1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

PLEASE HELP DINPUT8.dll error and system slow

Discussion in 'Windows 7' started by Pleazin4u, Jul 20, 2013.

Thread Status:
Not open for further replies.
Advertisement
  1. Pleazin4u

    Pleazin4u Thread Starter

    Joined:
    Oct 19, 2003
    Messages:
    224
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 2:23:59 PM, on 7/20/2013
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16496)
    Boot mode: Normal

    Running processes:
    C:\Users\OUR\AppData\Roaming\SearchProtect\bin\cltmng.exe
    C:\Program Files (x86)\Verizon\VSP\VerizonServicepoint.exe
    C:\Program Files\HotShot\otshot.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    C:\Windows\SysWOW64\DllHost.exe
    C:\Program Files (x86)\Verizon\VSP\VerizonServicepointComHandler.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Users\OUR\Downloads\HijackThis (1).exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/?

    publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=US&userid=ba1d9ed1-5467-47dc-b0b8-

    83ace18e07fe&searchtype=ds&q={searchTerms}
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/?

    publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=US&userid=ba1d9ed1-5467-47dc-b0b8-

    83ace18e07fe&searchtype=ds&q={searchTerms}
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/?

    publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=US&userid=ba1d9ed1-5467-47dc-b0b8-

    83ace18e07fe&searchtype=ds&q={searchTerms}
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/?

    publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=US&userid=ba1d9ed1-5467-47dc-b0b8-

    83ace18e07fe&searchtype=ds&q={searchTerms}
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: DivX Browser Bar Toolbar - {77e8143b-6759-416e-b521-82cfed75150b} - C:\Program Files

    (x86)\DivX_Browser_Bar\prxtbDivX.dll
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:

    \Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
    O2 - BHO: BHO_PROJECT - {625F420E-A4A9-4B40-BC23-716C1C43893A} - (no file)
    O2 - BHO: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\PROGRA~2\Funmoods\1.5.23.22\bh

    \escort.dll (file missing)
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: DivX Browser Bar - {77e8143b-6759-416e-b521-82cfed75150b} - C:\Program Files (x86)\DivX_Browser_Bar\prxtbDivX.dll
    O2 - BHO: IEExtension.VDownloaderBHO - {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - mscoree.dll (file missing)
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore

    \ScriptSn.20120823223625.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files

    \Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar

    \searchqudtx.dll (file missing)
    O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\SEARCH~1\Datamngr\BROWSE~1.DLL (file

    missing)
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files

    (x86)\Windows Live\Companion\companioncore.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar

    \GoogleToolbar_32.dll
    O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O2 - BHO: Vgrabber - {b2ed7faf-72a0-46d1-9d9d-602226f5cb9f} - C:\Program Files (x86)\Vgrabber\prxtbVgr1.dll
    O2 - BHO: FCTBPos00Pos - {BFE4B5CB-63F7-4A51-9266-6167655D5B4F} - C:\Program Files (x86)\Dogpile Bundle Toolbar\Toolbar.dll
    O2 - BHO: WhiteSmoke US - {cce665dd-f6dd-4808-968e-eaec971f70ef} - C:\Program Files (x86)\WhiteSmoke_US\prxtbWhit.dll
    O2 - BHO: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~2\INBOXT~1\Inbox.dll (file missing)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin

    \jp2ssv.dll
    O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar

    \searchqudtx.dll (file missing)
    O3 - Toolbar: Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\PROGRA~2\Funmoods\1.5.23.22\escorTlbr.dll

    (file missing)
    O3 - Toolbar: (no name) - !{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - (no file)
    O3 - Toolbar: (no name) - !{b2ed7faf-72a0-46d1-9d9d-602226f5cb9f} - (no file)
    O3 - Toolbar: (no name) - !{C80BDEB2-8735-44C6-BD55-A1CCD555667A} - (no file)
    O3 - Toolbar: (no name) - !{cce665dd-f6dd-4808-968e-eaec971f70ef} - (no file)
    O3 - Toolbar: (no name) - !{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
    O3 - Toolbar: (no name) - !{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
    O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee

    \SITEAD~1\mcieplg.dll
    O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
    O3 - Toolbar: &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~2\INBOXT~1\Inbox.dll (file missing)
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar

    \GoogleToolbar_32.dll
    O3 - Toolbar: DivX Browser Bar Toolbar - {77e8143b-6759-416e-b521-82cfed75150b} - C:\Program Files (x86)\DivX_Browser_Bar

    \prxtbDivX.dll
    O4 - HKLM\..\Run: [VerizonServicepoint.exe] "C:\Program Files (x86)\Verizon\VSP\VerizonServicepoint.exe" /AUTORUN
    O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    O4 - HKLM\..\Run: [HotShot] c:\program files\HotShot\otshot.exe -minimize
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SMessaging] C:\Users\OUR\AppData\Local\Strongvault Online Backup\SMessaging.exe
    O4 - HKLM\..\Run: [OtShot] C:\Program Files (x86)\OtShot\otshot.exe -minimize
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
    O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
    O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    O4 - HKCU\..\Run: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Google Update] "C:\Users\OUR\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [DW7] "C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe"
    O4 - HKCU\..\Run: [SearchProtect] C:\Users\OUR\AppData\Roaming\SearchProtect\bin\cltmng.exe
    O4 - Startup: GameStop Now.lnk = C:\Program Files (x86)\GameStop App\Now\GameStopNow.exe
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-

    243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-

    D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-

    491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivX Plus Web Player Object) -

    http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
    O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~2\INBOXT~1\Inbox.dll (file missing)
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery

    \AlbumDownloadProtocolHandler.dll
    O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service

    \Bin\ACService.exe
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common

    Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Unknown owner - C:\Windows

    \SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Search Protect by Conduit Updater (CltMngSvc) - Conduit - C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater

    \GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver

    \1050\Intel 32\IDriverT.exe
    O23 - Service: IHA_MessageCenter - Verizon - C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin

    \Verizon_IHAMessageCenter.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
    O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe
    O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost

    \McSvHost.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost

    \McSvHost.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
    O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost

    \McSvHost.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file

    missing)
    O23 - Service: OtShotUpdateService - Unknown owner - C:\Program Files (x86)\OtShot\OtshotUpdateServiceEx.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file

    missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file

    missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Sendoriv1 - Sendori, Inc. - C:\Program Files (x86)\Sendori\SendoriSvc.exe
    O23 - Service: ServicepointService - Radialpoint Inc. - C:\Program Files (x86)\Verizon\VSP\ServicepointService.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file

    missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: SupportSoft Sprocket Service (verizondm) (sprtsvc_verizondm) - SupportSoft, Inc. - C:\Program Files (x86)\VERIZONDM

    \bin\sprtsvc.exe
    O23 - Service: SupportSoft Repair Service (verizondm) (tgsrvc_verizondm) - SupportSoft, Inc. - C:\Program Files (x86)\VERIZONDM\bin

    \tgsrvc.exe
    O23 - Service: Trusted Installer - Unknown owner - C:\Windows\SysWOW64\TrustedInstaller.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file

    missing)
    O23 - Service: WhiteSmoke Updater Service (UpdaterService) - Unknown owner - C:\ProgramData\UpdaterService\wsupdsvc.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat

    \WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file

    missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem

    \WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program

    Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    *********************************************************************************************************************************
    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16496 BrowserJavaVersion: 10.21.2
    Run by OUR at 14:25:25 on 2013-07-20
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3895.2521 [GMT -4:00]
    .
    AV: Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
    SP: Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
    C:\Windows\system32\taskhost.exe
    c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\mfevtps.exe
    C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe
    C:\Program Files (x86)\OtShot\OtshotUpdateServiceEx.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Verizon\VSP\ServicepointService.exe
    C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe
    C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe
    C:\Users\OUR\AppData\Roaming\SearchProtect\bin\cltmng.exe
    C:\Program Files (x86)\Verizon\VSP\VerizonServicepoint.exe
    C:\Program Files\McAfee.com\Agent\mcagent.exe
    C:\Program Files\HotShot\otshot.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    C:\Windows\SysWOW64\DllHost.exe
    C:\ProgramData\UpdaterService\wsupdsvc.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    C:\ProgramData\UpdaterService\wsupdsvc.exe
    C:\Program Files (x86)\Sendori\SendoriSvc.exe
    C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\Verizon\VSP\VerizonServicepointComHandler.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\SysWOW64\DllHost.exe
    C:\Windows\SysWOW64\schtasks.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\SysWOW64\TrustedInstaller.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\svchost.exe -k defragsvc
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Users\OUR\Downloads\HijackThis (1).exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Windows\sysWOW64\wbem\wmiprvse.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uSearch Bar = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=US&userid=ba1d9ed1-5467-47dc-b0b8-83ace18e07fe&searchtype=ds&q={searchTerms}
    uSearch Page = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=US&userid=ba1d9ed1-5467-47dc-b0b8-83ace18e07fe&searchtype=ds&q={searchTerms}
    uSearchAssistant = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=US&userid=ba1d9ed1-5467-47dc-b0b8-83ace18e07fe&searchtype=ds&q={searchTerms}
    uURLSearchHooks: DivX Browser Bar Toolbar: {77e8143b-6759-416e-b521-82cfed75150b} - C:\Program Files (x86)\DivX_Browser_Bar\prxtbDivX.dll
    mURLSearchHooks: Vgrabber Toolbar: {b2ed7faf-72a0-46d1-9d9d-602226f5cb9f} - C:\Program Files (x86)\vGrabber\prxtbVgr1.dll
    mURLSearchHooks: WhiteSmoke US Toolbar: {cce665dd-f6dd-4808-968e-eaec971f70ef} - C:\Program Files (x86)\WhiteSmoke_US\prxtbWhit.dll
    mURLSearchHooks: DivX Browser Bar Toolbar: {77e8143b-6759-416e-b521-82cfed75150b} - C:\Program Files (x86)\DivX_Browser_Bar\prxtbDivX.dll
    mWinlogon: Userinit = userinit.exe
    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
    BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
    BHO: {625F420E-A4A9-4B40-BC23-716C1C43893A} - <orphaned>
    BHO: Funmoods Helper Object: {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} -
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: DivX Browser Bar Toolbar: {77e8143b-6759-416e-b521-82cfed75150b} - C:\Program Files (x86)\DivX_Browser_Bar\prxtbDivX.dll
    BHO: IEExtension.VDownloaderBHO: {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} -
    BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120823223625.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} -
    BHO: DataMngr: {9D717F81-9148-4f12-8568-69135F087DB0} -
    BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
    BHO: Vgrabber Toolbar: {b2ed7faf-72a0-46d1-9d9d-602226f5cb9f} - C:\Program Files (x86)\vGrabber\prxtbVgr1.dll
    BHO: Dogpile Bundle Toolbar BHO: {BFE4B5CB-63F7-4A51-9266-6167655D5B4F} - C:\Program Files (x86)\Dogpile Bundle Toolbar\Toolbar.dll
    BHO: WhiteSmoke US Toolbar: {cce665dd-f6dd-4808-968e-eaec971f70ef} - C:\Program Files (x86)\WhiteSmoke_US\prxtbWhit.dll
    BHO: Inbox Toolbar: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Vgrabber Toolbar: {B2ED7FAF-72A0-46D1-9D9D-602226F5CB9F} - C:\Program Files (x86)\vGrabber\prxtbVgr1.dll
    TB: WhiteSmoke US Toolbar: {CCE665DD-F6DD-4808-968E-EAEC971F70EF} - C:\Program Files (x86)\WhiteSmoke_US\prxtbWhit.dll
    TB: Dogpile Bundle Toolbar: {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - C:\Program Files (x86)\Dogpile Bundle Toolbar\Toolbar.dll
    TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} -
    TB: Funmoods Toolbar: {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} -
    TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
    TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
    TB: &Inbox Toolbar: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} -
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: DivX Browser Bar Toolbar: {77e8143b-6759-416e-b521-82cfed75150b} - C:\Program Files (x86)\DivX_Browser_Bar\prxtbDivX.dll
    uRun: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
    uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    uRun: [Google Update] "C:\Users\OUR\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [DW7] "C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe"
    uRun: [SearchProtect] C:\Users\OUR\AppData\Roaming\SearchProtect\bin\cltmng.exe
    mRun: [VerizonServicepoint.exe] "C:\Program Files (x86)\Verizon\VSP\VerizonServicepoint.exe" /AUTORUN
    mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    mRun: [HotShot] c:\program files\HotShot\otshot.exe -minimize
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [SMessaging] C:\Users\OUR\AppData\Local\Strongvault Online Backup\SMessaging.exe
    mRun: [OtShot] C:\Program Files (x86)\OtShot\otshot.exe -minimize
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
    mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
    mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    StartupFolder: C:\Users\OUR\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\GAMEST~1.LNK - C:\Program Files (x86)\GameStop App\Now\GameStopNow.exe
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
    DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
    TCP: NameServer = 192.168.1.1
    TCP: Interfaces\{D5C959FC-6D08-46B1-BD37-E39F19F2F3FB} : DHCPNameServer = 192.168.1.1
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
    Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} -
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120823223625.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: DataMngr: {9D717F81-9148-4f12-8568-69135F087DB0} -
    x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
    x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
    x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
    x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-Run: [VDownloader] C:\Program Files\VDownloader\VDownloader.exe /silent
    x64-DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
    x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
    x64-Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - <orphaned>
    x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    x64-mASetup: {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\Windows\System32\ieudinit.exe
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2012-8-23 771536]
    R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2012-8-23 340216]
    R2 CltMngSvc;Search Protect by Conduit Updater;C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [2013-5-8 97056]
    R2 IHA_MessageCenter;IHA_MessageCenter;C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2011-12-12 352248]
    R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [2013-2-13 103472]
    R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-10-26 201304]
    R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-10-26 201304]
    R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-10-26 201304]
    R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2012-8-23 241456]
    R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2012-8-23 218760]
    R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2012-8-23 182752]
    R2 OtShotUpdateService;OtShotUpdateService;C:\Program Files (x86)\OtShot\OtshotUpdateServiceEx.exe [2012-12-19 282624]
    R2 Sendoriv1;Sendoriv1;C:\Program Files (x86)\Sendori\SendoriSvc.exe [2012-12-10 118632]
    R2 ServicepointService;ServicepointService;C:\Program Files (x86)\Verizon\VSP\ServicepointService.exe [2012-8-22 689464]
    R2 sprtsvc_verizondm;SupportSoft Sprocket Service (verizondm);C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe [2011-12-1 206120]
    R2 tgsrvc_verizondm;SupportSoft Repair Service (verizondm);C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe [2011-12-1 185640]
    R2 Trusted Installer;Trusted Installer;C:\Windows\SysWOW64\TrustedInstaller.exe [2013-7-5 402944]
    R2 UpdaterService;WhiteSmoke Updater Service;C:\ProgramData\UpdaterService\wsupdsvc.exe [2012-5-6 549744]
    R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2012-8-23 70112]
    R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
    R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2012-8-23 309840]
    R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2012-8-23 515968]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
    S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-11-18 48488]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
    S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2012-10-26 196440]
    S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2012-8-23 225216]
    S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2012-8-23 106552]
    S3 SWDUMon;SWDUMon;C:\Windows\System32\drivers\SWDUMon.sys [2012-5-9 15672]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-10-3 59392]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-10-2 1255736]
    S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-10-26 201304]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2013-07-20 18:02:28 -------- d-----w- C:\Program Files (x86)\DivX_Browser_Bar
    2013-07-20 18:01:52 -------- d-----w- C:\Program Files (x86)\SearchProtect
    2013-07-20 18:01:49 -------- d-----w- C:\Users\OUR\AppData\Roaming\SearchProtect
    2013-07-20 18:01:40 81768 ----a-w- C:\ministub.exe
    2013-07-20 18:01:39 -------- d-----w- C:\ProgramData\Conduit
    2013-07-20 17:15:22 -------- d-----w- C:\Program Files (x86)\Cheat Engine 6.2
    2013-07-19 13:57:31 9460976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C21C09B1-1872-4B43-BB9B-22AEF6532AB4}\mpengine.dll
    2013-07-09 22:31:42 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll
    2013-07-06 00:59:14 402944 ----a-w- C:\Windows\SysWow64\uti.exe
    2013-07-06 00:59:12 402944 ----a-w- C:\Windows\SysWow64\TrustedInstaller.exe
    2013-06-26 18:25:17 -------- d-----w- C:\Windows\SysWow64\config
    2013-06-25 17:07:54 -------- d-----w- C:\Users\OUR\AppData\Local\{2621EEC9-083D-49A1-AD86-201FC70FEA93}
    2013-06-23 22:11:45 -------- d-----w- C:\Users\OUR\AppData\Local\{5A49D15E-39DE-4A26-8D4E-B3778414DFD1}
    2013-06-21 16:09:20 -------- d-----w- C:\Users\OUR\AppData\Local\{DFAF9E06-FE5E-4E28-A6AF-A922CADA3A63}
    .
    ==================== Find3M ====================
    .
    2013-07-20 18:07:24 15672 ----a-w- C:\Windows\System32\drivers\SWDUMon.sys
    2013-06-05 03:34:27 3153920 ----a-w- C:\Windows\System32\win32k.sys
    2013-06-04 06:00:13 624128 ----a-w- C:\Windows\System32\qedit.dll
    2013-06-04 04:53:07 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
    2013-05-29 05:43:16 2312704 ----a-w- C:\Windows\System32\jscript9.dll
    2013-05-29 05:35:44 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2013-05-29 05:34:14 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2013-05-29 05:29:56 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2013-05-29 05:29:02 599040 ----a-w- C:\Windows\System32\vbscript.dll
    2013-05-29 05:25:09 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2013-05-29 01:50:14 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2013-05-29 01:41:52 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2013-05-29 01:41:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2013-05-29 01:37:15 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2013-05-29 01:36:09 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2013-05-29 01:33:22 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
    2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
    2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
    2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
    2013-05-13 04:45:55 1160192 ------w- C:\Windows\SysWow64\crypt32.dll
    2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
    2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
    2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2013-05-08 06:10:12 770384 ----a-w- C:\Windows\SysWow64\msvcr100.dll
    2013-05-08 06:10:12 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll
    2013-05-06 06:03:49 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL
    2013-05-06 04:56:35 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
    2013-05-02 06:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe
    2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll
    2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
    2010-01-26 15:11:08 444283 ----a-w- C:\Program Files\Common Files\WinPcapNmap.exe
    *******************************************************************************************************************************
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 10/2/2011 6:06:25 PM
    System Uptime: 7/20/2013 2:05:54 PM (0 hours ago)
    .
    Motherboard: Dell Inc. | | 0WXY9J
    Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz | CPU 1 | 2527/533mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 581 GiB total, 502.028 GiB free.
    D: is FIXED (NTFS) - 15 GiB total, 2.364 GiB free.
    E: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP281: 6/28/2013 1:07:15 AM - Windows Modules Installer
    RP282: 6/28/2013 3:01:18 PM - Windows Update
    RP283: 6/28/2013 8:25:23 PM - Windows Update
    RP284: 7/2/2013 9:43:34 AM - Windows Update
    RP285: 7/9/2013 5:14:18 PM - Scheduled Checkpoint
    RP286: 7/9/2013 6:26:43 PM - Windows Update
    RP287: 7/9/2013 9:31:28 PM - Windows Update
    RP288: 7/16/2013 7:47:20 PM - Windows Update
    .
    ==== Installed Programs ======================
    .
    Adobe AIR
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader XI (11.0.03)
    ArcSoft ShowBiz
    Audacity 2.0
    blinkx beat
    Cheat Engine 6.2
    D3DX10
    DivX Browser Bar Toolbar
    DivX Setup
    Dogpile Bundle Toolbar
    DriverUpdate
    Ezvid
    Google Chrome
    Google Toolbar for Internet Explorer
    Google Update Helper
    IGG Web3D Player version 1.0.0.38
    IHA_MessageCenter
    iLivid
    Java 7 Update 21
    Java Auto Updater
    JavaFX 2.1.1
    Junk Mail filter update
    McAfee Virtual Technician
    Mesh Runtime
    Messenger Companion
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Extended
    Microsoft Application Error Reporting
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft VC9 runtime libraries
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    MplayerforWindows v2011-03-27
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP3 Parser (KB2721691)
    MSXML 4.0 SP3 Parser (KB2758694)
    Redist
    ROBLOX Player for OUR
    Search Protect by conduit
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
    Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
    Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
    Shared C Run-time for x64
    Skype¬ô 5.10
    Star Trek Online
    Star Wars: The Old Republic
    Strongvault Online Backup
    swMSM
    TeamSpeak 3 Client
    The War Z - Survivor Edition
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
    Update for Microsoft .NET Framework 4 Extended (KB2468871)
    Update for Microsoft .NET Framework 4 Extended (KB2533523)
    Update for Microsoft .NET Framework 4 Extended (KB2600217)
    Update for Microsoft .NET Framework 4 Extended (KB2836939)
    USB Video/Audio Device Driver
    VC80CRTRedist - 8.0.50727.6195
    VDownloader 3.9.1280
    Verizon Download Manager
    Verizon Internet Security Suite
    Verizon Media Manager
    Verizon Servicepoint 3.7.44
    vGrabber
    Vgrabber Toolbar
    Video Player
    Vz In Home Agent
    WhiteSmoke Updater Service
    WhiteSmoke US Toolbar
    WhiteSmokeTranslator
    Windows iLivid Toolbar
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Language Selector
    Windows Live Mail
    Windows Live Mesh
    Windows Live Messenger
    Windows Live Messenger Companion Core
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live Remote Client
    Windows Live Remote Client Resources
    Windows Live Remote Service
    Windows Live Remote Service Resources
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    .
    ==== Event Viewer Messages From Past Week ========
    .
    7/20/2013 2:07:22 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Trusted Installer service to connect.
    7/20/2013 2:07:22 PM, Error: Service Control Manager [7000] - The Trusted Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    7/17/2013 11:20:15 PM, Error: Service Control Manager [7031] - The McAfee VirusScan Announcer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    7/17/2013 11:20:15 PM, Error: Service Control Manager [7031] - The McAfee Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    7/17/2013 11:20:15 PM, Error: Service Control Manager [7031] - The McAfee Proxy Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    7/17/2013 11:20:15 PM, Error: Service Control Manager [7031] - The McAfee Personal Firewall Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    7/17/2013 11:20:15 PM, Error: Service Control Manager [7031] - The McAfee Network Agent service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    7/17/2013 11:20:15 PM, Error: Service Control Manager [7031] - The McAfee Anti-Spam Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    *********************************************************************************************************************************
    GMER 2.1.19163 - http://www.gmer.net
    Rootkit scan 2013-07-20 14:39:20
    Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_HM641JI rev.2AJ10003 596.17GB
    Running: hogqrg9o.exe; Driver: C:\Users\OUR\AppData\Local\Temp\pwldapow.sys


    ---- Kernel code sections - GMER 2.1 ----

    INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 560 fffff80003205000 13 bytes [D2, 48, 8B, CB, E8, DF, C2, ...]
    INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 574 fffff8000320500e 3 bytes [00, 00, 00]

    ---- User code sections - GMER 2.1 ----

    .text C:\Program Files (x86)\Sendori\SendoriSvc.exe[3168] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000756c1401 2 bytes JMP 76fab223 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Sendori\SendoriSvc.exe[3168] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000756c1419 2 bytes JMP 76fab34e C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Sendori\SendoriSvc.exe[3168] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000756c1431 2 bytes JMP 77028979 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Sendori\SendoriSvc.exe[3168] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000756c144a 2 bytes CALL 76f848cd C:\Windows\syswow64\kernel32.dll
    .text ... * 9
    .text C:\Program Files (x86)\Sendori\SendoriSvc.exe[3168] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000756c14dd 2 bytes JMP 77028272 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Sendori\SendoriSvc.exe[3168] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000756c14f5 2 bytes JMP 77028448 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Sendori\SendoriSvc.exe[3168] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000756c150d 2 bytes JMP 77028168 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Sendori\SendoriSvc.exe[3168] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000756c1525 2 bytes JMP 77028532 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Sendori\SendoriSvc.exe[3168] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000756c153d 2 bytes JMP 76f9fcc0 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Sendori\SendoriSvc.exe[3168] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000756c1555 2 bytes JMP 76fa6907 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Sendori\SendoriSvc.exe[3168] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000756c156d 2 bytes JMP 77028a31 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Sendori\SendoriSvc.exe[3168] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000756c1585 2 bytes JMP 77028592 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Sendori\SendoriSvc.exe[3168] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000756c159d 2 bytes JMP 7702812c C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Sendori\SendoriSvc.exe[3168] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000756c15b5 2 bytes JMP 76f9fd59 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Sendori\SendoriSvc.exe[3168] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000756c15cd 2 bytes JMP 76fab2e4 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Sendori\SendoriSvc.exe[3168] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000756c16b2 2 bytes JMP 770288f4 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Sendori\SendoriSvc.exe[3168] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000756c16bd 2 bytes JMP 770280c1 C:\Windows\syswow64\kernel32.dll
    .text C:\Users\OUR\Downloads\HijackThis (1).exe[1272] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000756c1401 2 bytes JMP 76fab223 C:\Windows\syswow64\kernel32.dll
    .text C:\Users\OUR\Downloads\HijackThis (1).exe[1272] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000756c1419 2 bytes JMP 76fab34e C:\Windows\syswow64\kernel32.dll
    .text C:\Users\OUR\Downloads\HijackThis (1).exe[1272] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000756c1431 2 bytes JMP 77028979 C:\Windows\syswow64\kernel32.dll
    .text C:\Users\OUR\Downloads\HijackThis (1).exe[1272] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000756c144a 2 bytes CALL 76f848cd C:\Windows\syswow64\kernel32.dll
    .text ... * 9
    .text C:\Users\OUR\Downloads\HijackThis (1).exe[1272] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000756c14dd 2 bytes JMP 77028272 C:\Windows\syswow64\kernel32.dll
    .text C:\Users\OUR\Downloads\HijackThis (1).exe[1272] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000756c14f5 2 bytes JMP 77028448 C:\Windows\syswow64\kernel32.dll
    .text C:\Users\OUR\Downloads\HijackThis (1).exe[1272] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000756c150d 2 bytes JMP 77028168 C:\Windows\syswow64\kernel32.dll
    .text C:\Users\OUR\Downloads\HijackThis (1).exe[1272] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000756c1525 2 bytes JMP 77028532 C:\Windows\syswow64\kernel32.dll
    .text C:\Users\OUR\Downloads\HijackThis (1).exe[1272] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000756c153d 2 bytes JMP 76f9fcc0 C:\Windows\syswow64\kernel32.dll
    .text C:\Users\OUR\Downloads\HijackThis (1).exe[1272] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000756c1555 2 bytes JMP 76fa6907 C:\Windows\syswow64\kernel32.dll
    .text C:\Users\OUR\Downloads\HijackThis (1).exe[1272] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000756c156d 2 bytes JMP 77028a31 C:\Windows\syswow64\kernel32.dll
    .text C:\Users\OUR\Downloads\HijackThis (1).exe[1272] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000756c1585 2 bytes JMP 77028592 C:\Windows\syswow64\kernel32.dll
    .text C:\Users\OUR\Downloads\HijackThis (1).exe[1272] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000756c159d 2 bytes JMP 7702812c C:\Windows\syswow64\kernel32.dll
    .text C:\Users\OUR\Downloads\HijackThis (1).exe[1272] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000756c15b5 2 bytes JMP 76f9fd59 C:\Windows\syswow64\kernel32.dll
    .text C:\Users\OUR\Downloads\HijackThis (1).exe[1272] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000756c15cd 2 bytes JMP 76fab2e4 C:\Windows\syswow64\kernel32.dll
    .text C:\Users\OUR\Downloads\HijackThis (1).exe[1272] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000756c16b2 2 bytes JMP 770288f4 C:\Windows\syswow64\kernel32.dll
    .text C:\Users\OUR\Downloads\HijackThis (1).exe[1272] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000756c16bd 2 bytes JMP 770280c1 C:\Windows\syswow64\kernel32.dll

    ---- Threads - GMER 2.1 ----

    Thread C:\Windows\SysWOW64\TrustedInstaller.exe [4276:4672] 0000000000f11340

    ---- EOF - GMER 2.1 ----
     
  2. Pleazin4u

    Pleazin4u Thread Starter

    Joined:
    Oct 19, 2003
    Messages:
    224
    Please help!
     
  3. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,665
    HiJackThis 2.0.4 hasn't been updated in years, so it doesn't display properly or accurately with Windows 7 64-bit.

    However, it and the other logs do show enough to confirm that your computer is infested with threats.

    Do the following in the order listed.

    --------------------------------------------------------

    Go here, then click the large blue "Download Now @ Bleeping Computer" link to download and save AdwCleaner.exe to your desktop.

    Close all open windows first, then double-click AdwCleaner.exe to load its main window.

    Click the "Delete" button, then allow the deletion process to finish.

    Click "OK" 3 times.

    The computer will restart.

    When the log file appears, save it.

    Return here, then copy-and-paste the ENTIRE log here.

    --------------------------------------------------------

    Download and save and then install the free version of

    Malwarebytes Anti-Malware 1.75.0.1300

    SUPERAntiSpyware 5.6.0.1020

    Make sure to update their definition files during the install process.

    Make sure to uncheck and decline to install any extras, such as toolbars and homepages, they may offer.

    Make sure to uncheck and decline to use the "Pro" or "Trial" version, if it's offered.

    After they're installed and updated, restart the computer.

    DON'T do anything with them yet.

    --------------------------------------------------------
     
  4. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,665
    You appear to have a Dell Inspiron N5010 laptop.

    What's the 7-character "service tag" number on it?

    ------------------------------------------------------------
     
  5. Pleazin4u

    Pleazin4u Thread Starter

    Joined:
    Oct 19, 2003
    Messages:
    224
    # AdwCleaner v2.306 - Logfile created 07/28/2013 at 21:19:35
    # Updated 19/07/2013 by Xplode
    # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
    # User : OUR - OUR-PC
    # Boot Mode : Normal
    # Running from : C:\Users\OUR\Downloads\AdwCleaner.exe
    # Option [Delete]


    ***** [Services] *****

    Stopped & Deleted : CltMngSvc

    ***** [Files / Folders] *****

    Deleted on reboot : C:\Program Files (x86)\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
    Deleted on reboot : C:\Users\OUR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho
    File Deleted : C:\END
    File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\ask.xml
    File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
    File Deleted : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml
    File Deleted : C:\user.js
    File Deleted : C:\Users\OUR\AppData\Local\funmoods.crx
    File Deleted : C:\Users\OUR\AppData\Local\funmoods-speeddial.crx
    File Deleted : C:\Users\OUR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
    File Deleted : C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk
    Folder Deleted : C:\Program Files (x86)\Ask.com
    Folder Deleted : C:\Program Files (x86)\BasicScan
    Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
    Folder Deleted : C:\Program Files (x86)\Conduit
    Folder Deleted : C:\Program Files (x86)\DivX_Browser_Bar
    Folder Deleted : C:\Program Files (x86)\Dogpile Bundle Toolbar
    Folder Deleted : C:\Program Files (x86)\Free Ride Games
    Folder Deleted : C:\Program Files (x86)\InfoAtoms
    Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}
    Folder Deleted : C:\Program Files (x86)\OApps
    Folder Deleted : C:\Program Files (x86)\SearchProtect
    Folder Deleted : C:\Program Files (x86)\vGrabber
    Folder Deleted : C:\Program Files (x86)\WhiteSmoke_US
    Folder Deleted : C:\Program Files (x86)\Windows iLivid Toolbar
    Folder Deleted : C:\ProgramData\{08E30618-5D06-461B-BBD3-4ADFB0810824}
    Folder Deleted : C:\ProgramData\{B49A644A-1076-4A3D-B124-DAA7862F2318}
    Folder Deleted : C:\ProgramData\APN
    Folder Deleted : C:\ProgramData\Ask
    Folder Deleted : C:\ProgramData\Babylon
    Folder Deleted : C:\ProgramData\boost_interprocess
    Folder Deleted : C:\ProgramData\Conduit
    Folder Deleted : C:\ProgramData\IBUpdaterService
    Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ilivid
    Folder Deleted : C:\ProgramData\Tarma Installer
    Folder Deleted : C:\ProgramData\WeCareReminder
    Folder Deleted : C:\Users\OUR\AppData\Local\APN
    Folder Deleted : C:\Users\OUR\AppData\Local\Conduit
    Folder Deleted : C:\Users\OUR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho
    Folder Deleted : C:\Users\OUR\AppData\Local\Ilivid
    Folder Deleted : C:\Users\OUR\AppData\Local\Ilivid Player
    Folder Deleted : C:\Users\OUR\AppData\Local\OpenCandy
    Folder Deleted : C:\Users\OUR\AppData\Local\PackageAware
    Folder Deleted : C:\Users\OUR\AppData\Local\Wajam
    Folder Deleted : C:\Users\OUR\AppData\Local\Zoom_Downloader
    Folder Deleted : C:\Users\OUR\AppData\LocalLow\AskToolbar
    Folder Deleted : C:\Users\OUR\AppData\LocalLow\BabylonToolbar
    Folder Deleted : C:\Users\OUR\AppData\LocalLow\boost_interprocess
    Folder Deleted : C:\Users\OUR\AppData\LocalLow\Claro LTD
    Folder Deleted : C:\Users\OUR\AppData\LocalLow\Conduit
    Folder Deleted : C:\Users\OUR\AppData\LocalLow\delta
    Folder Deleted : C:\Users\OUR\AppData\LocalLow\DivX_Browser_Bar
    Folder Deleted : C:\Users\OUR\AppData\LocalLow\Funmoods
    Folder Deleted : C:\Users\OUR\AppData\LocalLow\PriceGong
    Folder Deleted : C:\Users\OUR\AppData\LocalLow\searchquband
    Folder Deleted : C:\Users\OUR\AppData\LocalLow\Searchqutoolbar
    Folder Deleted : C:\Users\OUR\AppData\LocalLow\searchresultstb
    Folder Deleted : C:\Users\OUR\AppData\LocalLow\vGrabber
    Folder Deleted : C:\Users\OUR\AppData\LocalLow\WhiteSmoke_US
    Folder Deleted : C:\Users\OUR\AppData\Roaming\Babylon
    Folder Deleted : C:\Users\OUR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dogpile Bundle Toolbar
    Folder Deleted : C:\Users\OUR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\vGrabber
    Folder Deleted : C:\Users\OUR\AppData\Roaming\OpenCandy
    Folder Deleted : C:\Users\OUR\AppData\Roaming\PerformerSoft
    Folder Deleted : C:\Users\OUR\AppData\Roaming\SearchProtect
    Folder Deleted : C:\Users\OUR\Documents\ShopToWin
    Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

    ***** [Registry] *****

    Key Deleted : HKCU\Software\Alexa Internet
    Key Deleted : HKCU\Software\APN PIP
    Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
    Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
    Key Deleted : HKCU\Software\AppDataLow\Software\DivX_Browser_Bar
    Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
    Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
    Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
    Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
    Key Deleted : HKCU\Software\AppDataLow\Software\Vgrabber
    Key Deleted : HKCU\Software\AppDataLow\Software\WhiteSmoke_US
    Key Deleted : HKCU\Software\AppDataLow\Toolbar
    Key Deleted : HKCU\Software\BabylonToolbar
    Key Deleted : HKCU\Software\Conduit
    Key Deleted : HKCU\Software\Cr_Installer
    Key Deleted : HKCU\Software\DataMngr
    Key Deleted : HKCU\Software\DataMngr_Toolbar
    Key Deleted : HKCU\Software\Default Tab
    Key Deleted : HKCU\Software\Google\Chrome\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
    Key Deleted : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
    Key Deleted : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
    Key Deleted : HKCU\Software\Google\Chrome\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho
    Key Deleted : HKCU\Software\IGearSettings
    Key Deleted : HKCU\Software\ilivid
    Key Deleted : HKCU\Software\InstallCore
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{625F420E-A4A9-4B40-BC23-716C1C43893A}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{77E8143B-6759-416E-B521-82CFED75150B}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B278D9F8-0FA9-465E-9938-0C392605D8E3}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B2ED7FAF-72A0-46D1-9D9D-602226F5CB9F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BFE4B5CB-63F7-4A51-9266-6167655D5B4F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C80BDEB2-8735-44C6-BD55-A1CCD555667A}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCE665DD-F6DD-4808-968E-EAEC971F70EF}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{042DA63B-0933-403D-9395-B49307691690}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{77E8143B-6759-416E-B521-82CFED75150B}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2ED7FAF-72A0-46D1-9D9D-602226F5CB9F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BFE4B5CB-63F7-4A51-9266-6167655D5B4F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C80BDEB2-8735-44C6-BD55-A1CCD555667A}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCE665DD-F6DD-4808-968E-EAEC971F70EF}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E3CB8E43-F1A0-472F-9663-7D280B3219B2}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FBAD2F6E-E013-4789-A7E4-9D24DB6701C8}
    Key Deleted : HKCU\Software\SearchProtect
    Key Deleted : HKCU\Software\SmartBar
    Key Deleted : HKCU\Software\Softonic
    Key Deleted : HKCU\Software\wecarereminder
    Key Deleted : HKCU\Software\Zugo
    Key Deleted : HKCU\Software\5257dfdee56ebf14
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
    Key Deleted : HKLM\Software\Babylon
    Key Deleted : HKLM\Software\BrowserMngr
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1F02FB61-2BE5-4C16-8199-AEAA16EB0342}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
    Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
    Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
    Key Deleted : HKLM\SOFTWARE\Classes\f
    Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060231.FCTB000060231Pos
    Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060231.FCTB000060231Pos.1
    Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060231.IEToolbar
    Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060231.IEToolbar.1
    Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060231.JSOptionsImpl
    Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060231.JSOptionsImpl.1
    Key Deleted : HKLM\SOFTWARE\Classes\funmoods.dskBnd
    Key Deleted : HKLM\SOFTWARE\Classes\funmoods.dskBnd.1
    Key Deleted : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr
    Key Deleted : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1
    Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore
    Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1
    Key Deleted : HKLM\SOFTWARE\Classes\Inbox.AppServer
    Key Deleted : HKLM\SOFTWARE\Classes\Inbox.IBX404
    Key Deleted : HKLM\SOFTWARE\Classes\Inbox.JSServer
    Key Deleted : HKLM\SOFTWARE\Classes\Inbox.Toolbar
    Key Deleted : HKLM\Software\Classes\Installer\Features\2B1E51D87B2D71A44BB42DDD5E894160
    Key Deleted : HKLM\Software\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160
    Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
    Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\inbox
    Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
    Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
    Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3059010
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3198785
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3285873
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3288691
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B00FE392-639D-4688-976E-A1BFF368CB96}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DA9FC525-41ED-4C00-B046-946DA7CDD305}
    Key Deleted : HKLM\Software\Conduit
    Key Deleted : HKLM\Software\DataMngr
    Key Deleted : HKLM\Software\Default Tab
    Key Deleted : HKLM\Software\DivX_Browser_Bar
    Key Deleted : HKLM\Software\Freeze.com
    Key Deleted : HKLM\Software\iLividSRTB
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Giant Savings Extension_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Giant Savings Extension_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Giant Savings Extension-InternalInstaller_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Giant Savings Extension-InternalInstaller_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SavingsApp_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SavingsApp_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{625F420E-A4A9-4B40-BC23-716C1C43893A}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DD937C23-9304-4E9E-9FD3-0E00B88E2C2E}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\Software\PIP
    Key Deleted : HKLM\Software\SearchProtect
    Key Deleted : HKLM\Software\Vgrabber
    Key Deleted : HKLM\Software\WhiteSmoke_US
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\5257dfdee56ebf14
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{77E8143B-6759-416E-B521-82CFED75150B}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B2ED7FAF-72A0-46D1-9D9D-602226F5CB9F}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BFE4B5CB-63F7-4A51-9266-6167655D5B4F}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C80BDEB2-8735-44C6-BD55-A1CCD555667A}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CCE665DD-F6DD-4808-968E-EAEC971F70EF}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DD937C23-9304-4E9E-9FD3-0E00B88E2C2E}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F78BF7A8-CF12-4DE7-A6DA-C463D1B539A7}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\FCTB000060231
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{014A8002-C1D7-4CD9-AE50-56955B12D19B}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0921E168-475C-425A-A4AF-98F80CB0218E}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57F5001D-1C63-468A-9AF6-D4A1F575901B}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{625F420E-A4A9-4B40-BC23-716C1C43893A}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9640F148-ED1D-406B-9184-E3B06EAD9D8E}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF8DACD-773E-4FDA-B76B-C30BBEEA48B6}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB977155-E45E-4DC6-8DD2-CCEA2BD2B542}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{625F420E-A4A9-4B40-BC23-716C1C43893A}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77E8143B-6759-416E-B521-82CFED75150B}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B2ED7FAF-72A0-46D1-9D9D-602226F5CB9F}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BFE4B5CB-63F7-4A51-9266-6167655D5B4F}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CCE665DD-F6DD-4808-968E-EAEC971F70EF}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Amazon Browser Bar
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DivX_Browser_Bar Toolbar
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Vgrabber
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Vgrabber Toolbar
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WhiteSmoke_US Toolbar
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Windows Searchqu Toolbar
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
    Key Deleted : HKLM\SOFTWARE\DataMngr
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
    Key Deleted : HKLM\SOFTWARE\Tarma Installer
    Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
    Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{B2ED7FAF-72A0-46D1-9D9D-602226F5CB9F}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C80BDEB2-8735-44C6-BD55-A1CCD555667A}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCE665DD-F6DD-4808-968E-EAEC971F70EF}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{77E8143B-6759-416E-B521-82CFED75150B}]
    Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [searchprotect]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{77E8143B-6759-416E-B521-82CFED75150B}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{B2ED7FAF-72A0-46D1-9D9D-602226F5CB9F}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{CCE665DD-F6DD-4808-968E-EAEC971F70EF}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchProtectAll]
    Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{77E8143B-6759-416E-B521-82CFED75150B}]
    Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
    Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}]
    Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
    Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
    Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v10.0.9200.16635

    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=US&userid=ba1d9ed1-5467-47dc-b0b8-83ace18e07fe&searchtype=ds&q={searchTerms} --> hxxp://www.google.com
    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=US&userid=ba1d9ed1-5467-47dc-b0b8-83ace18e07fe&searchtype=ds&q={searchTerms} --> hxxp://www.google.com
    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=US&userid=ba1d9ed1-5467-47dc-b0b8-83ace18e07fe&searchtype=ds&q={searchTerms} --> hxxp://www.google.com
    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=US&userid=ba1d9ed1-5467-47dc-b0b8-83ace18e07fe&searchtype=ds&q={searchTerms} --> hxxp://www.google.com
    Replaced : [HKCU\Software\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=US&userid=ba1d9ed1-5467-47dc-b0b8-83ace18e07fe&searchtype=ds&q={searchTerms} --> hxxp://www.google.com
    Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=US&userid=ba1d9ed1-5467-47dc-b0b8-83ace18e07fe&searchtype=ds&q={searchTerms} --> hxxp://www.google.com

    -\\ Google Chrome v28.0.1500.72

    File : C:\Users\OUR\AppData\Local\Google\Chrome\User Data\Default\Preferences

    Deleted [l.56] : icon_url = "hxxp://www.ask.com/favicon.ico",
    Deleted [l.59] : keyword = "ask.com",
    Deleted [l.63] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=63[...]
    Deleted [l.64] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms[...]

    *************************

    AdwCleaner[S1].txt - [35409 octets] - [28/07/2013 21:19:35]

    ########## EOF - C:\AdwCleaner[S1].txt - [35470 octets] ##########


    I saw there was a question about a 7 digit number .. where would I find this information?
    I'm now going forward with the rest of your instruction ..
     
  6. Pleazin4u

    Pleazin4u Thread Starter

    Joined:
    Oct 19, 2003
    Messages:
    224
    I have finished installing both programs and rebooted. Awaiting further instruction before running any scans
     
  7. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,665
    A lot of threats were found and deleted.

    Run another deletion scan with AdwCleaner, then restart the computer, then save the new log that appears, then submit it here.

    We need to confirm that everything was found and deleted during the first scan.

    Sometimes, a second scan is needed.

    -------------------------------------------------------

    There should be a "service tag" sticker on the computer.

    That 7-character number is what I want.

    -------------------------------------------------------
     
  8. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,665
    After you complete the first part of post #7, do the following in the order listed.

    ---------------------------------------------------------

    Start Malwarebytes Anti-Malware.

    Click "Scanner(tab) - Perform quick scan - Scan".

    If infections or problems are found during the scan, the number of them will be highlighted in red.

    When the scan is finished, click "Show Results".

    Make sure that EVERYTHING is selected, then click "Remove Selected".

    If you're prompted to restart to finish the removal process, click "Yes".

    Start Malwarebytes Anti-Malware again.

    Click "Logs"(tab).

    Highlight the scan log entry, then click "Open".

    When the scan log appears in Notepad, copy-and-paste it here.

    ---------------------------------------------------------

    Start SUPERAntiSpyware.

    Select the "Quick Scan" option, then click "Scan your Computer".

    If infections or problems are found during the scan, a list will appear and the number of them will be highlighted in red.

    When the scan is finished and the scan summary window appears, click "Continue".

    Make sure that EVERYTHING in the list is selected, then click "Remove Threats".

    Click "OK - Finish".

    If you're prompted to restart to finish the removal process, do so.

    Start SUPERAntiSpyware again.

    Click "View Scan Logs".

    Highlight the scan log entry, then click "View Selected Log".

    When the scan log appears in Notepad, copy-and-paste it here.

    ---------------------------------------------------------
     
  9. Pleazin4u

    Pleazin4u Thread Starter

    Joined:
    Oct 19, 2003
    Messages:
    224
    # AdwCleaner v2.306 - Logfile created 07/29/2013 at 23:45:56
    # Updated 19/07/2013 by Xplode
    # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
    # User : OUR - OUR-PC
    # Boot Mode : Normal
    # Running from : C:\Users\OUR\Downloads\AdwCleaner.exe
    # Option [Delete]


    ***** [Services] *****


    ***** [Files / Folders] *****

    Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search
    Deleted on reboot : C:\Program Files (x86)\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}

    ***** [Registry] *****


    ***** [Internet Browsers] *****

    -\\ Internet Explorer v10.0.9200.16635

    [OK] Registry is clean.

    -\\ Google Chrome v28.0.1500.72

    File : C:\Users\OUR\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    *************************

    AdwCleaner[R1].txt - [349 octets] - [29/07/2013 23:26:52]
    AdwCleaner[R2].txt - [349 octets] - [29/07/2013 23:28:38]
    AdwCleaner[R3].txt - [349 octets] - [29/07/2013 23:43:12]
    AdwCleaner[R4].txt - [1192 octets] - [29/07/2013 23:45:24]
    AdwCleaner[S1].txt - [5039 octets] - [29/07/2013 23:32:36]
    AdwCleaner[S2].txt - [1133 octets] - [29/07/2013 23:45:56]


    When I try to run The SuperMalware I get an error message
    Run-time error '53': File not found: advpack
     
  10. Pleazin4u

    Pleazin4u Thread Starter

    Joined:
    Oct 19, 2003
    Messages:
    224
    The sticker is HCHNPP1
     
  11. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,665
    Are you having trouble running a quick scan with Malwarebytes Anti-Malware OR with SUPERAntiSpyware?

    ----------------------------------------------------------------

    According to service tag number HCHNPP1, you have a Dell Inspiron 15 (N5010) laptop.

    Here is the support and downloads site that's specific only to your laptop.

    You should add and save this site in your browsers' favorites/bookmarks list so you can quickly refer to it when needed.

    ----------------------------------------------------------------
     
  12. Pleazin4u

    Pleazin4u Thread Starter

    Joined:
    Oct 19, 2003
    Messages:
    224
    When running Malwarebytes Anti-Malware. Thank you I book marked
     
  13. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,665
    Have you run SUPERAntiSpyware per my instructions in the last part of post #8?

    If you have, please submit the log.

    ---------------------------------------------------------
     
  14. Pleazin4u

    Pleazin4u Thread Starter

    Joined:
    Oct 19, 2003
    Messages:
    224
    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 07/31/2013 at 11:31 PM

    Application Version : 5.6.1020

    Core Rules Database Version : 10655
    Trace Rules Database Version: 8467

    Scan type : Quick Scan
    Total Scan Time : 00:07:18

    Operating System Information
    Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
    UAC On - Limited User

    Memory items scanned : 636
    Memory threats detected : 0
     
  15. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,665
    All you submitted was the top portion of the log.

    The ENTIRE log is needed.

    ----------------------------------------------------------
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1104159