    Running processes:
    C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
    c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
    C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
    C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
    C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
    C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
    C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
    C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
    C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe
    C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files (x86)\Trojan Remover\Rmvtrjan.exe
    C:\Program Files (x86)\Trojan Remover\Rmvtrjan.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com/?fr=fp-yie9
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.woofi.info
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://blekkosearch.mystart.com/ble...20120403C51C45BCA912C390D5232A64&tbp=homepage
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?ilc=8
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.woofi.info
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=8
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
    R3 - URLSearchHook: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Program Files (x86)\Radio_Bar_1\tbRadi.dll
    R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuz2.dll
    R3 - URLSearchHook: YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
    R3 - URLSearchHook: (no name) - {f24df03f-d7f1-40b8-a63a-9d2be4908f39} - C:\Program Files (x86)\Maps4PC_0c\bar\1.bin\0cSrcAs.dll (file missing)
    O1 - Hosts: 94.63.147.22 www.google.com
    O1 - Hosts: 94.63.147.23 www.bing.com
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - (no file)
    O2 - BHO: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Program Files (x86)\Radio_Bar_1\tbRadi.dll
    O2 - BHO: PriceGong - {1631550F-191D-4826-B069-D9439253D926} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
    O2 - BHO: AVG Do-Not-Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    O2 - BHO: Blekko search bar - {7d9e1adc-7db1-4eaf-b6c7-7e062074e6be} - C:\Program Files (x86)\blekkotb_soc\blekkotb_019X.dll
    O2 - BHO: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Program Files (x86)\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll
    O2 - BHO: ALOT Appbar Helper - {85F5CF95-EC8F-49fc-BB3F-38C79455CBA2} - C:\Program Files (x86)\alotappbar\bin\BHO\ALOTHelperBHO.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuz2.dll
    O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
    O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
    O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: Paltalk Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    O3 - Toolbar: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Program Files (x86)\Radio_Bar_1\tbRadi.dll
    O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuz2.dll
    O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
    O3 - Toolbar: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Program Files (x86)\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll
    O3 - Toolbar: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - (no file)
    O3 - Toolbar: ALOT Appbar - {A531D99C-5A22-449b-83DA-872725C6D0ED} - C:\Program Files (x86)\alotappbar\bin\ALOTHelper.dll
    O3 - Toolbar: (no name) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - (no file)
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: Blekko search bar - {7d9e1adc-7db1-4eaf-b6c7-7e062074e6be} - C:\Program Files (x86)\blekkotb_soc\blekkotb_019X.dll
    O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
    O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
    O4 - HKLM\..\Run: [BATINDICATOR] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe
    O4 - HKLM\..\Run: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe
    O4 - HKLM\..\Run: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
    O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
    O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot
    O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
    O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKCU\..\Run: [PC Speed Maximizer] "C:\Program Files (x86)\PC Speed Maximizer\SPMStarter.exe"
    O4 - HKCU\..\Run: [SPMTray] "C:\Program Files (x86)\PC Speed Maximizer\SPMTray.exe"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
    O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
    O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
    O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe
    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: AVG Do-Not-Track - {DA58ACA7-18A6-403A-93DA-6E4172D43709} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} (Device Detection) - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
    O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab
    O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
    O16 - DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} (PCMaticVer Class) - http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
    O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.66.2.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/da2/PCPitStop2.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O20 - AppInit_DLLs: z12vwxn8ry232.dlla2pwj44x2ky32.dllgx4pxwbpl5r32.dll xngpel832.dllzmmgppy932.dllv98rwrukq3ik32.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    O23 - Service: Bandoo Coordinator - Unknown owner - C:\PROGRA~2\Bandoo\Bandoo.exe (file missing)
    O23 - Service: CDMA Device Service - Unknown owner - C:\Program Files (x86)\Samsung\USB Drivers\26_VIA_driver2\amd64\VIAService.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
    O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\570\g2aservice.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
    O23 - Service: McciCMService64 - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
    --
    End of file - 20743 bytes

    Here is the DDS.txt file:

    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421
    Run by tony at 9:54:22 on 2012-04-06
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.6103.3915 [GMT 1:00]
    .
    AV: Doctor Web Anti-Virus *Disabled/Updated* {A8C161B2-600A-42FD-97E0-4C12952A9FEC}
    AV: AVG Internet Security 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: Doctor Web Anti-Virus *Disabled/Updated* {13A08056-4630-4D73-AD50-7760EEADD551}
    SP: AVG Internet Security 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
    FW: AVG Internet Security 2012 *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}
    .
    ============== Running Processes ===============
    .
    C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\atieclxx.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Program Files\Microsoft IntelliType Pro\itype.exe
    C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
    C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
    C:\Program Files (x86)\DrWeb\spideragent.exe
    C:\Program Files (x86)\DrWeb\dwservice.exe
    C:\Program Files (x86)\DrWeb\dwnetfilter.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
    C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files (x86)\Samsung\USB Drivers\26_VIA_driver2\amd64\VIAService.exe
    C:\Windows\SysWOW64\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
    C:\Program Files\Common Files\Motive\McciCMService.exe
    C:\Windows\SysWOW64\PnkBstrA.exe
    C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
    C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
    C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe
    c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
    C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
    C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
    C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
    C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
    C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
    C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
    C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Windows\ehome\ehRecvr.exe
    C:\Windows\ehome\mcGlidHost.exe
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Windows\System32\svchost.exe -k swprv
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://blekkosearch.mystart.com/blekkotb_soc/?source=86adbc52&toolbarid=blekkotb_soc&u=20120403C51C45BCA912C390D5232A64&tbp=homepage
    uDefault_Page_URL = hxxp://uk.yahoo.com/?fr=fp-yie9
    uSearch Page = hxxp://uk.woofi.info
    uWindow Title = Windows Internet Explorer provided by Yahoo!
    mDefault_Page_URL = hxxp://www.yahoo.com/?ilc=8
    mStart Page = hxxp://www.yahoo.com/?ilc=8
    mSearch Page = hxxp://uk.woofi.info
    uInternet Settings,ProxyOverride = *.local
    uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
    uURLSearchHooks: Radio Bar 1 Toolbar: {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Program Files (x86)\Radio_Bar_1\tbRadi.dll
    uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuz2.dll
    uURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
    uURLSearchHooks: N/A: {f24df03f-d7f1-40b8-a63a-9d2be4908f39} - C:\Program Files (x86)\Maps4PC_0c\bar\1.bin\0cSrcAs.dll
    mURLSearchHooks: Radio Bar 1 Toolbar: {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Program Files (x86)\Radio_Bar_1\tbRadi.dll
    mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuz2.dll
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
    BHO: MediaBar: {0974ba1e-64ec-11de-b2a5-e43756d89593} - MediaBar
    BHO: Radio Bar 1 Toolbar: {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Program Files (x86)\Radio_Bar_1\tbRadi.dll
    BHO: PriceGong: {1631550f-191d-4826-b069-d9439253d926} - PriceGongBHO Class
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    BHO: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
    BHO: AVG Do-Not-Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    BHO: Blekko search bar: {7d9e1adc-7db1-4eaf-b6c7-7e062074e6be} - C:\Program Files (x86)\blekkotb_soc\blekkotb_019X.dll
    BHO: Searchqu Toolbar: {7ff99715-3016-4381-84ce-e4e4c9673020} - C:\Program Files (x86)\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll
    BHO: ALOT Appbar Helper: {85f5cf95-ec8f-49fc-bb3f-38c79455cba2} - C:\Program Files (x86)\alotappbar\bin\BHO\ALOTHelperBHO.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuz2.dll
    BHO: FDMIECookiesBHO Class: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    BHO: Paltalk Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
    TB: Paltalk Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    TB: Radio Bar 1 Toolbar: {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Program Files (x86)\Radio_Bar_1\tbRadi.dll
    TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuz2.dll
    TB: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
    TB: Searchqu Toolbar: {7ff99715-3016-4381-84ce-e4e4c9673020} - C:\Program Files (x86)\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll
    TB: MediaBar: {0974ba1e-64ec-11de-b2a5-e43756d89593} -
    TB: ALOT Appbar: {a531d99c-5a22-449b-83da-872725c6d0ed} - C:\Program Files (x86)\alotappbar\bin\ALOTHelper.dll
    TB: {28387537-e3f9-4ed7-860c-11e69af4a8a0} - No File
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Blekko search bar: {7d9e1adc-7db1-4eaf-b6c7-7e062074e6be} - C:\Program Files (x86)\blekkotb_soc\blekkotb_019X.dll
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    uRun: [SPMTray] "C:\Program Files (x86)\PC Speed Maximizer\SPMTray.exe"
    uRun: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
    mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
    mRun: [BATINDICATOR] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe
    mRun: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe
    mRun: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
    mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun: [TaskTray]
    mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    mRun: [<NO NAME>]
    mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
    mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    mPolicies-system: HideFastUserSwitching = 0 (0x0)
    mPolicies-system: New Value #1 =
    IE: &Search
    IE: Check by Dr.Web - http://www.drweb.com/static/online/drweb-online-en.html
    IE: Download all with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
    IE: Download selected with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
    IE: Download video with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
    IE: Download with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
    IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
    IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    IE: {DA58ACA7-18A6-403A-93DA-6E4172D43709} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
    DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
    DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
    DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab
    DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
    DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab
    DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
    DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} - hxxps://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.66.2.cab
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/da2/PCPitStop2.cab
    TCP: DhcpNameServer = 192.168.1.254
    TCP: Interfaces\{14A415D3-A49B-4310-B7F9-59487581C101} : DhcpNameServer = 192.168.1.254
    TCP: Interfaces\{15CC91D2-E2F2-455A-BD8A-2C60E42E189A} : DhcpNameServer = 192.168.1.254
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    AppInit_DLLs: z12vwxn8ry232.dlla2pwj44x2ky32.dllgx4pxwbpl5r32.dll xngpel832.dllzmmgppy932.dllv98rwrukq3ik32.dll
    SEH: EasyBits ShellExecute Hook: {e54729e8-bb3d-4270-9d49-7389ea579090} - C:\Windows\SysWow64\EZUPBH~1.DLL
    BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
    BHO-X64: 0x1 - No File
    BHO-X64: {0974BA1E-64EC-11DE-B2A5-E43756D89593} - MediaBar
    BHO-X64: MediaBar - No File
    BHO-X64: Radio Bar 1 Toolbar: {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Program Files (x86)\Radio_Bar_1\tbRadi.dll
    BHO-X64: {1631550F-191D-4826-B069-D9439253D926} - PriceGongBHO Class
    BHO-X64: PriceGong - No File
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    BHO-X64: Conduit Engine : {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
    BHO-X64: Conduit Engine - No File
    BHO-X64: AVG Do-Not-Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
    BHO-X64: AVG Do-Not-Track - No File
    BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
    BHO-X64: Blekko search bar: {7d9e1adc-7db1-4eaf-b6c7-7e062074e6be} - C:\Program Files (x86)\blekkotb_soc\blekkotb_019X.dll
    BHO-X64: Blekko search bar - No File
    BHO-X64: Searchqu Toolbar: {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Program Files (x86)\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll
    BHO-X64: Searchqu Toolbar - No File
    BHO-X64: ALOT Appbar Helper: {85F5CF95-EC8F-49fc-BB3F-38C79455CBA2} - C:\Program Files (x86)\alotappbar\bin\BHO\ALOTHelperBHO.dll
    BHO-X64: ALOT Appbar Helper - No File
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO-X64: SkypeIEPluginBHO - No File
    BHO-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuz2.dll
    BHO-X64: Vuze Remote - No File
    BHO-X64: FDMIECookiesBHO Class: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
    BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    BHO-X64: Paltalk Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    BHO-X64: Ask Toolbar BHO - No File
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll
    TB-X64: Paltalk Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    TB-X64: Radio Bar 1 Toolbar: {0fc85f5d-6207-4515-a490-45a549d285c0} - C:\Program Files (x86)\Radio_Bar_1\tbRadi.dll
    TB-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuz2.dll
    TB-X64: Conduit Engine : {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
    TB-X64: Searchqu Toolbar: {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Program Files (x86)\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll
    TB-X64: MediaBar: {0974BA1E-64EC-11DE-B2A5-E43756D89593} -
    TB-X64: ALOT Appbar: {A531D99C-5A22-449b-83DA-872725C6D0ED} - C:\Program Files (x86)\alotappbar\bin\ALOTHelper.dll
    TB-X64: {28387537-e3f9-4ed7-860c-11e69af4a8a0} - No File
    TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB-X64: Blekko search bar: {7d9e1adc-7db1-4eaf-b6c7-7e062074e6be} - C:\Program Files (x86)\blekkotb_soc\blekkotb_019X.dll
    TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    mRun-x64: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
    mRun-x64: [BATINDICATOR] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe
    mRun-x64: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe
    mRun-x64: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
    mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun-x64: [TaskTray]
    mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    mRun-x64: [(Default)]
    mRun-x64: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
    mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
    mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    IE-X64: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe
    AppInit_DLLs-X64: z12vwxn8ry232.dlla2pwj44x2ky32.dllgx4pxwbpl5r32.dll xngpel832.dllzmmgppy932.dllv98rwrukq3ik32.dll
    SEH-X64: EasyBits ShellExecute Hook: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL
    Hosts: 94.63.147.22 www.google.com
    Hosts: 94.63.147.23 www.bing.com
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 aswNdis;avast! Firewall NDIS Filter Service;C:\Windows\system32\DRIVERS\aswNdis.sys --> C:\Windows\system32\DRIVERS\aswNdis.sys [?]
    R0 aswNdis2;avast! Firewall Core Firewall Service;C:\Windows\system32\drivers\aswNdis2.sys --> C:\Windows\system32\drivers\aswNdis2.sys [?]
    R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\avgidseha.sys --> C:\Windows\system32\DRIVERS\avgidseha.sys [?]
    R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
    R0 DwProt;DrWeb Protection;C:\Windows\system32\drivers\dwprot.sys --> C:\Windows\system32\drivers\dwprot.sys [?]
    R0 RapportKE64;RapportKE64;C:\Windows\system32\Drivers\RapportKE64.sys --> C:\Windows\system32\Drivers\RapportKE64.sys [?]
    R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\system32\Drivers\SmartDefragDriver.sys --> C:\Windows\system32\Drivers\SmartDefragDriver.sys [?]
    R0 SpiderG3;DrWeb file system scanner;C:\Windows\system32\drivers\spiderg3.sys --> C:\Windows\system32\drivers\spiderg3.sys [?]
    R1 aswFW;avast! TDI Firewall driver;C:\Windows\system32\drivers\aswFW.sys --> C:\Windows\system32\drivers\aswFW.sys [?]
    R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?]
    R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
    R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
    R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
    R1 DrWebWfp;DrWebWfp;C:\Windows\system32\drivers\dw_wfp.sys --> C:\Windows\system32\drivers\dw_wfp.sys [?]
    R1 nnfwdk;Nielsen WFP Driver;C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\nnfwdk64.sys [2012-3-18 25648]
    R1 RapportCerberus_34302;RapportCerberus_34302;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus64_34302.sys [2011-12-7 397520]
    R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2012-3-7 55056]
    R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2012-3-7 296048]
    R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
    R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-7-19 140672]
    R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2010/01/07 20:24:33];C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2010-1-7 146928]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
    R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2012-2-14 2316624]
    R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-2-14 5104992]
    R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
    R2 CDMA Device Service;CDMA Device Service;C:\Program Files (x86)\Samsung\USB Drivers\26_VIA_driver2\amd64\VIAService.exe [2011-9-25 159232]
    R2 DrWebAVService;Dr.Web Control Service;C:\Program Files (x86)\DrWeb\dwservice.exe --loglevel=inf --logfile="C:\ProgramData\Doctor Web\Logs\dwservice.log" --> C:\Program Files (x86)\DrWeb\dwservice.exe --loglevel=inf --logfile=C:\ProgramData\Doctor Web\Logs\dwservice.log [?]
    R2 DrWebEngine;Dr.Web Scanning Engine (DrWebEngine);C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe [2012-4-5 1914792]
    R2 DrWebNetFilter;Dr.Web Net Filtering Service;C:\Program Files (x86)\DrWeb\dwnetfilter.exe [2012-4-5 3031352]
    R2 ezSharedSvc;Easybits Shared Services for Windows;C:\Windows\system32\svchost.exe -k netsvcs [2009-7-14 20992]
    R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-6-21 85560]
    R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-1-7 13336]
    R2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-3-17 821592]
    R2 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2011-9-1 523136]
    R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2012-3-7 976696]
    R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
    R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
    R3 AVER_H193;AVerMedia H193 Video Capture;C:\Windows\system32\drivers\AVer888RC_64.sys --> C:\Windows\system32\drivers\AVer888RC_64.sys [?]
    R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys --> C:\Windows\system32\DRIVERS\avgidsdrivera.sys [?]
    R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\avgidsfiltera.sys --> C:\Windows\system32\DRIVERS\avgidsfiltera.sys [?]
    R3 CXCIR;AVerMedia Consumer Infrared Receiver;C:\Windows\system32\DRIVERS\AVer888RCIR_64.sys --> C:\Windows\system32\DRIVERS\AVer888RCIR_64.sys [?]
    R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
    R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-4-11 135664]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-1 253600]
    S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-4-1 183560]
    S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudbus.sys --> C:\Windows\system32\DRIVERS\ssudbus.sys [?]
    S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
    S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-4-11 135664]
    S3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\system32\DRIVERS\LVPr2M64.sys --> C:\Windows\system32\DRIVERS\LVPr2M64.sys [?]
    S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
    S3 LVUVC64;Logitech Webcam 120(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]
    S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]
    S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\PC-Doctor for Windows\pcdsrvc_x64.pkms [2009-9-17 23536]
    S3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2012-3-17 33184]
    S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS\ssadbus.sys [?]
    S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys [?]
    S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?]
    S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudmdm.sys --> C:\Windows\system32\DRIVERS\ssudmdm.sys [?]
    S3 TFsExDisk;TFsExDisk;C:\Windows\System32\drivers\TFsExDisk.Sys [2011-1-8 16392]
    S3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2012-3-17 21872]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S4 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-3-17 21384]
    S4 NielsenUpdate;Nielsen Update;C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe [2012-3-18 306496]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2012-04-05 19:52:47 -------- d-sh--w- C:\DrWeb Quarantine
    2012-04-05 19:52:11 -------- d-----w- C:\Users\tony\AppData\Local\{9736F8A5-2C6F-4525-BA7C-C6DB789CE4A7}
    2012-04-05 19:52:01 -------- d-----w- C:\Users\tony\AppData\Local\{EE89EB67-0EC3-4C73-A05F-1989EFD85538}
    2012-04-05 19:51:23 -------- d-----w- C:\Users\tony\AppData\Local\{0FE452DD-D14E-4681-B38D-50BC06F5E0AB}
    2012-04-05 19:19:52 -------- d-----w- C:\Users\tony\AppData\Local\{6A63525C-CECC-45C8-ADDD-3CFBBB397684}
    2012-04-05 19:19:19 -------- d-----w- C:\Users\tony\Doctor Web
    2012-04-05 19:16:02 71896 ----a-w- C:\Windows\System32\drivers\dw_wfp.sys
    2012-04-05 19:15:47 223960 ----a-w- C:\Windows\System32\drivers\spiderg3.sys
    2012-04-05 19:15:43 206552 ----a-w- C:\Windows\System32\drivers\dwprot.sys
    2012-04-05 19:15:24 -------- d-----w- C:\Program Files\Common Files\Doctor Web
    2012-04-05 19:15:09 -------- d-----w- C:\Program Files (x86)\DrWeb
    2012-04-04 20:20:17 -------- d-----w- C:\Program Files (x86)\Trojan Remover
    2012-04-04 19:39:39 691 ----a-w- C:\Users\tony\AppData\Roaming\GetValue.vbs
    2012-04-04 19:39:39 35 ----a-w- C:\Users\tony\AppData\Roaming\SetValue.bat
    2012-04-04 19:37:22 5288 ----a-w- C:\Windows\SysWow64\tmp.reg
    2012-04-04 19:16:41 388096 ----a-r- C:\Users\tony\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2012-04-04 19:16:38 -------- d-----w- C:\Program Files (x86)\Trend Micro
    2012-04-04 13:11:54 -------- d-----w- C:\ProgramData\Doctor Web
    2012-04-04 13:00:09 -------- d-----w- C:\Users\tony\AppData\Local\{05CDD276-D8EB-470D-BEEE-5F884B7CD010}
    2012-04-04 12:59:33 -------- d-----w- C:\Users\tony\AppData\Local\{AE25F25F-56DB-45D6-8383-20B62CA3C443}
    2012-04-03 19:43:19 -------- d-----w- C:\Users\tony\AppData\Local\FileTypeAssistant
    2012-04-03 19:42:07 -------- d-----w- C:\Program Files (x86)\File Type Assistant
    2012-04-03 17:37:40 -------- d-----w- C:\Users\tony\AppData\Local\{43822405-A0B3-48A8-A2D8-F9FA6492E5D9}
    2012-04-03 17:37:15 -------- d-----w- C:\Users\tony\AppData\Local\{9B47A818-941C-4DBB-9E95-CAF8FCA90AF4}
    2012-04-03 17:31:11 -------- d-----w- C:\Windows\en
    2012-04-03 17:27:06 48488 ----a-w- C:\Windows\System32\drivers\fssfltr.sys
    2012-04-03 17:22:05 7450888 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\49e3c6cc1cd11be05\bingbarsetup.exe
    2012-04-03 17:21:40 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\3ab9c82a1cd11be04\MeshBetaRemover.exe
    2012-04-03 17:21:36 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\37acd5f71cd11be03\DSETUP.dll
    2012-04-03 17:21:36 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\37acd5f71cd11be03\DXSETUP.exe
    2012-04-03 17:21:36 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\37acd5f71cd11be03\dsetup32.dll
    2012-04-03 17:20:25 -------- d-----w- C:\Users\tony\AppData\Roaming\PC Speed Maximizer
    2012-04-03 16:51:00 -------- d-----w- C:\Users\tony\AppData\Local\antiphishing-vmninternethelper1_1dn
    2012-04-03 16:50:38 -------- d-----w- C:\Program Files (x86)\blekkotb_soc
    2012-04-03 16:49:57 -------- d-----w- C:\Program Files (x86)\PC Speed Maximizer
    2012-04-03 16:49:47 -------- d-----w- C:\ProgramData\Anti-phishing Domain Advisor
    2012-04-03 16:49:21 -------- d-----w- C:\ProgramData\blekko toolbars
    2012-04-03 13:07:27 -------- d-----w- C:\Users\tony\DoctorWeb
    2012-04-03 12:18:46 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
    2012-04-03 12:18:43 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2012-04-02 14:36:00 -------- d-----w- C:\Users\tony\AppData\Roaming\AVG2012
    2012-04-02 14:34:47 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
    2012-04-02 14:34:16 -------- d--h--w- C:\$AVG
    2012-04-02 14:34:16 -------- d-----w- C:\Windows\System32\drivers\AVG
    2012-04-02 13:51:43 -------- d-----w- C:\Users\tony\AppData\Local\{8BE1E50B-6B31-4511-B0A3-2DDDAC12D6FB}
    2012-04-02 13:19:23 -------- d-----w- C:\Program Files (x86)\Avast
    2012-04-02 12:12:35 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E1DCB5D8-88CF-4774-BB24-ABC59F0BCECC}\mpengine.dll
    2012-04-02 11:35:53 -------- d-----w- C:\ProgramData\Alwil Software
    2012-04-01 20:30:41 -------- d-----w- C:\Users\tony\AppData\Local\{A8DB2F49-72AC-4100-AEF6-AF1C4C00B992}
    2012-04-01 19:20:57 -------- d-----w- C:\Program Files (x86)\Medea International Ltd
    2012-04-01 19:10:05 -------- d-----w- C:\Program Files (x86)\Easy CD & DVD Cover Creator
    2012-04-01 12:17:12 -------- d-----w- C:\Users\tony\AppData\Local\{63031E79-5994-47C3-A62B-7E3F16D3BC6B}
    2012-04-01 08:22:24 8738464 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
    2012-04-01 07:45:22 418464 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-03-31 20:40:48 -------- d-----w- C:\Users\tony\AppData\Local\{857B99DD-E471-44B7-9D75-EB93AC8824D3}
    2012-03-30 15:35:20 -------- d-----w- C:\Users\tony\AppData\Local\{2BE6239F-2354-49CF-B5B5-B4C252A1FC21}
    2012-03-29 12:04:26 -------- d-----w- C:\Users\tony\AppData\Local\{9C756B8E-2D97-4233-A6EF-E63260A03254}
    2012-03-28 11:50:23 -------- d-----w- C:\Users\tony\AppData\Local\{446D9E88-128B-449A-BCE0-16FC00C42158}
    2012-03-27 14:17:57 -------- d-----w- C:\Users\tony\AppData\Local\{4F060886-1E38-4688-B88B-F8EC7FF14681}
    2012-03-27 14:17:23 -------- d-----w- C:\Users\tony\AppData\Local\{9DECEF7E-AF7E-407A-9AFE-9A2810C8BC9F}
    2012-03-26 18:43:28 -------- d-----w- C:\Users\tony\AppData\Roaming\NCH Software
    2012-03-26 18:24:45 -------- d-----w- C:\Users\tony\AppData\Local\TempDIR
    2012-03-26 15:00:00 -------- d-----w- C:\Users\tony\AppData\Local\{AD78B362-22BB-40CC-8DDE-3A80AEDA3BF0}
    2012-03-26 14:59:26 -------- d-----w- C:\Users\tony\AppData\Local\{DB4E6178-9220-4CC1-A907-8C4A748864AC}
    2012-03-25 12:24:43 -------- d-----w- C:\Users\tony\AppData\Local\{E70BEA43-EE38-4B90-A0D0-CC548B418F1E}
    2012-03-25 12:24:32 -------- d-----w- C:\Users\tony\AppData\Local\{C174684F-B933-48DA-9705-55BAD924DFDC}
    2012-03-24 11:25:14 -------- d-----w- C:\Users\tony\AppData\Local\{849B5759-7852-4C16-A587-DF56D1150EA5}
    2012-03-24 11:24:40 -------- d-----w- C:\Users\tony\AppData\Local\{01FAD4A7-E417-4E09-9764-76CBE8829BDE}
    2012-03-23 11:01:03 -------- d-----w- C:\Users\tony\AppData\Local\{A9929552-2911-405F-AA91-9BEA9F27082D}
    2012-03-23 11:00:29 -------- d-----w- C:\Users\tony\AppData\Local\{4C5C1DF7-380F-4600-A527-60E56CD5BA2D}
    2012-03-22 18:54:38 -------- d-----w- C:\Users\tony\AppData\Local\{94A1ECFB-DF46-47D2-B106-D853457126AE}
    2012-03-22 18:54:04 -------- d-----w- C:\Users\tony\AppData\Local\{24D3FA49-06C1-44B6-B683-53686ADE2D5F}
    2012-03-21 15:26:27 -------- d-----w- C:\Users\tony\AppData\Local\{DF9A6783-B1C2-445D-AD89-C2AB4C6478D0}
    2012-03-21 15:25:54 -------- d-----w- C:\Users\tony\AppData\Local\{E32EE5AA-30BC-47D4-BC9E-A71A2B8E9136}
    2012-03-21 12:45:26 -------- d-----w- C:\Users\tony\AppData\Local\{834ED68F-4F61-465C-B4AC-F1884944BBE2}
    2012-03-20 21:27:58 -------- d-----w- C:\Users\tony\AppData\Local\{DC935FC3-0C2B-4127-BC0F-7D7E85337B0E}
    2012-03-20 21:27:24 -------- d-----w- C:\Users\tony\AppData\Local\{4245FF05-0B0E-49B7-A8EB-1CF0F3B774F5}
    2012-03-19 10:01:41 -------- d-----w- C:\Users\tony\AppData\Local\{AD552651-31B8-4E97-84C9-C49E8D7D9AC6}
    2012-03-19 10:01:07 -------- d-----w- C:\Users\tony\AppData\Local\{07D25B5A-17C4-4616-AAE1-020AB012BC1B}
    2012-03-18 14:17:06 -------- d-----w- C:\Users\tony\AppData\Local\{C5D1C926-6914-430D-9D25-E9EB099BCDAE}
    2012-03-18 14:16:43 -------- d-----w- C:\Users\tony\AppData\Local\{17022418-EFB5-48E8-8915-60F28EEA680A}
    2012-03-18 13:55:12 -------- d-----w- C:\Program Files (x86)\NetRatingsNetSight
    2012-03-17 19:27:31 -------- d-----w- C:\Users\tony\AppData\Local\{C7291D45-499C-4F2A-9EA0-E2AE88AEA7B5}
    2012-03-17 19:27:11 -------- d-----w- C:\Users\tony\AppData\Local\{EEE64569-14D4-47ED-A8A7-6741340A89F9}
    2012-03-17 19:07:15 -------- d-----w- C:\Windows\SysWow64\TVUAx
    2012-03-17 13:17:43 -------- d-----w- C:\ProgramData\2B3F
    2012-03-17 09:42:38 -------- dc-h--w- C:\ProgramData\~0
    2012-03-16 14:50:34 -------- d-----w- C:\Users\tony\AppData\Local\{4A92015F-8B2A-4231-A519-69C6F5680023}
    2012-03-16 14:50:14 -------- d-----w- C:\Users\tony\AppData\Local\{63ACDDB5-591D-4101-922C-261D90664994}
    2012-03-15 16:31:31 -------- d-----w- C:\Users\tony\AppData\Roaming\WildTangent
    2012-03-15 15:51:17 -------- d-----w- C:\Users\tony\AppData\Local\{55F35A7D-3476-4475-AF8C-D88979F17CC6}
    2012-03-15 15:50:56 -------- d-----w- C:\Users\tony\AppData\Local\{CD3F0C06-74D2-4139-8771-DC8D9B94E9D5}
    2012-03-14 15:57:49 -------- d-----w- C:\Users\tony\AppData\Local\{3EE7F7A3-C7D2-4E21-900D-B1E9629FE9A1}
    2012-03-14 15:57:29 -------- d-----w- C:\Users\tony\AppData\Local\{34225C47-E35C-4AE5-867C-46777366C0AC}
    2012-03-13 16:36:54 -------- d-----w- C:\Users\tony\AppData\Local\{7DC91A46-5D37-48E8-A060-108191ACD86F}
    2012-03-13 16:36:33 -------- d-----w- C:\Users\tony\AppData\Local\{50243C6D-E12B-4D34-BF69-9DE3A099A3B5}
    2012-03-12 14:40:03 -------- d-----w- C:\Users\tony\AppData\Local\{C6105D5A-7429-410C-968F-7BCADE6F32C2}
    2012-03-12 14:39:42 -------- d-----w- C:\Users\tony\AppData\Local\{94863E65-1D04-4CB6-9EE1-8FF9AEC2DB8F}
    2012-03-11 16:48:05 -------- d-----w- C:\Users\tony\AppData\Local\{5336C159-AB8F-4C52-9643-B6D835F16802}
    2012-03-11 16:47:43 -------- d-----w- C:\Users\tony\AppData\Local\{19A98F3E-359A-433F-90C3-D29D4BDCDF1D}
    2012-03-10 16:37:17 -------- d-----w- C:\Users\tony\AppData\Local\{39A1E9AB-C72B-491E-8F0B-7B8E1B847C79}
    2012-03-10 16:36:55 -------- d-----w- C:\Users\tony\AppData\Local\{92D45C58-A3F9-46C5-89EB-F09A52E7429D}
    2012-03-10 15:13:40 -------- d-----w- C:\Users\tony\AppData\Local\{E2DDEE71-C799-4DB2-8024-432630E434E1}
    2012-03-09 19:09:34 -------- d-----w- C:\Users\tony\AppData\Local\{39E7FC80-45A4-47FA-8E51-32D4DFF92053}
    2012-03-09 19:09:14 -------- d-----w- C:\Users\tony\AppData\Local\{5375588E-106D-4DE8-B40C-5836B3A3156F}
    2012-03-09 15:59:47 -------- d-----w- C:\Program Files (x86)\BANDOO
    2012-03-08 17:50:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll
    2012-03-08 17:37:20 302448 ----a-w- C:\Windows\WLXPGSS.SCR
    2012-03-08 15:57:17 -------- d-----w- C:\Users\tony\AppData\Local\{2150B0C7-FB93-4142-B443-F2C81B3B60FF}
    2012-03-08 15:56:57 -------- d-----w- C:\Users\tony\AppData\Local\{5EEFA0E6-B162-48E2-958D-4875C5B02E2C}
    2012-03-08 15:51:50 -------- d-----w- C:\ProgramData\AMD
    2012-03-08 15:51:49 -------- d-----w- C:\Program Files (x86)\AMD AVT
    2012-03-08 15:51:47 -------- d-----w- C:\Program Files (x86)\AMD APP
    2012-03-07 14:56:18 -------- d-----w- C:\Users\tony\AppData\Local\{7103364B-6267-43B4-BDBD-3AEE6F35A994}
    2012-03-07 14:55:56 -------- d-----w- C:\Users\tony\AppData\Local\{FD50A641-5E44-4FE3-92A3-05F7BECABA58}
    .
    ==================== Find3M ====================
    .
    2012-04-01 08:22:51 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-03-25 19:13:06 282864 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
    2012-03-25 19:13:06 282864 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
    2012-03-25 19:12:25 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
    2012-03-20 21:32:48 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
    2012-03-07 20:12:58 101360 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys
    2012-02-23 08:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe
    2012-02-22 04:25:50 382032 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
    2012-02-22 04:25:32 289872 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
    2012-02-15 03:48:32 10856960 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
    2012-02-15 03:21:24 25839104 ----a-w- C:\Windows\System32\atio6axx.dll
    2012-02-15 03:18:56 159744 ----a-w- C:\Windows\System32\atiapfxx.exe
    2012-02-15 03:18:40 791040 ----a-w- C:\Windows\SysWow64\aticfx32.dll
    2012-02-15 03:17:04 957952 ----a-w- C:\Windows\System32\aticfx64.dll
    2012-02-15 03:13:56 442368 ----a-w- C:\Windows\System32\ATIDEMGX.dll
    2012-02-15 03:13:40 496128 ----a-w- C:\Windows\System32\atieclxx.exe
    2012-02-15 03:13:00 235520 ----a-w- C:\Windows\System32\atiesrxx.exe
    2012-02-15 03:11:42 120320 ----a-w- C:\Windows\System32\atitmm64.dll
    2012-02-15 03:10:58 21504 ----a-w- C:\Windows\System32\atimuixx.dll
    2012-02-15 03:10:54 59392 ----a-w- C:\Windows\System32\atiedu64.dll
    2012-02-15 03:10:48 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
    2012-02-15 03:07:44 6200320 ----a-w- C:\Windows\SysWow64\atidxx32.dll
    2012-02-15 02:58:56 19392000 ----a-w- C:\Windows\SysWow64\atioglxx.dll
    2012-02-15 02:52:28 7646208 ----a-w- C:\Windows\System32\atidxx64.dll
    2012-02-15 02:41:28 1113088 ----a-w- C:\Windows\System32\atiumd6v.dll
    2012-02-15 02:40:54 1828864 ----a-w- C:\Windows\SysWow64\atiumdmv.dll
    2012-02-15 02:40:42 4958208 ----a-w- C:\Windows\System32\atiumd6a.dll
    2012-02-15 02:34:56 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
    2012-02-15 02:34:54 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
    2012-02-15 02:34:46 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
    2012-02-15 02:34:44 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
    2012-02-15 02:34:36 5954048 ----a-w- C:\Windows\SysWow64\atiumdag.dll
    2012-02-15 02:34:30 13859840 ----a-w- C:\Windows\System32\aticaldd64.dll
    2012-02-15 02:29:52 5062656 ----a-w- C:\Windows\SysWow64\atiumdva.dll
    2012-02-15 02:29:50 11561984 ----a-w- C:\Windows\SysWow64\aticaldd.dll
    2012-02-15 02:25:06 7551488 ----a-w- C:\Windows\System32\atiumd64.dll
    2012-02-15 02:16:38 58880 ----a-w- C:\Windows\System32\coinst.dll
    2012-02-15 02:14:00 512000 ----a-w- C:\Windows\System32\atiadlxx.dll
    2012-02-15 02:13:50 356352 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
    2012-02-15 02:13:36 17408 ----a-w- C:\Windows\System32\atig6pxx.dll
    2012-02-15 02:13:32 14336 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
    2012-02-15 02:13:32 14336 ----a-w- C:\Windows\System32\atiglpxx.dll
    2012-02-15 02:13:28 39936 ----a-w- C:\Windows\System32\atig6txx.dll
    2012-02-15 02:13:20 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll
    2012-02-15 02:13:12 327680 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
    2012-02-15 02:12:22 43008 ----a-w- C:\Windows\System32\atiuxp64.dll
    2012-02-15 02:12:14 33280 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
    2012-02-15 02:12:08 39936 ----a-w- C:\Windows\System32\atiu9p64.dll
    2012-02-15 02:12:00 30208 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
    2012-02-15 02:11:22 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
    2012-02-15 02:11:16 54784 ----a-w- C:\Windows\System32\atimpc64.dll
    2012-02-15 02:11:16 54784 ----a-w- C:\Windows\System32\amdpcom64.dll
    2012-02-15 02:11:10 53760 ----a-w- C:\Windows\SysWow64\atimpc32.dll
    2012-02-15 02:11:10 53760 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
    2012-02-14 22:05:32 69632 ----a-w- C:\Windows\System32\OpenVideo64.dll
    2012-02-14 22:05:26 59904 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
    2012-02-14 22:05:20 61952 ----a-w- C:\Windows\System32\OVDecode64.dll
    2012-02-14 22:05:16 54784 ----a-w- C:\Windows\SysWow64\OVDecode.dll
    2012-02-14 22:05:08 16507904 ----a-w- C:\Windows\System32\amdocl64.dll
    2012-02-14 22:04:26 13238272 ----a-w- C:\Windows\SysWow64\amdocl.dll
    2012-02-14 22:03:44 54272 ----a-w- C:\Windows\System32\OpenCL.dll
    2012-02-14 22:03:38 48128 ----a-w- C:\Windows\SysWow64\OpenCL.dll
    2012-01-31 06:02:26 21504 ----a-w- C:\Windows\System32\kdbsdk64.dll
    2012-01-31 06:00:24 16896 ----a-w- C:\Windows\SysWow64\kdbsdk32.dll
    2012-01-31 03:46:48 36944 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
    2012-01-18 06:44:52 540960 ----a-w- C:\Windows\SysWow64\LVUI2RC.dll
    2012-01-18 06:44:40 545056 ----a-w- C:\Windows\SysWow64\LVUI2.dll
    2012-01-18 06:44:36 561440 ----a-w- C:\Windows\System32\LVUIRC64.dll
    2012-01-18 06:44:36 4865568 ----a-w- C:\Windows\System32\drivers\LVUVC64.sys
    2012-01-18 06:44:28 769312 ----a-w- C:\Windows\System32\LVUI64.dll
    2012-01-18 06:44:28 351136 ----a-w- C:\Windows\System32\drivers\lvrs64.sys
    2012-01-18 06:44:26 307488 ----a-w- C:\Windows\SysWow64\LVCodec2.dll
    2012-01-18 06:44:26 263456 ----a-w- C:\Windows\System32\lvco13311044.dll
    2012-01-18 06:44:26 176416 ----a-w- C:\Windows\System32\LVCod64.dll
    2012-01-18 06:23:12 38958 ----a-w- C:\Windows\System32\Repository.reg
    .
    ============= FINISH: 9:54:46.67 ===============


    Here is the Attach.txt file:

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 18/03/2010 20:32:35
    System Uptime: 06/04/2012 09:03:32 (0 hours ago)
    .
    Motherboard: MSI | | IONA
    Processor: Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz | CPU 1 | 2660/133mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 1385 GiB total, 949.388 GiB free.
    D: is FIXED (NTFS) - 13 GiB total, 1.724 GiB free.
    E: is CDROM ()
    H: is Removable
    I: is Removable
    J: is Removable
    K: is Removabledds attach.txt
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP489: 03/03/2012 18:54:01 - Revo Uninstaller's restore point - Battlelog Web Plugins
    RP490: 03/03/2012 18:58:02 - Revo Uninstaller's restore point - Origin
    RP491: 05/03/2012 10:55:01 - Installed Rapport
    RP492: 05/03/2012 15:44:43 - CheckIfInstallerIsBusy
    RP493: 05/03/2012 15:46:20 - Windows Live Essentials
    RP494: 05/03/2012 15:47:15 - Installed DirectX
    RP495: 05/03/2012 15:47:36 - Installed DirectX
    RP496: 05/03/2012 15:49:32 - WLSetup
    RP497: 08/03/2012 15:35:18 - Installed Rapport
    RP498: 10/03/2012 13:20:55 - Revo Uninstaller's restore point - Bing Bar
    RP499: 17/03/2012 17:01:00 - Scheduled Checkpoint
    RP500: 17/03/2012 18:56:35 - Revo Uninstaller's restore point - iMesh
    RP501: 18/03/2012 11:47:01 - HPSF Restore Point
    RP502: 23/03/2012 20:36:37 - Revo Uninstaller's restore point - World of Tanks
    RP503: 26/03/2012 20:53:40 - IObit Uninstaller restore point
    RP504: 26/03/2012 20:54:21 - IObit Uninstaller restore point
    RP505: 26/03/2012 20:55:09 - Configured Power2Go
    RP506: 29/03/2012 19:28:59 - Revo Uninstaller's restore point - eMule
    RP507: 01/04/2012 20:20:39 - Installed exPressit SE
    RP508: 02/04/2012 12:35:35 - avast! Free Antivirus Setup
    RP509: 02/04/2012 12:54:27 - IObit Uninstaller restore point
    RP510: 02/04/2012 12:55:40 - Removed AVG 2012
    RP511: 02/04/2012 12:57:42 - Removed AVG 2012
    RP513: 02/04/2012 13:12:13 - IObit Uninstaller restore point
    RP512: 02/04/2012 13:12:13 - Windows Update
    RP514: 02/04/2012 13:42:08 - IObit Uninstaller restore point
    RP515: 02/04/2012 13:58:05 - avast! Free Antivirus Setup
    RP516: 02/04/2012 14:25:02 - IObit Uninstaller restore point
    RP517: 02/04/2012 14:29:09 - IObit Uninstaller restore point
    RP518: 02/04/2012 14:57:52 - avast! Pro Antivirus Setup
    RP519: 02/04/2012 15:14:02 - IObit Uninstaller restore point
    RP520: 02/04/2012 15:14:56 - avast! Pro Antivirus Setup
    RP521: 02/04/2012 15:32:43 - Installed AVG 2012
    RP522: 02/04/2012 15:33:04 - Installed AVG 2012
    RP523: 03/04/2012 08:54:10 - IObit Uninstaller restore point
    RP524: 03/04/2012 09:18:13 - Restore Operation
    RP525: 03/04/2012 13:25:02 - Revo Uninstaller's restore point - WinMX
    RP526: 03/04/2012 13:29:05 - Revo Uninstaller's restore point - Yahoo! BrowserPlus 2.9.8
    RP527: 03/04/2012 13:32:56 - Revo Uninstaller's restore point - Yahoo! Software Update
    RP528: 03/04/2012 13:36:31 - Revo Uninstaller's restore point - Windows Live Essentials
    RP529: 03/04/2012 13:39:18 - Windows Live Essentials
    RP530: 03/04/2012 13:39:46 - WLSetup
    RP531: 03/04/2012 14:20:47 - Restore Operation
    RP532: 03/04/2012 17:17:25 - Revo Uninstaller's restore point - Burn4Free CD & DVD 5.1.0.0
    RP533: 03/04/2012 17:20:21 - Revo Uninstaller's restore point - exPressit S.E. 3.0
    RP534: 03/04/2012 17:25:41 - Revo Uninstaller's restore point - Yahoo! Search Protection
    RP535: 03/04/2012 17:57:49 - IObit Uninstaller restore point
    RP536: 03/04/2012 18:00:45 - IObit Uninstaller restore point
    RP537: 03/04/2012 18:20:26 - Windows Live Essentials
    RP538: 03/04/2012 18:21:24 - IObit Uninstaller restore point
    RP539: 03/04/2012 18:21:25 - Installed DirectX
    RP540: 03/04/2012 18:22:20 - Installed DirectX
    RP541: 03/04/2012 18:25:14 - WLSetup
    RP542: 03/04/2012 21:36:19 - IObit Uninstaller restore point
    RP543: 03/04/2012 21:42:19 - IObit Uninstaller restore point
    RP544: 04/04/2012 14:11:28 - Installed Dr.Web Security Space 7.0.
    RP545: 04/04/2012 15:29:38 - Windows Backup
    RP546: 04/04/2012 20:14:09 - Installed HiJackThis
    RP547: 05/04/2012 20:14:50 - Installed Dr.Web Security Space 7.0.
    .
    ==== Installed Programs ======================
    .
    7-Zip 9.20
    A.V.A
    ABBYY FineReader 6.0 Sprint
    Acrobat.com
    Adobe AIR
    Adobe Reader 9.5.0
    Alliance of Valiant Arms
    ALOT Appbar
    Amazon Kindle
    Anti-phishing Domain Advisor
    Apple Application Support
    Application Profiles
    ArmA 2 Uninstall
    Ask Toolbar
    AVG PC Tuneup
    AVS DVD Copy version 4.1.1
    AVS Image Converter 1.3.1.136
    AVS Update Manager 1.0
    AVS4YOU Software Navigator 1.4
    Battlefield 3™
    Battlefield Play4Free
    Battlefield: Bad Company™ 2
    Battlelog Web Plugins
    BearShare
    Bing Bar
    BitTornado 0.3.18
    Blekko search bar
    BT Broadband Desktop Help
    BTHomeHub
    Call of Duty(R) - World at War(TM)
    Call of Duty: Black Ops
    Call of Duty: Black Ops - Multiplayer
    Call of Duty: Modern Warfare 2
    Call of Duty: Modern Warfare 2 - Multiplayer
    Call of Duty: Modern Warfare 3
    Call of Duty: Modern Warfare 3 - Dedicated Server
    Call of Duty: Modern Warfare 3 - Multiplayer
    CameraHelperMsi
    Catalyst Control Center
    Catalyst Control Center - Branding
    Catalyst Control Center Graphics Previews Common
    Catalyst Control Center InstallProxy
    Catalyst Control Center Localization All
    CCC Help Chinese Standard
    CCC Help Chinese Traditional
    CCC Help Czech
    CCC Help Danish
    CCC Help Dutch
    CCC Help English
    CCC Help Finnish
    CCC Help French
    CCC Help German
    CCC Help Greek
    CCC Help Hungarian
    CCC Help Italian
    CCC Help Japanese
    CCC Help Korean
    CCC Help Norwegian
    CCC Help Polish
    CCC Help Portuguese
    CCC Help Russian
    CCC Help Spanish
    CCC Help Swedish
    CCC Help Thai
    CCC Help Turkish
    Company of Heroes
    Company of Heroes - FAKEMSI
    Company of Heroes Retail Beta
    Compatibility Pack for the 2007 Office system
    Conduit Engine
    Cross Fire En
    Crysis® 2
    CyberLink DVD Suite Deluxe
    D3DX10
    Darkest Hour: Europe '44-'45
    DirectX for Managed Code Update (Summer 2004)
    Disketch CD Label Software
    Download Manager 2.3.10
    Download Updater (AOL LLC)
    Dr.Web Security Space 7.0
    DVD Menu Pack for HP MediaSmart Video
    Easy CD and DVD Cover Creator 4.13
    erLT
    ESN Sonar
    Express Burn Disc Burning Software
    exPressit SE
    F.E.A.R. 2: Project Origin
    Far Cry 2
    File Type Assistant
    Free Download Manager 3.0
    Google Toolbar for Internet Explorer
    Google Update Helper
    GoToAssist Corporate
    Graboid Video 1.73
    Hardware Helper
    Hewlett-Packard ACLM.NET v1.1.1.0
    HiJackThis
    Homefront
    Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
    HP Advisor
    HP Customer Experience Enhancements
    HP Games
    HP MAINSTREAM KEYBOARD
    HP MediaSmart DVD
    HP MediaSmart Music/Photo/Video
    HP Odometer
    HP Photo Creations
    HP Photosmart Plus B210 series Help
    HP Product Detection
    HP Remote Solution
    HP Setup
    HP Support Assistant
    HP Support Information
    HP Update
    HPDiagnosticAlert
    HydraVision
    Intel(R) Rapid Storage Technology
    Internet TV for Windows Media Center
    IObit Malware Fighter
    Java Auto Updater
    Java(TM) 6 Update 26
    JoneSoft MD5Mate v1.1.0
    Junk Mail filter update
    LabelPrint
    LightScribe System Software
    LimeWire 5.5.10
    Logitech Vid HD
    Logitech Webcam Software
    LWS Facebook
    LWS Gallery
    LWS Help_main
    LWS Launcher
    LWS Motion Detection
    LWS Pictures And Video
    LWS Twitter
    LWS Video Mask Maker
    LWS Webcam Software
    LWS WLM Plugin
    LWS YouTube Plugin
    Magic Desktop
    Malwarebytes' Anti-Malware
    Maps4PC
    Mare Nostrum
    MediaBar
    Men of War (Remove Only)
    Men of War: Assault Squad
    Men of War: Red Tide
    Mesh Runtime
    Messenger Companion
    Microsoft Chart Controls for Microsoft .NET Framework 3.5
    Microsoft Office 2000 Professional
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft Works
    Movie Theme Pack for HP MediaSmart Video
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MXpie Patch for WinMX Network/WPNP 3.6.3.6
    MyFreeCodec
    Nielsen
    NoteWorthy Composer 2 Viewer
    NVIDIA PhysX
    OF Dragon Rising
    OpenAL
    Origin
    PaltalkScene
    PC Cleaner v3.0
    PC Speed Maximizer v3.1
    PowerDirector
    PunkBuster Services
    QuickTime
    Radio Bar 1 Toolbar
    Rapport
    REACTOR
    RealNetworks - Microsoft Visual C++ 2008 Runtime
    RealPlayer
    Realtek High Definition Audio Driver
    RealUpgrade 1.1
    Recovery Manager
    Red Orchestra 2: Heroes of Stalingrad
    Red Orchestra: Ostfront 41-45
    Revo Uninstaller 1.92
    Samsung Kies
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Silent Hunter 4 Wolves of the Pacific
    Silent Hunter III
    Skype Click to Call
    Skype™ 5.5
    SkyPlayer for Windows Media Center
    Smart Defrag 2
    Soldier Front
    Steam
    System Requirements Lab
    The Lord of the Rings FREE Trial
    Trojan Remover 6.8.3
    TVUPlayer 2.5.2.2
    Update 1.11.3.1 for "Men of War"
    Update 1.17.5.1 for "Men of War"
    Visual Studio 2008 x64 Redistributables
    VLC media player 1.0.1
    Vuze
    Vuze Remote Toolbar
    War Inc Battlezone version 0.9.1
    War Inc. Battlezone
    Wincore MediaBar
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Installer
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live Messenger Companion Core
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live Sync
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    Windows Searchqu Toolbar
    WinRAR archiver
    Xvid 1.2.1 final uninstall
    Yahoo! Software Update
    .
    ==== Event Viewer Messages From Past Week ========
    .
    06/04/2012 09:10:38, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: prodrv06 prohlp02 prosync1 sfhlp01
    06/04/2012 09:09:59, Error: Service Control Manager [7000] - The Bandoo Coordinator service failed to start due to the following error: The system cannot find the file specified.
    06/04/2012 09:04:15, Error: Application Popup [1060] - \SystemRoot\SysWow64\drivers\prodrv06.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
    05/04/2012 20:15:42, Error: Service Control Manager [7030] - The Dr.Web Control Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    04/04/2012 21:55:07, Error: Application Popup [1060] - \??\C:\Users\tony\AppData\Local\Temp\trutil.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
    04/04/2012 19:55:57, Error: bowser [8003] - The master browser has received a server announcement from the computer MAY-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{14A415D3-A49B-4310-B7F9-59487581C101}. The master browser is stopping or an election is being forced.
    04/04/2012 14:10:13, Error: Service Control Manager [7034] - The AVG Firewall service terminated unexpectedly. It has done this 1 time(s).
    04/04/2012 14:09:28, Error: Service Control Manager [7031] - The AVG WatchDog service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
    04/04/2012 14:09:18, Error: Service Control Manager [7031] - The AVG WatchDog service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
    04/04/2012 10:25:34, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.
    04/04/2012 10:25:34, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    03/04/2012 09:06:44, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.
    02/04/2012 15:05:11, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the avast! Antivirus service to connect.
    02/04/2012 15:05:11, Error: Service Control Manager [7000] - The avast! Firewall service failed to start due to the following error: The system cannot find the file specified.
    02/04/2012 15:05:11, Error: Service Control Manager [7000] - The avast! Antivirus service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    01/04/2012 21:40:10, Error: Service Control Manager [7038] - The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
    01/04/2012 21:40:10, Error: Service Control Manager [7000] - The UPnP Device Host service failed to start due to the following error: The service did not start due to a logon failure.
    01/04/2012 21:40:10, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1069" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}
    .
    ==== End Of File ===========================

    I trust I have given you all the information ?? If there is anything further I am, of course more than willing to attend.
    Kind Regards
    Tony Cahill
    obxtony.
     
  2. obxtony

    obxtony Thread Starter

    Joined:
    Aug 17, 2008
    Messages:
    117
    I have noticed since starting this thread that I can no longer make backups nor use system restore!
     
  3. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    28,801
    Hiya

    Sorry to hear of your loss :(

    I'll have a full look at all the logs today, but in the meantime can you do this for me:

    Clear Cache/Temp Files
    Download TFC by OldTimer to your desktop
    • Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
    • It will close all programs when run, so make sure you have saved all your work before you begin.
    • Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
    • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.



    Please download Malwarebytes' Anti-Malware from Here

    Double Click mbam-setup.exe to install the application.
    • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select "Perform Full Scan", then click Scan.
    • The scan may take some time to finish, so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy&Paste the entire report in your next reply.
    Extra Note:
    If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediatly.






    Download and scan with SUPERAntiSpyware Free Edition for Home Users
    • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
    • An icon will be created on your desktop. Double-click that icon to launch the program.
    • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
    • Under "Configuration and Preferences", click the Preferences button.
    • Click the Scanning Control tab.
    • Under Scanner Options make sure the following are checked (leave all others unchecked):
      • Close browsers before scanning.
      • Scan for tracking cookies.
      • Terminate memory threats before quarantining.
    • Click the "Home" button to leave the control center screen.
    • On the right, under "Complete Scan", choose Perform Complete Scan.
    • Click Scan your computer.
    • On the left, select all fixed drives.
    • Click "Start Complete Scan" to start the scan. Please be patient while it scans your computer.
    • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "Continue".
    • Make sure everything has a checkmark next to it and click "Next".
    • A notification will appear that "Quarantine and Removal is Complete". Click "Remove Threats" and then click the "Finish" button to return to the main menu.
    • If asked if you want to reboot, click "Yes".
    • To retrieve the removal information after reboot, launch SUPERAntispyware again.
      • Click View Scan Logs.
        [*]Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
        [*]If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
        [*]Please copy and paste the Scan Log results in your next reply.
      [*]Click Close to exit the program.


    Please include the MBAM log and, SUPERAntiSpyware Scan Log and a fresh HijackThis log in your next reply

    eddie
     
  4. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,686
    Tony:

    You've unfortunately learned the hard way the dangers of allowing unrestricted access to your computer by others. :(

    As soon as Eddie is finished with you, I'll be happy to assist you with a few other things.

    That computer appears to be HP brand.
    Advise what model name and model number it is.
    Also advise what the product name(P/N) and/or model name(M/N) on the sticker is.

    -----------------------------------------------------------
     
  5. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    28,801
    Hiya

    Okay, gone thru the logs that you posted, and you have a lot of things in there that shouldn't be there, so we'll get them all removed. If at any point you need further explanation, please ask :)

    Now, I did post the above before going through it, but I see you already have the two programs installed:

    Malwarebytes' Anti-Malware
    SUPERAntiSpyware


    So, if you can start them by going to Start | Programs, and open them. Then, update them both as I mentioned above, and then run the scans, and post the logs :)

    Also, am I right in assuming that you don't play war games such as Call of Duty etc? I can never say no-one is too old for those, as we have someone (I play similar type of game) in our group that is in his 50's ;)

    If you don't, then we can also remove those games, but we can do that at the very end, once the malware has all been removed.

    Then, I'll let flavallee take over :)

    eddie
     
  6. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    28,801
    I'll aslo be here most of the day, as I'm back at glorious work tomorrow :p
     
  7. obxtony

    obxtony Thread Starter

    Joined:
    Aug 17, 2008
    Messages:
    117
    :)Hello again!
    Firstly the 2 logs;
    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org
    Database version: 912040306
    Windows 6.1.7600
    Internet Explorer 9.0.8112.16421
    09/04/2012 14:17:54
    mbam-log-2012-04-09 (14-17-54).txt
    Scan type: Full scan (C:\|)
    Objects scanned: 642164
    Time elapsed: 1 hour(s), 39 minute(s), 20 second(s)
    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0
    Memory Processes Infected:
    (No malicious items detected)
    Memory Modules Infected:
    (No malicious items detected)
    Registry Keys Infected:
    (No malicious items detected)
    Registry Values Infected:
    (No malicious items detected)
    Registry Data Items Infected:
    (No malicious items detected)
    Folders Infected:
    (No malicious items detected)
    Files Infected:
    (No malicious items detected)

    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com
    Generated 04/09/2012 at 04:35 PM
    Application Version : 5.0.1146
    Core Rules Database Version : 8424
    Trace Rules Database Version: 6236
    Scan type : Complete Scan
    Total Scan Time : 02:08:10
    Operating System Information
    Windows 7 Home Premium 64-bit (Build 6.01.7600)
    UAC Off - Administrator
    Memory items scanned : 797
    Memory threats detected : 0
    Registry items scanned : 67447
    Registry threats detected : 0
    File items scanned : 476424
    File threats detected : 81
    Adware.Tracking Cookie
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /ad.360yield ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /ad.yieldmanager ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\tony@adbrite[1].txt [ /adbrite ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\tony@adform[2].txt [ /adform ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\tony@adinterax[2].txt [ /adinterax ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /ads.pubmatic ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /adserver.adtechus ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\tony@adtech[2].txt [ /adtech ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\tony@adviva[1].txt [ /adviva ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /aimfar.solution.weborama ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\tony@apmebf[1].txt [ /apmebf ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\tony@apmebf[2].txt [ /apmebf ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /c.atdmt ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /c.gigcount ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\tony@clickfuse[2].txt [ /clickfuse ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\tony@dmtracker[2].txt [ /dmtracker ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\tony@doubleclick[1].txt [ /doubleclick ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\tony@doubleclick[3].txt [ /doubleclick ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /eaeacom.112.2o7 ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /eas.apm.emediate ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /edge.jeetyetmedia ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\tony@fastclick[2].txt [ /fastclick ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /h.atdmt ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\tony@imrworldwide[2].txt [ /imrworldwide ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /in.getclicky ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\tony@invitemedia[2].txt [ /invitemedia ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\tony@jeetyetmedia[1].txt [ /jeetyetmedia ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\tony@kontera[1].txt [ /kontera ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\tony@liveperson[1].txt [ /liveperson ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\tony@media6degrees[2].txt [ /media6degrees ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\tony@mediaplex[2].txt [ /mediaplex ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\tony@qksrv[1].txt [ /qksrv ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\tony@revsci[2].txt [ /revsci ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\tony@serving-sys[1].txt [ /serving-sys ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\tony@smartadserver[1].txt [ /smartadserver ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\tony@specificclick[1].txt [ /specificclick ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /tracking.dc-storm ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\tony@tribalfusion[1].txt [ /tribalfusion ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\tony@tribalfusion[3].txt [ /tribalfusion ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\tony@virginmedia[1].txt [ /virginmedia ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /www.googleadservices ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /www4.smartadserver ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\tony@zedo[1].txt [ /zedo ]
    C:\Users\tony\AppData\Roaming\Microsoft\Windows\Cookies\tony@rambler[1].txt [ /rambler.ru ]
    C:\USERS\TONY\AppData\Roaming\Microsoft\Windows\Cookies\tony@clkads[3].txt [ Cookie:[email protected]/adServe ]
    C:\USERS\TONY\Cookies\tony@smartadserver[1].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\Cookies\tony@adbrite[1].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\Cookies\tony@media6degrees[2].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\Cookies\tony@adviva[1].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\Cookies\tony@adform[2].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\Cookies\tony@apmebf[2].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\Cookies\tony@invitemedia[2].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\Cookies\tony@zedo[1].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\Cookies\tony@adinterax[2].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\Cookies\tony@fastclick[2].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\Cookies\tony@serving-sys[1].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\Cookies\tony@doubleclick[3].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\Cookies\tony@specificclick[1].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\Cookies\tony@virginmedia[1].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\Cookies\tony@clickfuse[2].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\Cookies\tony@imrworldwide[2].txt [ Cookie:[email protected]/cgi-bin ]
    C:\USERS\TONY\Cookies\tony@tribalfusion[3].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\Cookies\tony@adtech[2].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\Cookies\tony@revsci[2].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\Cookies\tony@mediaplex[2].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\Cookies\tony@rambler[1].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\Cookies\tony@jeetyetmedia[1].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\Cookies\tony@qksrv[1].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\Cookies\tony@dmtracker[2].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\Cookies\tony@clkads[3].txt [ Cookie:[email protected]/adServe ]
    C:\USERS\TONY\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
    C:\USERS\TONY\APPDATA\LOCAL\TEMP\COOKIES\[email protected][1].TXT [ /AD.YIELDMANAGER ]
    C:\USERS\TONY\APPDATA\LOCAL\TEMP\COOKIES\TONY@DOUBLECLICK[1].TXT [ /DOUBLECLICK ]
    Adware.InstallCore
    C:\DOWNLOADS\DESKTOP\ADLSOFT_UNCOMPRESSOR_1.EXE
    Iwill dlete the infections onSuperanti now and enclose second log?? if necessary!
    I do actualy play the games that are on my PC have been an online gamer for MAY years but still not very good at it :)

    The pc is indeed an HP Model is P636 uk
    Serial Number is CZH00306VF
    Prod is WE170AA-ABU.

    I shall be more than happy to provide any other info (if I can find it !!)
     
  8. obxtony

    obxtony Thread Starter

    Joined:
    Aug 17, 2008
    Messages:
    117
    oops I am so sorry I forgot to do another Hijak this log.
    Here it is!!
    23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    O23 - Service: Bandoo Coordinator - Unknown owner - C:\PROGRA~2\Bandoo\Bandoo.exe (file missing)
    O23 - Service: CDMA Device Service - Unknown owner - C:\Program Files (x86)\Samsung\USB Drivers\26_VIA_driver2\amd64\VIAService.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
    O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\570\g2aservice.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
    O23 - Service: McciCMService64 - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    Please be aware I have deleted (after paying for it!!) the Dr (?) antivirus, it kept popping up even though I had stopped it.
    Rwgards and thanks again
    Tony Cahill
    --
    End of file - 21080 bytes
     
  9. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,686
    Tony:

    1.50.1.1100 is an old version of Malwarebytes Anti-Malware.

    The current version is 1.60.1.1000.

    You need to start it, then click "Update - Check For Updates" so it can update its definition files and update to the current version.

    I'll leave it to Eddie to decide if you need to run a new scan and submit a new log.

    --------------------------------------------------

    I'm not having any luck at the HP/Compaq support site with the model number and the product number that you submitted, so you probably submitted them here incorrectly.

    We really need to get that desktop correctly identified.

    --------------------------------------------------
     
  10. obxtony

    obxtony Thread Starter

    Joined:
    Aug 17, 2008
    Messages:
    117
    info from dx diag;
    ------------------
    System Information
    ------------------
    Time of this report: 4/9/2012, 19:13:29
    Machine name: TONY-PC
    Operating System: Windows 7 Home Premium 64-bit (6.1, Build 7600) (7600.win7_gdr.110408-1633)
    Language: English (Regional Setting: English)
    System Manufacturer: HP-Pavilion
    System Model: WE170AA-ABU p6360uk
    BIOS: 12/21/09 17:01:03 Ver: 5.07
    Processor: Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz (8 CPUs), ~2.8GHz
    Memory: 6144MB RAM
    Available OS Memory: 6104MB RAM
    Page File: 2945MB used, 9258MB available
    Windows Dir: C:\Windows
    DirectX Version: DirectX 11
    DX Setup Parameters: Not found
    User DPI Setting: 120 DPI (125 percent)
    System DPI Setting: 96 DPI (100 percent)
    DWM DPI Scaling: Disabled
    DxDiag Version: 6.01.7600.16385 32bit Unicode
    ------------
    I can find nothing else on the machine Im afraid.
    oh btw after doing the TFC there are 13 greyed out icons on my desktop, all with old dates on them!!
     
  11. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,686
    Tony:

    Here is the support site for the HP Pavilion p6360uk desktop.

    You might want to add and save this site in your browser favorites/bookmarks list so you can readily refer to it whenever needed.

    Here is the section on how to do a system recovery, if it becomes necessary.

    It doesn't appear that a recovery disc kit for that desktop is available for purchase, so hopefully the built-in system recovery partition in yours is still intact.

    --------------------------------------------------------
     
  12. obxtony

    obxtony Thread Starter

    Joined:
    Aug 17, 2008
    Messages:
    117
    It wont allow me to make a bck up nor will it allow me to restore to an earlier date!!
    REALY up the creak
     
  13. obxtony

    obxtony Thread Starter

    Joined:
    Aug 17, 2008
    Messages:
    117
    added it!
     
  14. obxtony

    obxtony Thread Starter

    Joined:
    Aug 17, 2008
    Messages:
    117
    also running another MWB full scan
     
  15. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    28,801
    Hopefully once we get the malware gone, we'll get the restore points working again. Sometimes the malware will block access to Microsoft programs ;)

    If you update Malwarebytes Anti-Malware to the newer version as flavallee explained above and run a scan, that would be great. If anything is found, remove them, and post the log. If it still shows as nothing then you don't need to post it :)

    As for the games, that's okay, we'll leave those installed :)

    Let me know when you've run the scan, a Quick Scan should be okay. Then, we'll go to the next step :)

    eddie
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1048182