Having a lot of malware popups. Also a tech person who was looking at my laptop said i have a lot of viruses. Having trouble switching users on machine.Will post content of ark.txt in second post as i have over 100k characters with ark.txt.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:59:44 PM, on 11/28/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal
Running processes:
C:\PROGRA~2\SearchProtect\SearchProtect\bin\cltmng.exe
C:\PROGRA~2\SearchProtect\UI\bin\cltmngui.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\stan\AppData\Local\Smartbar\Application\QuickShare.exe
C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\USB Camera\VM331_STI.EXE
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\stan\AppData\Local\NativeMessaging\CT3289663\1_0_0_4\TBMessagingHo st.exe
C:\Users\stan\AppData\Local\NativeMessaging\CT3310511\1_0_0_4\TBMessagingHo st.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\ytbb.exe
C:\Users\stan\Desktop\HijackThis.exe
C:\Program Files (x86)\Mobogenie\mgusb.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSour...AF645951&SSPV=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: BrowserPlus2 Toolbar - {650598e1-b35a-45d3-b607-896d7acb64c3} - C:\Program Files (x86)\BrowserPlus2\prxtbBrow.dll
R3 - URLSearchHook: YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
R3 - URLSearchHook: KeyBar 1.12 Toolbar - {0134af61-7a0c-4649-aeca-90d776060cb3} - C:\Program Files (x86)\KeyBar_1.12\prxtbKeyB.dll
R3 - URLSearchHook: SweetPacks Toolbar - {7e8a1050-cf67-4575-92df-dcc60e7d952d} - C:\Program Files (x86)\SweetPacks\prxtbSwee.dll
R3 - URLSearchHook: InternetHelper3.1 Toolbar - {07cbf788-1359-421b-a4e3-5a8d041b90a3} - C:\Program Files (x86)\InternetHelper3.1\prxtbInte.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: KeyBar 1.12 - {0134af61-7a0c-4649-aeca-90d776060cb3} - C:\Program Files (x86)\KeyBar_1.12\prxtbKeyB.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: InternetHelper3.1 - {07cbf788-1359-421b-a4e3-5a8d041b90a3} - C:\Program Files (x86)\InternetHelper3.1\prxtbInte.dll
O2 - BHO: LessTabs - {3178A392-8963-471E-B7A2-969CB58D6496} - C:\Program Files (x86)\LessTabs\IE32\LessTabsClientIE.dll
O2 - BHO: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing)
O2 - BHO: ShoppingChip - {645E0B6C-6A15-B64C-6B2A-163A7C2C6646} - C:\ProgramData\ShoppingChip\HhS.dll
O2 - BHO: BrowserPlus2 - {650598e1-b35a-45d3-b607-896d7acb64c3} - C:\Program Files (x86)\BrowserPlus2\prxtbBrow.dll
O2 - BHO: TidyNetwork.com - {7736C7FA-512D-11E2-B871-DEC36088709B} - C:\Users\stan\AppData\Local\TidyNetwork.com\tidy2ie.dll
O2 - BHO: SweetPacks - {7e8a1050-cf67-4575-92df-dcc60e7d952d} - C:\Program Files (x86)\SweetPacks\prxtbSwee.dll
O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll
O2 - BHO: ALOT Appbar Helper - {85F5CF95-EC8F-49fc-BB3F-38C79455CBA2} - C:\Program Files (x86)\alotappbar\bin\BHO\ALOTHelperBHO.dll
O2 - BHO: GetSavin 5.0 - {8C049331-873E-4C5B-B2C0-3A0018339D75} - C:\Users\stan\AppData\Local\getsavin\ie\getsavin_1376475606.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: DealPly Shopping - {ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} - C:\Program Files (x86)\DealPly\DealPlyIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Define - {B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE} - C:\Users\stan\AppData\Local\DefineExt\temp.dat
O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.22.0\bh\delta.dll
O2 - BHO: LyricsSing - {f05ad658-0f9f-4bca-9c4a-cfd43ff53d77} - C:\Program Files (x86)\LyricSing\126.dll
O3 - Toolbar: ALOT Appbar - {A531D99C-5A22-449b-83DA-872725C6D0ED} - C:\Program Files (x86)\alotappbar\bin\ALOTHelper.dll
O3 - Toolbar: BrowserPlus2 Toolbar - {650598e1-b35a-45d3-b607-896d7acb64c3} - C:\Program Files (x86)\BrowserPlus2\prxtbBrow.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaTlbr.dll
O3 - Toolbar: KeyBar 1.12 Toolbar - {0134af61-7a0c-4649-aeca-90d776060cb3} - C:\Program Files (x86)\KeyBar_1.12\prxtbKeyB.dll
O3 - Toolbar: SweetPacks Toolbar - {7e8a1050-cf67-4575-92df-dcc60e7d952d} - C:\Program Files (x86)\SweetPacks\prxtbSwee.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: InternetHelper3.1 Toolbar - {07cbf788-1359-421b-a4e3-5a8d041b90a3} - C:\Program Files (x86)\InternetHelper3.1\prxtbInte.dll
O3 - Toolbar: QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [VERIZONDM] "C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe" /P VERIZONDM
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [NTRedirect] C:\windows\SysWOW64\rundll32.exe "C:\Users\stan\AppData\Roaming\BabSolution\Shared\NTRedirect.dll",Run
O4 - HKCU\..\Run: [BackgroundContainer] "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\stan\AppData\Local\Conduit\BackgroundContainer\BackgroundContaine r.dll",DllRun
O4 - HKCU\..\Run: [TBHostSupport] "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\stan\AppData\Local\TBHostSupport\TBHostSupport.dll",DLLRunTBHostS upportPlugin
O4 - HKCU\..\Run: [Browser Infrastructure Helper] C:\Users\stan\AppData\Local\Smartbar\Application\QuickShare.exe startup
O4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe
O4 - HKUS\S-1-5-21-2695459146-3165330249-290253915-1000\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User '?')
O4 - HKUS\S-1-5-21-2695459146-3165330249-290253915-1000\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User '?')
O4 - HKUS\S-1-5-21-2695459146-3165330249-290253915-1000\..\Run: [NTRedirect] C:\windows\SysWOW64\rundll32.exe "C:\Users\stan\AppData\Roaming\BabSolution\Shared\NTRedirect.dll",Run (User '?')
O4 - HKUS\S-1-5-21-2695459146-3165330249-290253915-1000\..\Run: [BackgroundContainer] "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\stan\AppData\Local\Conduit\BackgroundContainer\BackgroundContaine r.dll",DllRun (User '?')
O4 - HKUS\S-1-5-21-2695459146-3165330249-290253915-1000\..\Run: [TBHostSupport] "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\stan\AppData\Local\TBHostSupport\TBHostSupport.dll",DLLRunTBHostS upportPlugin (User '?')
O4 - HKUS\S-1-5-21-2695459146-3165330249-290253915-1000\..\Run: [Browser Infrastructure Helper] C:\Users\stan\AppData\Local\Smartbar\Application\QuickShare.exe startup (User '?')
O4 - HKUS\S-1-5-21-2695459146-3165330249-290253915-1000\..\Run: [PCSpeedUp] C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe (User '?')
O4 - S-1-5-21-2695459146-3165330249-290253915-1000 Startup: OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (User '?')
O4 - S-1-5-21-2695459146-3165330249-290253915-1000 Startup: Severe Weather Alerts App.lnk = stan\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe (User '?')
O4 - S-1-5-21-2695459146-3165330249-290253915-1000 Startup: Severe Weather Alerts.lnk = stan\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe (User '?')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Severe Weather Alerts App.lnk = stan\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe
O4 - Startup: Severe Weather Alerts.lnk = stan\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe
O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\webmakerplus.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\webmakerplus.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\webmakerplus.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\webmakerplus.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\webmakerplus.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~3\bitguard\271832~1.68\{c16c1~1\bitguard.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: ALOT Update Service (AlotService) - Vertro Inc. - C:\Users\stan\AppData\LocalLow\alotservice\alotservice.exe
O23 - Service: BitGuard - Unknown owner - C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
O23 - Service: Search Protect by Conduit Service (CltMngSvc) - Conduit - C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe
O23 - Service: DealPly Live Service (dealplylive) (dealplylive) - DealPly Technologies Ltd - C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe
O23 - Service: DealPly Live Service (dealplylivem) (dealplylivem) - DealPly Technologies Ltd - C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IBUpdaterService - Unknown owner - C:\windows\system32\dmwu.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe
O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files (x86)\PC Speed Up\PCSUService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SupportSoft Sprocket Service (verizondm) (sprtsvc_verizondm) - SupportSoft, Inc. - C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe
O23 - Service: SupportSoft Repair Service (verizondm) (tgsrvc_verizondm) - SupportSoft, Inc. - C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: webmakerplus - webmakerplus LTD - C:\Program Files (x86)\webmakerplus\webmakerplus.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
--
End of file - 19589 bytes
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16720
Run by stan at 15:01:30 on 2013-11-28
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN96551628226875202&UM=2&ctid=CT3310 511&UP=SP72C29AAE-3F63-4B02-BB39-954FAF645951&SSPV=
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
uURLSearchHooks: BrowserPlus2 Toolbar: {650598e1-b35a-45d3-b607-896d7acb64c3} - C:\Program Files (x86)\BrowserPlus2\prxtbBrow.dll
uURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
uURLSearchHooks: KeyBar 1.12 Toolbar: {0134af61-7a0c-4649-aeca-90d776060cb3} - C:\Program Files (x86)\KeyBar_1.12\prxtbKeyB.dll
uURLSearchHooks: SweetPacks Toolbar: {7e8a1050-cf67-4575-92df-dcc60e7d952d} - C:\Program Files (x86)\SweetPacks\prxtbSwee.dll
uURLSearchHooks: InternetHelper3.1 Toolbar: {07cbf788-1359-421b-a4e3-5a8d041b90a3} - C:\Program Files (x86)\InternetHelper3.1\prxtbInte.dll
mURLSearchHooks: BrowserPlus2 Toolbar: {650598e1-b35a-45d3-b607-896d7acb64c3} - C:\Program Files (x86)\BrowserPlus2\prxtbBrow.dll
mURLSearchHooks: KeyBar 1.12 Toolbar: {0134af61-7a0c-4649-aeca-90d776060cb3} - C:\Program Files (x86)\KeyBar_1.12\prxtbKeyB.dll
mURLSearchHooks: SweetPacks Toolbar: {7e8a1050-cf67-4575-92df-dcc60e7d952d} - C:\Program Files (x86)\SweetPacks\prxtbSwee.dll
mURLSearchHooks: InternetHelper3.1 Toolbar: {07cbf788-1359-421b-a4e3-5a8d041b90a3} - C:\Program Files (x86)\InternetHelper3.1\prxtbInte.dll
mWinlogon: Userinit = userinit.exe
BHO: KeyBar 1.12 Toolbar: {0134af61-7a0c-4649-aeca-90d776060cb3} - C:\Program Files (x86)\KeyBar_1.12\prxtbKeyB.dll
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
BHO: InternetHelper3.1 Toolbar: {07cbf788-1359-421b-a4e3-5a8d041b90a3} - C:\Program Files (x86)\InternetHelper3.1\prxtbInte.dll
BHO: LessTabs: {3178A392-8963-471E-B7A2-969CB58D6496} - C:\Program Files (x86)\LessTabs\IE32\LessTabsClientIE.dll
BHO: QuickShare WidgetEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} -
BHO: ShoppingChip: {645E0B6C-6A15-B64C-6B2A-163A7C2C6646} - C:\ProgramData\ShoppingChip\HhS.dll
BHO: BrowserPlus2 Toolbar: {650598e1-b35a-45d3-b607-896d7acb64c3} - C:\Program Files (x86)\BrowserPlus2\prxtbBrow.dll
BHO: TidyNetwork.com: {7736C7FA-512D-11E2-B871-DEC36088709B} - C:\Users\stan\AppData\Local\TidyNetwork.com\tidy2ie.dll
BHO: SweetPacks Toolbar: {7e8a1050-cf67-4575-92df-dcc60e7d952d} - C:\Program Files (x86)\SweetPacks\prxtbSwee.dll
BHO: Partner BHO Class: {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll
BHO: ALOT Appbar Helper: {85F5CF95-EC8F-49fc-BB3F-38C79455CBA2} - C:\Program Files (x86)\alotappbar\bin\BHO\ALOTHelperBHO.dll
BHO: GetSavin 5.0: {8C049331-873E-4C5B-B2C0-3A0018339D75} - C:\Users\stan\AppData\Local\getsavin\ie\getsavin_1376475606.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: DealPly Shopping: {ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} - C:\Program Files (x86)\DealPly\DealPlyIE.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Define: {B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE} - C:\Users\stan\AppData\Local\DefineExt\temp.dat
BHO: delta Helper Object: {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.22.0\bh\delta.dll
BHO: LyricsSing: {f05ad658-0f9f-4bca-9c4a-cfd43ff53d77} - C:\Program Files (x86)\LyricSing\126.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: BrowserPlus2 Toolbar: {650598E1-B35A-45D3-B607-896D7ACB64C3} - C:\Program Files (x86)\BrowserPlus2\prxtbBrow.dll
TB: KeyBar 1.12 Toolbar: {0134AF61-7A0C-4649-AECA-90D776060CB3} - C:\Program Files (x86)\KeyBar_1.12\prxtbKeyB.dll
TB: SweetPacks Toolbar: {7E8A1050-CF67-4575-92DF-DCC60E7D952D} - C:\Program Files (x86)\SweetPacks\prxtbSwee.dll
TB: InternetHelper3.1 Toolbar: {07CBF788-1359-421B-A4E3-5A8D041B90A3} - C:\Program Files (x86)\InternetHelper3.1\prxtbInte.dll
TB: ALOT Appbar: {A531D99C-5A22-449b-83DA-872725C6D0ED} - C:\Program Files (x86)\alotappbar\bin\ALOTHelper.dll
TB: BrowserPlus2 Toolbar: {650598e1-b35a-45d3-b607-896d7acb64c3} - C:\Program Files (x86)\BrowserPlus2\prxtbBrow.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
TB: Delta Toolbar: {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaTlbr.dll
TB: KeyBar 1.12 Toolbar: {0134af61-7a0c-4649-aeca-90d776060cb3} - C:\Program Files (x86)\KeyBar_1.12\prxtbKeyB.dll
TB: SweetPacks Toolbar: {7e8a1050-cf67-4575-92df-dcc60e7d952d} - C:\Program Files (x86)\SweetPacks\prxtbSwee.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: InternetHelper3.1 Toolbar: {07cbf788-1359-421b-a4e3-5a8d041b90a3} - C:\Program Files (x86)\InternetHelper3.1\prxtbInte.dll
TB: QuickShare Widget: {ae07101b-46d4-4a98-af68-0333ea26e113} -
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [NTRedirect] C:\windows\SysWOW64\rundll32.exe "C:\Users\stan\AppData\Roaming\BabSolution\Shared\NTRedirect.dll",Run
uRun: [BackgroundContainer] "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\stan\AppData\Local\Conduit\BackgroundContainer\BackgroundContaine r.dll",DllRun
uRun: [TBHostSupport] "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\stan\AppData\Local\TBHostSupport\TBHostSupport.dll",DLLRunTBHostS upportPlugin
uRun: [Browser Infrastructure Helper] C:\Users\stan\AppData\Local\Smartbar\Application\QuickShare.exe startup
uRun: [PCSpeedUp] C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE
mRun: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
mRun: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
mRun: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
mRun: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
mRun: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [VERIZONDM] "C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe" /P VERIZONDM
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
StartupFolder: C:\Users\stan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OP ENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
StartupFolder: C:\Users\stan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SE VERE~2.LNK - C:\Users\stan\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe
StartupFolder: C:\Users\stan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SE VERE~1.LNK - C:\Users\stan\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAPFI~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
LSP: C:\windows\System32\webmakerplus.dll
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{A6E8A35B-4031-4A3A-BEBE-3B66BC4861A6} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{E0612BD6-70E8-4073-9CB2-7DB3AECBD8AA} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{E0612BD6-70E8-4073-9CB2-7DB3AECBD8AA}\1484147457563747 : DHCPNameServer = 151.164.1.8 151.164.85.201
TCP: Interfaces\{E0612BD6-70E8-4073-9CB2-7DB3AECBD8AA}\33E41595E4 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{E0612BD6-70E8-4073-9CB2-7DB3AECBD8AA}\373686562723 : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{E0612BD6-70E8-4073-9CB2-7DB3AECBD8AA}\4556464697 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{E0612BD6-70E8-4073-9CB2-7DB3AECBD8AA}\93341543A4 : DHCPNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~3\bitguard\271832~1.68\{c16c1~1\bitguard.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: QuickShare WidgetEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} -
x64-BHO: Partner BHO Class: {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: QuickShare Widget: {ae07101b-46d4-4a98-af68-0333ea26e113} -
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe
x64-Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
x64-Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
x64-Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
2013-11-25 20:43:26 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C45E3207-9F4B-439A-B742-93B36C0C12D2}\offreg.dll
2013-11-21 13:51:32 -------- d-----w- C:\Users\stan\.android
2013-11-21 13:04:57 -------- d-----w- C:\Users\stan\AppData\Local\DealPlyLive
2013-11-21 13:04:57 -------- d-----w- C:\ProgramData\DealPlyLive
2013-11-21 13:04:57 -------- d-----w- C:\Program Files (x86)\DealPlyLive
2013-11-21 13:04:56 -------- d-----w- C:\Users\stan\AppData\Roaming\Dealply
2013-11-21 13:04:45 -------- d-----w- C:\Program Files (x86)\DealPly
2013-11-21 13:01:04 -------- d-----w- C:\Users\stan\AppData\Local\Mobogenie
2013-11-21 13:01:04 -------- d-----w- C:\Users\stan\AppData\Local\cache
2013-11-21 13:00:38 -------- d-----w- C:\Program Files (x86)\Mobogenie
2013-11-21 12:59:49 -------- d-----w- C:\Program Files (x86)\PC Speed Up
2013-11-21 12:59:16 -------- d-----w- C:\Users\stan\AppData\Local\Smartbar
2013-11-21 12:58:33 -------- d-----w- C:\Program Files (x86)\SearchProtect
2013-11-21 12:58:16 -------- d-----w- C:\Users\stan\AppData\Local\SearchProtect
2013-11-19 15:54:01 -------- d-----w- C:\Users\stan\AppData\Local\WhiteListing
2013-11-10 23:35:52 0 ----a-w- C:\windows\SysWow64\upd44AD.tmp
2013-11-10 10:06:29 0 ----a-w- C:\windows\SysWow64\updBC1D.tmp
2013-11-04 15:41:30 11264 ----a-w- C:\wajam_validate.exe
2013-11-01 14:39:28 0 ----a-w- C:\windows\SysWow64\upd24DE.tmp
2013-10-29 20:50:19 0 ----a-w- C:\windows\SysWow64\upd1351.tmp
.
==================== Find3M ====================
.
2013-10-28 11:09:50 1764656 ----a-w- C:\windows\System32\dmwu.exe
2013-10-28 11:03:50 33792 ----a-w- C:\windows\System32\ImHttpComm.dll
2013-10-25 20:42:45 0 ----a-w- C:\windows\SysWow64\upd16EA.tmp
2013-10-25 20:42:45 0 ----a-w- C:\windows\SysWow64\upd15C1.tmp
2013-10-22 18:30:44 0 ----a-w- C:\windows\SysWow64\updEB4C.tmp
2013-10-22 18:30:44 0 ----a-w- C:\windows\SysWow64\updEAFD.tmp
2013-10-21 01:14:11 0 ----a-w- C:\windows\SysWow64\upd48A5.tmp
2013-10-21 01:14:11 0 ----a-w- C:\windows\SysWow64\upd4875.tmp
2013-10-21 01:14:11 0 ----a-w- C:\windows\SysWow64\upd47E8.tmp
2013-10-20 11:26:11 0 ----a-w- C:\windows\SysWow64\upd387D.tmp
2013-10-18 11:32:44 0 ----a-w- C:\windows\SysWow64\upd203C.tmp
2013-10-18 11:14:12 0 ----a-w- C:\windows\SysWow64\upd8A7.tmp
2013-10-18 10:55:59 0 ----a-w- C:\windows\SysWow64\updFD14.tmp
2013-10-18 10:55:59 0 ----a-w- C:\windows\SysWow64\updFC48.tmp
2013-09-30 15:53:00 829264 ----a-w- C:\windows\System32\msvcr100.dll
2013-09-30 15:53:00 608080 ----a-w- C:\windows\System32\msvcp100.dll
2013-09-22 23:28:06 1767936 ----a-w- C:\windows\SysWow64\wininet.dll
2013-09-22 23:27:49 2876928 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-09-22 23:27:48 61440 ----a-w- C:\windows\SysWow64\iesetup.dll
2013-09-22 23:27:48 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll
2013-09-22 22:55:10 2241024 ----a-w- C:\windows\System32\wininet.dll
2013-09-22 22:54:51 3959296 ----a-w- C:\windows\System32\jscript9.dll
2013-09-22 22:54:50 67072 ----a-w- C:\windows\System32\iesetup.dll
2013-09-22 22:54:50 136704 ----a-w- C:\windows\System32\iesysprep.dll
2013-09-21 03:38:39 2706432 ----a-w- C:\windows\System32\mshtml.tlb
2013-09-21 03:30:24 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb
2013-09-21 02:48:36 89600 ----a-w- C:\windows\System32\RegisterIEPKEYs.exe
2013-09-21 02:39:47 71680 ----a-w- C:\windows\SysWow64\RegisterIEPKEYs.exe
2013-09-17 20:43:50 430080 ----a-w- C:\windows\System32\webmakerplus64.dll
2013-09-17 20:41:42 364544 ----a-w- C:\windows\SysWow64\webmakerplus.dll
2013-09-14 01:10:19 497152 ----a-w- C:\windows\System32\drivers\afd.sys
2013-09-08 02:30:37 1903552 ----a-w- C:\windows\System32\drivers\tcpip.sys
2013-09-08 02:27:14 327168 ----a-w- C:\windows\System32\mswsock.dll
2013-09-08 02:03:58 231424 ----a-w- C:\windows\SysWow64\mswsock.dll
2013-09-04 12:12:11 343040 ----a-w- C:\windows\System32\drivers\usbhub.sys
2013-09-04 12:11:51 325120 ----a-w- C:\windows\System32\drivers\usbport.sys
2013-09-04 12:11:49 99840 ----a-w- C:\windows\System32\drivers\usbccgp.sys
2013-09-04 12:11:43 52736 ----a-w- C:\windows\System32\drivers\usbehci.sys
2013-09-04 12:11:43 30720 ----a-w- C:\windows\System32\drivers\usbuhci.sys
2013-09-04 12:11:42 25600 ----a-w- C:\windows\System32\drivers\usbohci.sys
2013-09-04 12:11:40 7808 ----a-w- C:\windows\System32\drivers\usbd.sys
2013-09-03 18:35:10 278800 ------w- C:\windows\System32\MpSigStub.exe
.
============= FINISH: 15:02:26.34 ===============
.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:59:44 PM, on 11/28/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal
Running processes:
C:\PROGRA~2\SearchProtect\SearchProtect\bin\cltmng.exe
C:\PROGRA~2\SearchProtect\UI\bin\cltmngui.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\stan\AppData\Local\Smartbar\Application\QuickShare.exe
C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\USB Camera\VM331_STI.EXE
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\stan\AppData\Local\NativeMessaging\CT3289663\1_0_0_4\TBMessagingHo st.exe
C:\Users\stan\AppData\Local\NativeMessaging\CT3310511\1_0_0_4\TBMessagingHo st.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\ytbb.exe
C:\Users\stan\Desktop\HijackThis.exe
C:\Program Files (x86)\Mobogenie\mgusb.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSour...AF645951&SSPV=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: BrowserPlus2 Toolbar - {650598e1-b35a-45d3-b607-896d7acb64c3} - C:\Program Files (x86)\BrowserPlus2\prxtbBrow.dll
R3 - URLSearchHook: YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
R3 - URLSearchHook: KeyBar 1.12 Toolbar - {0134af61-7a0c-4649-aeca-90d776060cb3} - C:\Program Files (x86)\KeyBar_1.12\prxtbKeyB.dll
R3 - URLSearchHook: SweetPacks Toolbar - {7e8a1050-cf67-4575-92df-dcc60e7d952d} - C:\Program Files (x86)\SweetPacks\prxtbSwee.dll
R3 - URLSearchHook: InternetHelper3.1 Toolbar - {07cbf788-1359-421b-a4e3-5a8d041b90a3} - C:\Program Files (x86)\InternetHelper3.1\prxtbInte.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: KeyBar 1.12 - {0134af61-7a0c-4649-aeca-90d776060cb3} - C:\Program Files (x86)\KeyBar_1.12\prxtbKeyB.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: InternetHelper3.1 - {07cbf788-1359-421b-a4e3-5a8d041b90a3} - C:\Program Files (x86)\InternetHelper3.1\prxtbInte.dll
O2 - BHO: LessTabs - {3178A392-8963-471E-B7A2-969CB58D6496} - C:\Program Files (x86)\LessTabs\IE32\LessTabsClientIE.dll
O2 - BHO: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing)
O2 - BHO: ShoppingChip - {645E0B6C-6A15-B64C-6B2A-163A7C2C6646} - C:\ProgramData\ShoppingChip\HhS.dll
O2 - BHO: BrowserPlus2 - {650598e1-b35a-45d3-b607-896d7acb64c3} - C:\Program Files (x86)\BrowserPlus2\prxtbBrow.dll
O2 - BHO: TidyNetwork.com - {7736C7FA-512D-11E2-B871-DEC36088709B} - C:\Users\stan\AppData\Local\TidyNetwork.com\tidy2ie.dll
O2 - BHO: SweetPacks - {7e8a1050-cf67-4575-92df-dcc60e7d952d} - C:\Program Files (x86)\SweetPacks\prxtbSwee.dll
O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll
O2 - BHO: ALOT Appbar Helper - {85F5CF95-EC8F-49fc-BB3F-38C79455CBA2} - C:\Program Files (x86)\alotappbar\bin\BHO\ALOTHelperBHO.dll
O2 - BHO: GetSavin 5.0 - {8C049331-873E-4C5B-B2C0-3A0018339D75} - C:\Users\stan\AppData\Local\getsavin\ie\getsavin_1376475606.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: DealPly Shopping - {ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} - C:\Program Files (x86)\DealPly\DealPlyIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Define - {B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE} - C:\Users\stan\AppData\Local\DefineExt\temp.dat
O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.22.0\bh\delta.dll
O2 - BHO: LyricsSing - {f05ad658-0f9f-4bca-9c4a-cfd43ff53d77} - C:\Program Files (x86)\LyricSing\126.dll
O3 - Toolbar: ALOT Appbar - {A531D99C-5A22-449b-83DA-872725C6D0ED} - C:\Program Files (x86)\alotappbar\bin\ALOTHelper.dll
O3 - Toolbar: BrowserPlus2 Toolbar - {650598e1-b35a-45d3-b607-896d7acb64c3} - C:\Program Files (x86)\BrowserPlus2\prxtbBrow.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaTlbr.dll
O3 - Toolbar: KeyBar 1.12 Toolbar - {0134af61-7a0c-4649-aeca-90d776060cb3} - C:\Program Files (x86)\KeyBar_1.12\prxtbKeyB.dll
O3 - Toolbar: SweetPacks Toolbar - {7e8a1050-cf67-4575-92df-dcc60e7d952d} - C:\Program Files (x86)\SweetPacks\prxtbSwee.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: InternetHelper3.1 Toolbar - {07cbf788-1359-421b-a4e3-5a8d041b90a3} - C:\Program Files (x86)\InternetHelper3.1\prxtbInte.dll
O3 - Toolbar: QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [VERIZONDM] "C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe" /P VERIZONDM
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [NTRedirect] C:\windows\SysWOW64\rundll32.exe "C:\Users\stan\AppData\Roaming\BabSolution\Shared\NTRedirect.dll",Run
O4 - HKCU\..\Run: [BackgroundContainer] "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\stan\AppData\Local\Conduit\BackgroundContainer\BackgroundContaine r.dll",DllRun
O4 - HKCU\..\Run: [TBHostSupport] "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\stan\AppData\Local\TBHostSupport\TBHostSupport.dll",DLLRunTBHostS upportPlugin
O4 - HKCU\..\Run: [Browser Infrastructure Helper] C:\Users\stan\AppData\Local\Smartbar\Application\QuickShare.exe startup
O4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe
O4 - HKUS\S-1-5-21-2695459146-3165330249-290253915-1000\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User '?')
O4 - HKUS\S-1-5-21-2695459146-3165330249-290253915-1000\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User '?')
O4 - HKUS\S-1-5-21-2695459146-3165330249-290253915-1000\..\Run: [NTRedirect] C:\windows\SysWOW64\rundll32.exe "C:\Users\stan\AppData\Roaming\BabSolution\Shared\NTRedirect.dll",Run (User '?')
O4 - HKUS\S-1-5-21-2695459146-3165330249-290253915-1000\..\Run: [BackgroundContainer] "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\stan\AppData\Local\Conduit\BackgroundContainer\BackgroundContaine r.dll",DllRun (User '?')
O4 - HKUS\S-1-5-21-2695459146-3165330249-290253915-1000\..\Run: [TBHostSupport] "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\stan\AppData\Local\TBHostSupport\TBHostSupport.dll",DLLRunTBHostS upportPlugin (User '?')
O4 - HKUS\S-1-5-21-2695459146-3165330249-290253915-1000\..\Run: [Browser Infrastructure Helper] C:\Users\stan\AppData\Local\Smartbar\Application\QuickShare.exe startup (User '?')
O4 - HKUS\S-1-5-21-2695459146-3165330249-290253915-1000\..\Run: [PCSpeedUp] C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe (User '?')
O4 - S-1-5-21-2695459146-3165330249-290253915-1000 Startup: OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (User '?')
O4 - S-1-5-21-2695459146-3165330249-290253915-1000 Startup: Severe Weather Alerts App.lnk = stan\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe (User '?')
O4 - S-1-5-21-2695459146-3165330249-290253915-1000 Startup: Severe Weather Alerts.lnk = stan\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe (User '?')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Severe Weather Alerts App.lnk = stan\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe
O4 - Startup: Severe Weather Alerts.lnk = stan\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe
O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\webmakerplus.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\webmakerplus.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\webmakerplus.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\webmakerplus.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\webmakerplus.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~3\bitguard\271832~1.68\{c16c1~1\bitguard.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: ALOT Update Service (AlotService) - Vertro Inc. - C:\Users\stan\AppData\LocalLow\alotservice\alotservice.exe
O23 - Service: BitGuard - Unknown owner - C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
O23 - Service: Search Protect by Conduit Service (CltMngSvc) - Conduit - C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe
O23 - Service: DealPly Live Service (dealplylive) (dealplylive) - DealPly Technologies Ltd - C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe
O23 - Service: DealPly Live Service (dealplylivem) (dealplylivem) - DealPly Technologies Ltd - C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IBUpdaterService - Unknown owner - C:\windows\system32\dmwu.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe
O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files (x86)\PC Speed Up\PCSUService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SupportSoft Sprocket Service (verizondm) (sprtsvc_verizondm) - SupportSoft, Inc. - C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe
O23 - Service: SupportSoft Repair Service (verizondm) (tgsrvc_verizondm) - SupportSoft, Inc. - C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: webmakerplus - webmakerplus LTD - C:\Program Files (x86)\webmakerplus\webmakerplus.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
--
End of file - 19589 bytes
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16720
Run by stan at 15:01:30 on 2013-11-28
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN96551628226875202&UM=2&ctid=CT3310 511&UP=SP72C29AAE-3F63-4B02-BB39-954FAF645951&SSPV=
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
uURLSearchHooks: BrowserPlus2 Toolbar: {650598e1-b35a-45d3-b607-896d7acb64c3} - C:\Program Files (x86)\BrowserPlus2\prxtbBrow.dll
uURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
uURLSearchHooks: KeyBar 1.12 Toolbar: {0134af61-7a0c-4649-aeca-90d776060cb3} - C:\Program Files (x86)\KeyBar_1.12\prxtbKeyB.dll
uURLSearchHooks: SweetPacks Toolbar: {7e8a1050-cf67-4575-92df-dcc60e7d952d} - C:\Program Files (x86)\SweetPacks\prxtbSwee.dll
uURLSearchHooks: InternetHelper3.1 Toolbar: {07cbf788-1359-421b-a4e3-5a8d041b90a3} - C:\Program Files (x86)\InternetHelper3.1\prxtbInte.dll
mURLSearchHooks: BrowserPlus2 Toolbar: {650598e1-b35a-45d3-b607-896d7acb64c3} - C:\Program Files (x86)\BrowserPlus2\prxtbBrow.dll
mURLSearchHooks: KeyBar 1.12 Toolbar: {0134af61-7a0c-4649-aeca-90d776060cb3} - C:\Program Files (x86)\KeyBar_1.12\prxtbKeyB.dll
mURLSearchHooks: SweetPacks Toolbar: {7e8a1050-cf67-4575-92df-dcc60e7d952d} - C:\Program Files (x86)\SweetPacks\prxtbSwee.dll
mURLSearchHooks: InternetHelper3.1 Toolbar: {07cbf788-1359-421b-a4e3-5a8d041b90a3} - C:\Program Files (x86)\InternetHelper3.1\prxtbInte.dll
mWinlogon: Userinit = userinit.exe
BHO: KeyBar 1.12 Toolbar: {0134af61-7a0c-4649-aeca-90d776060cb3} - C:\Program Files (x86)\KeyBar_1.12\prxtbKeyB.dll
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
BHO: InternetHelper3.1 Toolbar: {07cbf788-1359-421b-a4e3-5a8d041b90a3} - C:\Program Files (x86)\InternetHelper3.1\prxtbInte.dll
BHO: LessTabs: {3178A392-8963-471E-B7A2-969CB58D6496} - C:\Program Files (x86)\LessTabs\IE32\LessTabsClientIE.dll
BHO: QuickShare WidgetEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} -
BHO: ShoppingChip: {645E0B6C-6A15-B64C-6B2A-163A7C2C6646} - C:\ProgramData\ShoppingChip\HhS.dll
BHO: BrowserPlus2 Toolbar: {650598e1-b35a-45d3-b607-896d7acb64c3} - C:\Program Files (x86)\BrowserPlus2\prxtbBrow.dll
BHO: TidyNetwork.com: {7736C7FA-512D-11E2-B871-DEC36088709B} - C:\Users\stan\AppData\Local\TidyNetwork.com\tidy2ie.dll
BHO: SweetPacks Toolbar: {7e8a1050-cf67-4575-92df-dcc60e7d952d} - C:\Program Files (x86)\SweetPacks\prxtbSwee.dll
BHO: Partner BHO Class: {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll
BHO: ALOT Appbar Helper: {85F5CF95-EC8F-49fc-BB3F-38C79455CBA2} - C:\Program Files (x86)\alotappbar\bin\BHO\ALOTHelperBHO.dll
BHO: GetSavin 5.0: {8C049331-873E-4C5B-B2C0-3A0018339D75} - C:\Users\stan\AppData\Local\getsavin\ie\getsavin_1376475606.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: DealPly Shopping: {ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} - C:\Program Files (x86)\DealPly\DealPlyIE.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Define: {B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE} - C:\Users\stan\AppData\Local\DefineExt\temp.dat
BHO: delta Helper Object: {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.22.0\bh\delta.dll
BHO: LyricsSing: {f05ad658-0f9f-4bca-9c4a-cfd43ff53d77} - C:\Program Files (x86)\LyricSing\126.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: BrowserPlus2 Toolbar: {650598E1-B35A-45D3-B607-896D7ACB64C3} - C:\Program Files (x86)\BrowserPlus2\prxtbBrow.dll
TB: KeyBar 1.12 Toolbar: {0134AF61-7A0C-4649-AECA-90D776060CB3} - C:\Program Files (x86)\KeyBar_1.12\prxtbKeyB.dll
TB: SweetPacks Toolbar: {7E8A1050-CF67-4575-92DF-DCC60E7D952D} - C:\Program Files (x86)\SweetPacks\prxtbSwee.dll
TB: InternetHelper3.1 Toolbar: {07CBF788-1359-421B-A4E3-5A8D041B90A3} - C:\Program Files (x86)\InternetHelper3.1\prxtbInte.dll
TB: ALOT Appbar: {A531D99C-5A22-449b-83DA-872725C6D0ED} - C:\Program Files (x86)\alotappbar\bin\ALOTHelper.dll
TB: BrowserPlus2 Toolbar: {650598e1-b35a-45d3-b607-896d7acb64c3} - C:\Program Files (x86)\BrowserPlus2\prxtbBrow.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
TB: Delta Toolbar: {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaTlbr.dll
TB: KeyBar 1.12 Toolbar: {0134af61-7a0c-4649-aeca-90d776060cb3} - C:\Program Files (x86)\KeyBar_1.12\prxtbKeyB.dll
TB: SweetPacks Toolbar: {7e8a1050-cf67-4575-92df-dcc60e7d952d} - C:\Program Files (x86)\SweetPacks\prxtbSwee.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: InternetHelper3.1 Toolbar: {07cbf788-1359-421b-a4e3-5a8d041b90a3} - C:\Program Files (x86)\InternetHelper3.1\prxtbInte.dll
TB: QuickShare Widget: {ae07101b-46d4-4a98-af68-0333ea26e113} -
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [NTRedirect] C:\windows\SysWOW64\rundll32.exe "C:\Users\stan\AppData\Roaming\BabSolution\Shared\NTRedirect.dll",Run
uRun: [BackgroundContainer] "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\stan\AppData\Local\Conduit\BackgroundContainer\BackgroundContaine r.dll",DllRun
uRun: [TBHostSupport] "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\stan\AppData\Local\TBHostSupport\TBHostSupport.dll",DLLRunTBHostS upportPlugin
uRun: [Browser Infrastructure Helper] C:\Users\stan\AppData\Local\Smartbar\Application\QuickShare.exe startup
uRun: [PCSpeedUp] C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE
mRun: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
mRun: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
mRun: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
mRun: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
mRun: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [VERIZONDM] "C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe" /P VERIZONDM
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
StartupFolder: C:\Users\stan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OP ENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
StartupFolder: C:\Users\stan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SE VERE~2.LNK - C:\Users\stan\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe
StartupFolder: C:\Users\stan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SE VERE~1.LNK - C:\Users\stan\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAPFI~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
LSP: C:\windows\System32\webmakerplus.dll
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{A6E8A35B-4031-4A3A-BEBE-3B66BC4861A6} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{E0612BD6-70E8-4073-9CB2-7DB3AECBD8AA} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{E0612BD6-70E8-4073-9CB2-7DB3AECBD8AA}\1484147457563747 : DHCPNameServer = 151.164.1.8 151.164.85.201
TCP: Interfaces\{E0612BD6-70E8-4073-9CB2-7DB3AECBD8AA}\33E41595E4 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{E0612BD6-70E8-4073-9CB2-7DB3AECBD8AA}\373686562723 : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{E0612BD6-70E8-4073-9CB2-7DB3AECBD8AA}\4556464697 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{E0612BD6-70E8-4073-9CB2-7DB3AECBD8AA}\93341543A4 : DHCPNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~3\bitguard\271832~1.68\{c16c1~1\bitguard.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: QuickShare WidgetEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} -
x64-BHO: Partner BHO Class: {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: QuickShare Widget: {ae07101b-46d4-4a98-af68-0333ea26e113} -
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe
x64-Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
x64-Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
x64-Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
2013-11-25 20:43:26 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C45E3207-9F4B-439A-B742-93B36C0C12D2}\offreg.dll
2013-11-21 13:51:32 -------- d-----w- C:\Users\stan\.android
2013-11-21 13:04:57 -------- d-----w- C:\Users\stan\AppData\Local\DealPlyLive
2013-11-21 13:04:57 -------- d-----w- C:\ProgramData\DealPlyLive
2013-11-21 13:04:57 -------- d-----w- C:\Program Files (x86)\DealPlyLive
2013-11-21 13:04:56 -------- d-----w- C:\Users\stan\AppData\Roaming\Dealply
2013-11-21 13:04:45 -------- d-----w- C:\Program Files (x86)\DealPly
2013-11-21 13:01:04 -------- d-----w- C:\Users\stan\AppData\Local\Mobogenie
2013-11-21 13:01:04 -------- d-----w- C:\Users\stan\AppData\Local\cache
2013-11-21 13:00:38 -------- d-----w- C:\Program Files (x86)\Mobogenie
2013-11-21 12:59:49 -------- d-----w- C:\Program Files (x86)\PC Speed Up
2013-11-21 12:59:16 -------- d-----w- C:\Users\stan\AppData\Local\Smartbar
2013-11-21 12:58:33 -------- d-----w- C:\Program Files (x86)\SearchProtect
2013-11-21 12:58:16 -------- d-----w- C:\Users\stan\AppData\Local\SearchProtect
2013-11-19 15:54:01 -------- d-----w- C:\Users\stan\AppData\Local\WhiteListing
2013-11-10 23:35:52 0 ----a-w- C:\windows\SysWow64\upd44AD.tmp
2013-11-10 10:06:29 0 ----a-w- C:\windows\SysWow64\updBC1D.tmp
2013-11-04 15:41:30 11264 ----a-w- C:\wajam_validate.exe
2013-11-01 14:39:28 0 ----a-w- C:\windows\SysWow64\upd24DE.tmp
2013-10-29 20:50:19 0 ----a-w- C:\windows\SysWow64\upd1351.tmp
.
==================== Find3M ====================
.
2013-10-28 11:09:50 1764656 ----a-w- C:\windows\System32\dmwu.exe
2013-10-28 11:03:50 33792 ----a-w- C:\windows\System32\ImHttpComm.dll
2013-10-25 20:42:45 0 ----a-w- C:\windows\SysWow64\upd16EA.tmp
2013-10-25 20:42:45 0 ----a-w- C:\windows\SysWow64\upd15C1.tmp
2013-10-22 18:30:44 0 ----a-w- C:\windows\SysWow64\updEB4C.tmp
2013-10-22 18:30:44 0 ----a-w- C:\windows\SysWow64\updEAFD.tmp
2013-10-21 01:14:11 0 ----a-w- C:\windows\SysWow64\upd48A5.tmp
2013-10-21 01:14:11 0 ----a-w- C:\windows\SysWow64\upd4875.tmp
2013-10-21 01:14:11 0 ----a-w- C:\windows\SysWow64\upd47E8.tmp
2013-10-20 11:26:11 0 ----a-w- C:\windows\SysWow64\upd387D.tmp
2013-10-18 11:32:44 0 ----a-w- C:\windows\SysWow64\upd203C.tmp
2013-10-18 11:14:12 0 ----a-w- C:\windows\SysWow64\upd8A7.tmp
2013-10-18 10:55:59 0 ----a-w- C:\windows\SysWow64\updFD14.tmp
2013-10-18 10:55:59 0 ----a-w- C:\windows\SysWow64\updFC48.tmp
2013-09-30 15:53:00 829264 ----a-w- C:\windows\System32\msvcr100.dll
2013-09-30 15:53:00 608080 ----a-w- C:\windows\System32\msvcp100.dll
2013-09-22 23:28:06 1767936 ----a-w- C:\windows\SysWow64\wininet.dll
2013-09-22 23:27:49 2876928 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-09-22 23:27:48 61440 ----a-w- C:\windows\SysWow64\iesetup.dll
2013-09-22 23:27:48 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll
2013-09-22 22:55:10 2241024 ----a-w- C:\windows\System32\wininet.dll
2013-09-22 22:54:51 3959296 ----a-w- C:\windows\System32\jscript9.dll
2013-09-22 22:54:50 67072 ----a-w- C:\windows\System32\iesetup.dll
2013-09-22 22:54:50 136704 ----a-w- C:\windows\System32\iesysprep.dll
2013-09-21 03:38:39 2706432 ----a-w- C:\windows\System32\mshtml.tlb
2013-09-21 03:30:24 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb
2013-09-21 02:48:36 89600 ----a-w- C:\windows\System32\RegisterIEPKEYs.exe
2013-09-21 02:39:47 71680 ----a-w- C:\windows\SysWow64\RegisterIEPKEYs.exe
2013-09-17 20:43:50 430080 ----a-w- C:\windows\System32\webmakerplus64.dll
2013-09-17 20:41:42 364544 ----a-w- C:\windows\SysWow64\webmakerplus.dll
2013-09-14 01:10:19 497152 ----a-w- C:\windows\System32\drivers\afd.sys
2013-09-08 02:30:37 1903552 ----a-w- C:\windows\System32\drivers\tcpip.sys
2013-09-08 02:27:14 327168 ----a-w- C:\windows\System32\mswsock.dll
2013-09-08 02:03:58 231424 ----a-w- C:\windows\SysWow64\mswsock.dll
2013-09-04 12:12:11 343040 ----a-w- C:\windows\System32\drivers\usbhub.sys
2013-09-04 12:11:51 325120 ----a-w- C:\windows\System32\drivers\usbport.sys
2013-09-04 12:11:49 99840 ----a-w- C:\windows\System32\drivers\usbccgp.sys
2013-09-04 12:11:43 52736 ----a-w- C:\windows\System32\drivers\usbehci.sys
2013-09-04 12:11:43 30720 ----a-w- C:\windows\System32\drivers\usbuhci.sys
2013-09-04 12:11:42 25600 ----a-w- C:\windows\System32\drivers\usbohci.sys
2013-09-04 12:11:40 7808 ----a-w- C:\windows\System32\drivers\usbd.sys
2013-09-03 18:35:10 278800 ------w- C:\windows\System32\MpSigStub.exe
.
============= FINISH: 15:02:26.34 ===============
.