:eek: Whenever I go online, and want to open a new tab, I get hijacked to a page that I never wanted. I also get pop-up ads (I've already elected to not allow pop-ups) and warnings. The worst is a Red F (authentic Flash Player type) which reads: "Please install Flash Player HD to continue (required). It has tree dot points showing what this will provide (watch movies, etc.) Then there's a large INSTALL button. When I clicked on it, it downloaded; and immediately, my virus protection Flashed a warning, saying that the download contained a virus (which it deleted). I am still getting this pop-up. I'm also getting a lot of junk windows behind the scenes of my browser, with jargon that I don't understand, which seem to be telling me of some sort of defect. My browsing experience is a nightmare!
I'm not very experienced with technology, so would appreciate information and instructions you may have for me, to be given in the most simple form you can. :o
My operating system is Win. 7, 64 bit/os, 8 GB Ram
I am attaching all the information that was required on the instruction page.
PLEASE, PLEASE, HELP ME!
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:41:42 AM, on 5/31/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16576)
Boot mode: Normal
Running processes:
C:\Users\Maureen\AppData\Roaming\SearchProtect\bin\cltmng.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe
C:\Program Files (x86)\Hotspot Shield\bin\fbwmgr.exe
C:\Program Files (x86)\Hotspot Shield\bin\fbw.exe
C:\Program Files (x86)\Hotspot Shield\bin\fbw.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Users\Maureen\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files (x86)\IObitCom\tbIOb1.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: (no name) - {739df940-c5ee-4bab-9d7e-270894ae687a} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: GigagetIEHelper - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - C:\Windows\SysWow64\gigagetbho_v10.dll
O2 - BHO: Speed Analysis 2 - {18DBB6CE-3148-4FEC-B481-103CB3290427} - C:\Program Files (x86)\Speed Analysis 2\ScriptHost.dll
O2 - BHO: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files (x86)\IObitCom\tbIOb1.dll
O2 - BHO: Search-Results Toolbar - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll
O2 - BHO: SafeMonitor - {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\Program Files (x86)\SafeMonitor\IE\common.dll
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 2/16/2010 7:38:06 PM
System Uptime: 5/31/2013 9:20:54 AM (3 hours ago)
.
Motherboard: PEGATRON CORPORATION | | Benicia
Processor: Pentium(R) Dual-Core CPU E6300 @ 2.80GHz | CPU 1 | 2800/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 918 GiB total, 708.837 GiB free.
D: is FIXED (NTFS) - 14 GiB total, 0.283 GiB free.
E: is CDROM (UDF)
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP348: 2/25/2013 7:26:44 PM - Installed iTunes
RP349: 2/25/2013 8:18:59 PM - Removed Apple Software Update
RP350: 2/25/2013 9:17:42 PM - Installed iTunes
RP351: 2/26/2013 10:07:11 PM - Windows Update
RP352: 2/27/2013 3:00:25 AM - Windows Update
RP353: 2/27/2013 8:04:58 PM - Installed Java 7 Update 15
RP354: 3/1/2013 8:41:04 PM - Removed Java 7 Update 15
RP355: 3/1/2013 8:42:04 PM - Installed Java 7 Update 15
RP356: 3/4/2013 12:14:26 PM - Removed Java 7 Update 13 (64-bit)
RP357: 3/4/2013 12:15:12 PM - Removed Java 7 Update 15
RP358: 3/4/2013 12:18:43 PM - Installed Java 7 Update 15
RP359: 3/4/2013 12:27:17 PM - Removed Java 7 Update 15
RP360: 3/4/2013 12:28:58 PM - Installed Java 7 Update 15
RP361: 3/4/2013 12:33:49 PM - Removed Java 7 Update 15
RP362: 3/4/2013 4:14:44 PM - Installed Java 7 Update 17
RP363: 3/5/2013 7:13:41 PM - Windows Update
RP364: 3/12/2013 7:46:59 PM - Windows Update
RP365: 3/14/2013 3:00:27 AM - Windows Update
RP366: 3/16/2013 3:00:21 AM - Windows Update
RP367: 3/19/2013 2:56:40 PM - Windows Update
RP368: 3/22/2013 9:57:13 PM - Removed Java 7 Update 17
RP369: 3/22/2013 9:58:08 PM - Installed Java 7 Update 17
RP370: 3/26/2013 3:24:02 AM - Windows Update
RP371: 3/29/2013 12:30:53 PM - Windows Update
RP372: 4/2/2013 3:30:10 PM - Windows Update
RP373: 4/9/2013 4:16:15 PM - Windows Update
RP374: 4/10/2013 3:00:13 AM - Windows Update
RP375: 4/16/2013 3:26:18 PM - Windows Update
RP376: 4/19/2013 3:47:51 PM - Windows Update
RP377: 4/23/2013 7:35:32 AM - Windows Update
RP378: 4/24/2013 9:23:07 PM - Windows Update
RP379: 4/24/2013 10:57:10 PM - Quitado VAFPlayer
RP380: 4/24/2013 11:43:06 PM - Quitado VAFPlayer
RP381: 4/27/2013 3:00:59 AM - Windows Update
RP382: 4/29/2013 12:05:40 PM - Quitado FlashPlayer
RP383: 4/29/2013 1:12:44 PM - Installed Java 7 Update 21
RP384: 4/30/2013 3:26:00 PM - Windows Update
RP385: 5/3/2013 7:27:46 PM - Windows Update
RP386: 5/7/2013 3:06:10 PM - Windows Update
RP387: 5/8/2013 11:19:01 PM - Windows Update
RP388: 5/14/2013 4:43:53 PM - Windows Update
RP389: 5/16/2013 3:00:28 AM - Windows Update
RP390: 5/21/2013 6:16:53 PM - Windows Update
RP391: 5/25/2013 1:10:40 PM - Quitado VAFPlayer
RP392: 5/25/2013 1:11:25 PM - Quitado VAFPlayer
RP393: 5/25/2013 1:12:32 PM - Quitado VAFPlayer
RP394: 5/25/2013 2:04:14 PM - Windows Update
RP395: 5/28/2013 7:22:42 PM - Removed Google Drive
RP396: 5/31/2013 2:45:55 AM - Device Driver Package Install: Anchorfree Inc Network Service
RP397: 5/31/2013 2:46:22 AM - Device Driver Package Install: Anchorfree HSS VPN Adapter Network adapters
RP398: 5/31/2013 9:27:57 AM - Device Driver Package Install: Anchorfree HSS VPN Adapter Network adapters
.
==== Installed Programs ======================
.
4 Great Games GOLD
7 Wonders
AC BOL Combo
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Advanced SystemCare 3
Advanced SystemCare 6
Alternative Flash Player Auto-Updater
Ancient Spirits - Columbus' Legacy
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ask Toolbar
Ask Toolbar Updater
Beyond Atlantis
Big Fish Games: Game Manager
Bonjour
CNET TechTracker
Curse of Atlantis
DefaultTab
Delta Chrome Toolbar
Discovery
DnsBasic 1.0 build 111
DomaIQ
Dream Vacation Solitaire FREE
Escape from Paradise 2
Free PDF Tablet 0.1
Gigaget
Google Gmail Notifier
Google Update Helper
Haunted Manor: Lord of Mirrors
Haunted Manor: Queen of Death
Hidden Mysteries Civil War
Hotspot Shield 2.93
iLivid
Iminent
IncrediMail
IncrediMail 2.0
Intel(R) Graphics Media Accelerator Driver
Internet Explorer Toolbar 4.8 by SweetPacks
InternetHelper3 Firefox Toolbar
IObit Malware Fighter
IObitCom Toolbar
IrfanView (remove only)
iTunes
Java 7 Update 21
Java Auto Updater
Kingsoft Antivirus 2012
LUXOR Adventures
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works 7.0
Midnight Mysteries Salem Witch Trials
MiPony 2.0.2
Mipony Download Manager Packages
Mobile Broadband Generic Drivers
Mozilla Firefox 21.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
My Tribe
Nancy Drew Dossier: Lights, Camera, Curses!
Nancy Drew Dossier: Resorting to Danger
Nero 8 Essentials
neroxml
OpenOffice.org 1.1.3
PCLinq2 High-Speed USB Bridge Cable
PhotoMail Maker
Realtek High Definition Audio Driver
SafeMonitor
Search-Results Toolbar
Search Protect by conduit
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
SelectionLinks
Slingo Quest Hawaii
Smart Defrag 2
Software Version Updater
Speed Analysis 2
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
VCRedistSetup
WhiteSmoke New Toolbar
YouTube Downloader 2.6.2
.
==== Event Viewer Messages From Past Week ========
.
5/31/2013 9:29:05 AM, Error: Service Control Manager [7034] - The Hotspot Shield Routing Service service terminated unexpectedly. It has done this 1 time(s).
5/31/2013 9:28:56 AM, Error: Service Control Manager [7030] - The Hotspot Shield Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
5/31/2013 9:24:03 AM, Error: Service Control Manager [7000] - The My Web Search Service service failed to start due to the following error: The system cannot find the path specified.
5/30/2013 4:46:44 PM, Error: Service Control Manager [7034] - The DnsBasic Service service terminated unexpectedly. It has done this 1 time(s).
5/30/2013 4:46:30 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
5/30/2013 4:46:30 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
5/27/2013 10:39:43 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
5/25/2013 10:43:07 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
5/25/2013 10:43:07 AM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-2147218173.
5/25/2013 1:18:41 PM, Error: Service Control Manager [7034] - The Datamngr Coordinator service terminated unexpectedly. It has done this 7 time(s).
5/25/2013 1:18:37 PM, Error: Service Control Manager [7034] - The Datamngr Coordinator service terminated unexpectedly. It has done this 6 time(s).
5/25/2013 1:18:33 PM, Error: Service Control Manager [7034] - The Datamngr Coordinator service terminated unexpectedly. It has done this 5 time(s).
5/25/2013 1:17:25 PM, Error: Service Control Manager [7034] - The Datamngr Coordinator service terminated unexpectedly. It has done this 4 time(s).
5/25/2013 1:16:22 PM, Error: Service Control Manager [7034] - The Datamngr Coordinator service terminated unexpectedly. It has done this 3 time(s).
5/25/2013 1:14:42 PM, Error: Service Control Manager [7000] - The Datamngr Coordinator service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/25/2013 1:14:27 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Datamngr Coordinator service to connect.
5/25/2013 1:13:48 PM, Error: Service Control Manager [7034] - The Datamngr Coordinator service terminated unexpectedly. It has done this 2 time(s).
5/25/2013 1:13:45 PM, Error: Service Control Manager [7034] - The Datamngr Coordinator service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File =========================
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16576
Run by Maureen at 12:30:43 on 2013-05-31
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8182.6079 [GMT -4:00]
.
AV: Kingsoft Antivirus System Defense *Enabled/Updated* {B6A51389-A795-5AC9-13BA-F569D73F3FE8}
SP: Kingsoft Antivirus System Defense *Enabled/Updated* {0DC4F26D-81AF-5547-290A-CE1BACB87555}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Enabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
c:\program files (x86)\kingsoft\kingsoft antivirus\kxescore.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
C:\Program Files (x86)\Search Results Toolbar\Datamngr\DatamngrCoordinator.exe
C:\Program Files (x86)\DnsBasic\dnsbasic.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\DnsBasic\dnsbasic.exe
C:\Program Files (x86)\Search Results Toolbar\Datamngr\DatamngrUI.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Users\Maureen\AppData\Roaming\SearchProtect\bin\cltmng.exe
C:\Windows\SysWOW64\IoctlSvc.exe
C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\kingsoft\kingsoft antivirus\kxetray.exe
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Hotspot Shield\bin\openvpn.exe
C:\Program Files (x86)\Hotspot Shield\bin\fbwmgr.exe
C:\Program Files (x86)\Hotspot Shield\bin\fbw.exe
C:\Program Files (x86)\Hotspot Shield\bin\fbw.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Windows\explorer.exe
C:\Windows\explorer.exe
C:\Windows\splwow64.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uWindow Title = Internet Explorer, optimized for Bing and MSN
uDefault_Page_URL = hxxp://www.msn.com
mStart Page = about:blank
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uURLSearchHooks: IObitCom Toolbar: {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files (x86)\IObitCom\tbIOb1.dll
uURLSearchHooks: {00A6FAF6-072E-44cf-8957-5838F569A31D} - <orphaned>
uURLSearchHooks: {739df940-c5ee-4bab-9d7e-270894ae687a} - <orphaned>
mURLSearchHooks: IObitCom Toolbar: {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files (x86)\IObitCom\tbIOb1.dll
mURLSearchHooks: {739df940-c5ee-4bab-9d7e-270894ae687a} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: GigagetIEHelper Class: {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - C:\Windows\SysWOW64\gigagetbho_v10.dll
BHO: Speed Analysis 2: {18DBB6CE-3148-4FEC-B481-103CB3290427} - C:\Program Files (x86)\Speed Analysis 2\ScriptHost.dll
BHO: IObitCom Toolbar: {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files (x86)\IObitCom\tbIOb1.dll
BHO: Search-Results Toolbar: {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll
BHO: SafeMonitor: {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\Program Files (x86)\SafeMonitor\IE\common.dll
BHO: {739df940-c5ee-4bab-9d7e-270894ae687a} - <orphaned>
BHO: IMinent WebBooster (BHO): {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: SweetPacks Browser Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
BHO: SelectionLinks: {FDCC62B4-8059-4FCF-8B69-BD2EC413A6F2} - C:\Program Files (x86)\OApps\SelectionLinks.dll
TB: IObitCom Toolbar: {31C7D459-9CC3-44F2-9DCA-FC11795309B4} - C:\Program Files (x86)\IObitCom\tbIOb1.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Search-Results Toolbar: {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
uRun: [SearchProtect] C:\Users\Maureen\AppData\Roaming\SearchProtect\bin\cltmng.exe
mRun: [kxesc] "c:\program files (x86)\kingsoft\kingsoft antivirus\kxetray.exe" -autorun
mRun: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
mRun: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &Download All by Gigaget - C:\Program Files (x86)\Giganology\Gigaget\getallurl.htm
IE: &Download by Gigaget - C:\Program Files (x86)\Giganology\Gigaget\geturl.htm
IE: Download with Mipony - C:\Program Files (x86)\MiPony\Browser\IEContext.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 184.63.128.68 184.63.128.69
TCP: Interfaces\{3984AA3F-7DCF-4D8C-B5BE-9F8CEBD979E3} : DHCPNameServer = 184.63.128.68 184.63.128.69
TCP: Interfaces\{D00609E9-C55A-4FBE-B461-BEC332D3518D} : NameServer = 8.8.8.8
AppInit_DLLs= c:\progra~3\wincert\win32c~1.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Maureen\AppData\Roaming\Mozilla\Firefox\Profiles\74gw9ffi.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3294791&CUI=UN29568632141652720&UM=2&SearchSource=3& q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Vafmusic2 Customized Web Search
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3294791&SearchSource=2&CUI=UN29568632141652720&UM=2& q=
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Users\Maureen\AppData\Roaming\Mozilla\plugins\np-mswmp.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-04-25 23:20; webbooster@iminent.com; C:\Program Files (x86)\Iminent\webbooster@iminent.com
FF - ExtSQL: 2013-04-28 22:43; {FC34D2F1-2EA2-46CA-9E2D-21D668751438}; C:\Users\Maureen\AppData\Roaming\Mozilla\Firefox\Profiles\74gw9ffi.default\ extensions\{FC34D2F1-2EA2-46CA-9E2D-21D668751438}
FF - ExtSQL: 2013-04-28 22:53; {650EED71-89E2-453B-8DCF-2AA1B4AE6EF3}; C:\Program Files (x86)\Mozilla Firefox\extensions\{650EED71-89E2-453B-8DCF-2AA1B4AE6EF3}
FF - ExtSQL: 2013-05-08 21:19; ascsurfingprotection@iobit.com; C:\Users\Maureen\AppData\Roaming\Mozilla\Firefox\Profiles\74gw9ffi.default\ extensions\ascsurfingprotection@iobit.com
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);user_pref('extensions.blocklist.enabled', false);
============= SERVICES / DRIVERS ===============
.
R0 kavbootc;kavbootc;C:\Windows\System32\drivers\kavbootc64.sys [2012-9-15 31848]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefrag Driver.sys [2013-2-8 17720]
R1 HssDRV6;Hotspot Shield Routing Driver 6;C:\Windows\System32\drivers\hssdrv6.sys [2013-4-24 46792]
R1 KDHacker;KDHacker;C:\Program Files (x86)\kingsoft\kingsoft antivirus\security\kxescan\kdhacker64.sys [2012-9-15 164696]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-2-7 574272]
R2 CltMngSvc;Search Protect by Conduit Updater;C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [2013-4-11 93984]
R2 DatamngrCoordinator;Datamngr Coordinator;C:\Program Files (x86)\Search Results Toolbar\Datamngr\DatamngrCoordinator.exe [2013-4-24 3019264]
R2 DnsBasic Service;DnsBasic Service;C:\Program Files (x86)\DnsBasic\dnsbasic.exe [2013-4-28 22528]
R2 hshld;Hotspot Shield Service;C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [2013-1-10 533288]
R2 HssWd;Hotspot Shield Monitoring Service;C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2013-4-26 390440]
R2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-2-8 821592]
R2 kisknl;kisknl;C:\Windows\System32\drivers\kisknl.sys [2012-9-15 210296]
R2 kxescore;Kingsoft Core Service;C:\Program Files (x86)\kingsoft\kingsoft antivirus\kxescore.exe [2012-9-15 123992]
R2 SProtection;SProtection;C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [2013-5-23 2839592]
R3 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-2-8 21384]
R3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2013-2-8 33224]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-3-1 187392]
R3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2013-4-24 42184]
R3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2013-2-8 21904]
R4 KUsbGuard;KUsbGuard;C:\Program Files (x86)\kingsoft\kingsoft antivirus\kusbquery64.sys [2012-12-31 18296]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MyWebSearchService;My Web Search Service; [x]
S3 NWUSBCDFIL64;Novatel Wireless Installation CD;C:\Windows\System32\drivers\NwUsbCdFil64.sys [2008-7-7 25600]
S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;C:\Windows\System32\drivers\nwusbser2.sys [2008-5-9 213120]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-2-24 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-2-24 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-5-9 1255736]
.
=============== Created Last 30 ================
.
2013-05-31 13:30:24 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{445D1481-80B4-4E27-9549-8103A5943E18}\offreg.dll
2013-05-31 06:45:46 -------- d-----w- C:\ProgramData\Hotspot Shield
2013-05-31 06:45:43 -------- d-----w- C:\Program Files (x86)\Hotspot Shield
2013-05-31 06:45:13 -------- d-----w- C:\Users\Maureen\AppData\Roaming\OpenCandy
2013-05-31 06:45:13 -------- d-----w- C:\Program Files (x86)\Alternative Flash Player Auto-Updater
2013-05-31 06:43:16 -------- d-----w- C:\Users\Maureen\AppData\Local\Programs
2013-05-28 11:50:48 9460464 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{445D1481-80B4-4E27-9549-8103A5943E18}\mpengine.dll
2013-05-25 17:32:43 -------- d-----w- C:\Users\Maureen\AppData\Roaming\SparkTrust
2013-05-25 17:32:22 -------- d-----w- C:\Program Files (x86)\Common Files\SparkTrust
2013-05-25 17:32:20 -------- d-----w- C:\ProgramData\SparkTrust
2013-05-25 17:32:20 -------- d-----w- C:\Program Files (x86)\SparkTrust
2013-05-23 23:10:30 -------- d-----w- C:\Users\Maureen\SyncFolder
2013-05-21 22:17:17 -------- d-----w- C:\24fbe1b3e9c09beb6c846f8bee
2013-05-19 22:03:30 -------- d-----w- C:\Users\Maureen\AppData\Roaming\SpeedMaxPc
2013-05-19 22:03:16 -------- d-----w- C:\ProgramData\SpeedMaxPc
2013-05-19 22:03:16 -------- d-----w- C:\Program Files (x86)\SpeedMaxPc
2013-05-19 22:03:16 -------- d-----w- C:\Program Files (x86)\Common Files\SpeedMaxPc
2013-05-19 01:36:42 -------- d-----w- C:\Program Files (x86)\SingAlong
2013-05-17 20:49:19 262552 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2013-05-16 00:33:05 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-05-16 00:33:05 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-05-16 00:33:05 144384 ----a-w- C:\Windows\System32\cdd.dll
2013-05-16 00:32:59 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-05-16 00:32:58 70144 ----a-w- C:\Windows\System32\appinfo.dll
2013-05-16 00:32:58 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-05-16 00:32:58 111448 ----a-w- C:\Windows\System32\consent.exe
2013-05-16 00:32:53 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2013-05-16 00:32:53 230400 ----a-w- C:\Windows\System32\wwansvc.dll
2013-05-16 00:32:52 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-05-12 00:03:41 -------- d-----w- C:\Program Files (x86)\Flash Player Pro
2013-05-10 21:24:36 -------- d-----w- C:\Program Files (x86)\GUMC418.tmp
2013-05-09 03:26:30 -------- d-----w- C:\Windows\SysWow64\RTCOM
2013-05-09 03:26:30 -------- d-----w- C:\Program Files\Realtek
.
==================== Find3M ====================
.
2013-05-28 23:34:33 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-28 23:34:33 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-05-15 18:10:14 9195912 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2013-05-02 06:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-04-24 19:28:08 42184 ----a-w- C:\Windows\System32\drivers\taphss6.sys
2013-04-24 19:18:34 46792 ----a-w- C:\Windows\System32\drivers\hssdrv6.sys
2013-04-18 00:20:34 26432 ----a-w- C:\Windows\System32\RegistryDefragBootTime.exe
2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-11 14:22:56 770384 ----a-w- C:\Windows\SysWow64\msvcr100.dll
2013-04-11 14:22:56 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll
2013-04-05 06:52:14 2242048 ----a-w- C:\Windows\System32\wininet.dll
2013-04-05 06:50:36 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-04-05 06:50:31 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-04-05 06:50:31 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-04-05 05:28:24 1767424 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-04-05 05:26:26 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-04-05 05:26:21 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-04-05 05:26:21 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-04-05 04:43:00 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-04-05 04:29:45 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-04-05 03:51:11 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-04-05 03:38:25 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-04-04 09:36:01 866720 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-04-04 09:35:52 788896 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe
.
============= FINISH: 12:32:29.77 ===============
I hope I did this right. Thanks for your help.
I'm not very experienced with technology, so would appreciate information and instructions you may have for me, to be given in the most simple form you can. :o
My operating system is Win. 7, 64 bit/os, 8 GB Ram
I am attaching all the information that was required on the instruction page.
PLEASE, PLEASE, HELP ME!
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:41:42 AM, on 5/31/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16576)
Boot mode: Normal
Running processes:
C:\Users\Maureen\AppData\Roaming\SearchProtect\bin\cltmng.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe
C:\Program Files (x86)\Hotspot Shield\bin\fbwmgr.exe
C:\Program Files (x86)\Hotspot Shield\bin\fbw.exe
C:\Program Files (x86)\Hotspot Shield\bin\fbw.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Users\Maureen\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files (x86)\IObitCom\tbIOb1.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: (no name) - {739df940-c5ee-4bab-9d7e-270894ae687a} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: GigagetIEHelper - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - C:\Windows\SysWow64\gigagetbho_v10.dll
O2 - BHO: Speed Analysis 2 - {18DBB6CE-3148-4FEC-B481-103CB3290427} - C:\Program Files (x86)\Speed Analysis 2\ScriptHost.dll
O2 - BHO: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files (x86)\IObitCom\tbIOb1.dll
O2 - BHO: Search-Results Toolbar - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll
O2 - BHO: SafeMonitor - {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\Program Files (x86)\SafeMonitor\IE\common.dll
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 2/16/2010 7:38:06 PM
System Uptime: 5/31/2013 9:20:54 AM (3 hours ago)
.
Motherboard: PEGATRON CORPORATION | | Benicia
Processor: Pentium(R) Dual-Core CPU E6300 @ 2.80GHz | CPU 1 | 2800/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 918 GiB total, 708.837 GiB free.
D: is FIXED (NTFS) - 14 GiB total, 0.283 GiB free.
E: is CDROM (UDF)
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP348: 2/25/2013 7:26:44 PM - Installed iTunes
RP349: 2/25/2013 8:18:59 PM - Removed Apple Software Update
RP350: 2/25/2013 9:17:42 PM - Installed iTunes
RP351: 2/26/2013 10:07:11 PM - Windows Update
RP352: 2/27/2013 3:00:25 AM - Windows Update
RP353: 2/27/2013 8:04:58 PM - Installed Java 7 Update 15
RP354: 3/1/2013 8:41:04 PM - Removed Java 7 Update 15
RP355: 3/1/2013 8:42:04 PM - Installed Java 7 Update 15
RP356: 3/4/2013 12:14:26 PM - Removed Java 7 Update 13 (64-bit)
RP357: 3/4/2013 12:15:12 PM - Removed Java 7 Update 15
RP358: 3/4/2013 12:18:43 PM - Installed Java 7 Update 15
RP359: 3/4/2013 12:27:17 PM - Removed Java 7 Update 15
RP360: 3/4/2013 12:28:58 PM - Installed Java 7 Update 15
RP361: 3/4/2013 12:33:49 PM - Removed Java 7 Update 15
RP362: 3/4/2013 4:14:44 PM - Installed Java 7 Update 17
RP363: 3/5/2013 7:13:41 PM - Windows Update
RP364: 3/12/2013 7:46:59 PM - Windows Update
RP365: 3/14/2013 3:00:27 AM - Windows Update
RP366: 3/16/2013 3:00:21 AM - Windows Update
RP367: 3/19/2013 2:56:40 PM - Windows Update
RP368: 3/22/2013 9:57:13 PM - Removed Java 7 Update 17
RP369: 3/22/2013 9:58:08 PM - Installed Java 7 Update 17
RP370: 3/26/2013 3:24:02 AM - Windows Update
RP371: 3/29/2013 12:30:53 PM - Windows Update
RP372: 4/2/2013 3:30:10 PM - Windows Update
RP373: 4/9/2013 4:16:15 PM - Windows Update
RP374: 4/10/2013 3:00:13 AM - Windows Update
RP375: 4/16/2013 3:26:18 PM - Windows Update
RP376: 4/19/2013 3:47:51 PM - Windows Update
RP377: 4/23/2013 7:35:32 AM - Windows Update
RP378: 4/24/2013 9:23:07 PM - Windows Update
RP379: 4/24/2013 10:57:10 PM - Quitado VAFPlayer
RP380: 4/24/2013 11:43:06 PM - Quitado VAFPlayer
RP381: 4/27/2013 3:00:59 AM - Windows Update
RP382: 4/29/2013 12:05:40 PM - Quitado FlashPlayer
RP383: 4/29/2013 1:12:44 PM - Installed Java 7 Update 21
RP384: 4/30/2013 3:26:00 PM - Windows Update
RP385: 5/3/2013 7:27:46 PM - Windows Update
RP386: 5/7/2013 3:06:10 PM - Windows Update
RP387: 5/8/2013 11:19:01 PM - Windows Update
RP388: 5/14/2013 4:43:53 PM - Windows Update
RP389: 5/16/2013 3:00:28 AM - Windows Update
RP390: 5/21/2013 6:16:53 PM - Windows Update
RP391: 5/25/2013 1:10:40 PM - Quitado VAFPlayer
RP392: 5/25/2013 1:11:25 PM - Quitado VAFPlayer
RP393: 5/25/2013 1:12:32 PM - Quitado VAFPlayer
RP394: 5/25/2013 2:04:14 PM - Windows Update
RP395: 5/28/2013 7:22:42 PM - Removed Google Drive
RP396: 5/31/2013 2:45:55 AM - Device Driver Package Install: Anchorfree Inc Network Service
RP397: 5/31/2013 2:46:22 AM - Device Driver Package Install: Anchorfree HSS VPN Adapter Network adapters
RP398: 5/31/2013 9:27:57 AM - Device Driver Package Install: Anchorfree HSS VPN Adapter Network adapters
.
==== Installed Programs ======================
.
4 Great Games GOLD
7 Wonders
AC BOL Combo
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Advanced SystemCare 3
Advanced SystemCare 6
Alternative Flash Player Auto-Updater
Ancient Spirits - Columbus' Legacy
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ask Toolbar
Ask Toolbar Updater
Beyond Atlantis
Big Fish Games: Game Manager
Bonjour
CNET TechTracker
Curse of Atlantis
DefaultTab
Delta Chrome Toolbar
Discovery
DnsBasic 1.0 build 111
DomaIQ
Dream Vacation Solitaire FREE
Escape from Paradise 2
Free PDF Tablet 0.1
Gigaget
Google Gmail Notifier
Google Update Helper
Haunted Manor: Lord of Mirrors
Haunted Manor: Queen of Death
Hidden Mysteries Civil War
Hotspot Shield 2.93
iLivid
Iminent
IncrediMail
IncrediMail 2.0
Intel(R) Graphics Media Accelerator Driver
Internet Explorer Toolbar 4.8 by SweetPacks
InternetHelper3 Firefox Toolbar
IObit Malware Fighter
IObitCom Toolbar
IrfanView (remove only)
iTunes
Java 7 Update 21
Java Auto Updater
Kingsoft Antivirus 2012
LUXOR Adventures
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works 7.0
Midnight Mysteries Salem Witch Trials
MiPony 2.0.2
Mipony Download Manager Packages
Mobile Broadband Generic Drivers
Mozilla Firefox 21.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
My Tribe
Nancy Drew Dossier: Lights, Camera, Curses!
Nancy Drew Dossier: Resorting to Danger
Nero 8 Essentials
neroxml
OpenOffice.org 1.1.3
PCLinq2 High-Speed USB Bridge Cable
PhotoMail Maker
Realtek High Definition Audio Driver
SafeMonitor
Search-Results Toolbar
Search Protect by conduit
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
SelectionLinks
Slingo Quest Hawaii
Smart Defrag 2
Software Version Updater
Speed Analysis 2
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
VCRedistSetup
WhiteSmoke New Toolbar
YouTube Downloader 2.6.2
.
==== Event Viewer Messages From Past Week ========
.
5/31/2013 9:29:05 AM, Error: Service Control Manager [7034] - The Hotspot Shield Routing Service service terminated unexpectedly. It has done this 1 time(s).
5/31/2013 9:28:56 AM, Error: Service Control Manager [7030] - The Hotspot Shield Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
5/31/2013 9:24:03 AM, Error: Service Control Manager [7000] - The My Web Search Service service failed to start due to the following error: The system cannot find the path specified.
5/30/2013 4:46:44 PM, Error: Service Control Manager [7034] - The DnsBasic Service service terminated unexpectedly. It has done this 1 time(s).
5/30/2013 4:46:30 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
5/30/2013 4:46:30 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
5/27/2013 10:39:43 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
5/25/2013 10:43:07 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
5/25/2013 10:43:07 AM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-2147218173.
5/25/2013 1:18:41 PM, Error: Service Control Manager [7034] - The Datamngr Coordinator service terminated unexpectedly. It has done this 7 time(s).
5/25/2013 1:18:37 PM, Error: Service Control Manager [7034] - The Datamngr Coordinator service terminated unexpectedly. It has done this 6 time(s).
5/25/2013 1:18:33 PM, Error: Service Control Manager [7034] - The Datamngr Coordinator service terminated unexpectedly. It has done this 5 time(s).
5/25/2013 1:17:25 PM, Error: Service Control Manager [7034] - The Datamngr Coordinator service terminated unexpectedly. It has done this 4 time(s).
5/25/2013 1:16:22 PM, Error: Service Control Manager [7034] - The Datamngr Coordinator service terminated unexpectedly. It has done this 3 time(s).
5/25/2013 1:14:42 PM, Error: Service Control Manager [7000] - The Datamngr Coordinator service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/25/2013 1:14:27 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Datamngr Coordinator service to connect.
5/25/2013 1:13:48 PM, Error: Service Control Manager [7034] - The Datamngr Coordinator service terminated unexpectedly. It has done this 2 time(s).
5/25/2013 1:13:45 PM, Error: Service Control Manager [7034] - The Datamngr Coordinator service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File =========================
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16576
Run by Maureen at 12:30:43 on 2013-05-31
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8182.6079 [GMT -4:00]
.
AV: Kingsoft Antivirus System Defense *Enabled/Updated* {B6A51389-A795-5AC9-13BA-F569D73F3FE8}
SP: Kingsoft Antivirus System Defense *Enabled/Updated* {0DC4F26D-81AF-5547-290A-CE1BACB87555}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Enabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
c:\program files (x86)\kingsoft\kingsoft antivirus\kxescore.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
C:\Program Files (x86)\Search Results Toolbar\Datamngr\DatamngrCoordinator.exe
C:\Program Files (x86)\DnsBasic\dnsbasic.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\DnsBasic\dnsbasic.exe
C:\Program Files (x86)\Search Results Toolbar\Datamngr\DatamngrUI.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Users\Maureen\AppData\Roaming\SearchProtect\bin\cltmng.exe
C:\Windows\SysWOW64\IoctlSvc.exe
C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\kingsoft\kingsoft antivirus\kxetray.exe
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Hotspot Shield\bin\openvpn.exe
C:\Program Files (x86)\Hotspot Shield\bin\fbwmgr.exe
C:\Program Files (x86)\Hotspot Shield\bin\fbw.exe
C:\Program Files (x86)\Hotspot Shield\bin\fbw.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Windows\explorer.exe
C:\Windows\explorer.exe
C:\Windows\splwow64.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uWindow Title = Internet Explorer, optimized for Bing and MSN
uDefault_Page_URL = hxxp://www.msn.com
mStart Page = about:blank
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uURLSearchHooks: IObitCom Toolbar: {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files (x86)\IObitCom\tbIOb1.dll
uURLSearchHooks: {00A6FAF6-072E-44cf-8957-5838F569A31D} - <orphaned>
uURLSearchHooks: {739df940-c5ee-4bab-9d7e-270894ae687a} - <orphaned>
mURLSearchHooks: IObitCom Toolbar: {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files (x86)\IObitCom\tbIOb1.dll
mURLSearchHooks: {739df940-c5ee-4bab-9d7e-270894ae687a} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: GigagetIEHelper Class: {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - C:\Windows\SysWOW64\gigagetbho_v10.dll
BHO: Speed Analysis 2: {18DBB6CE-3148-4FEC-B481-103CB3290427} - C:\Program Files (x86)\Speed Analysis 2\ScriptHost.dll
BHO: IObitCom Toolbar: {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files (x86)\IObitCom\tbIOb1.dll
BHO: Search-Results Toolbar: {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll
BHO: SafeMonitor: {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\Program Files (x86)\SafeMonitor\IE\common.dll
BHO: {739df940-c5ee-4bab-9d7e-270894ae687a} - <orphaned>
BHO: IMinent WebBooster (BHO): {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: SweetPacks Browser Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
BHO: SelectionLinks: {FDCC62B4-8059-4FCF-8B69-BD2EC413A6F2} - C:\Program Files (x86)\OApps\SelectionLinks.dll
TB: IObitCom Toolbar: {31C7D459-9CC3-44F2-9DCA-FC11795309B4} - C:\Program Files (x86)\IObitCom\tbIOb1.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Search-Results Toolbar: {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
uRun: [SearchProtect] C:\Users\Maureen\AppData\Roaming\SearchProtect\bin\cltmng.exe
mRun: [kxesc] "c:\program files (x86)\kingsoft\kingsoft antivirus\kxetray.exe" -autorun
mRun: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
mRun: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &Download All by Gigaget - C:\Program Files (x86)\Giganology\Gigaget\getallurl.htm
IE: &Download by Gigaget - C:\Program Files (x86)\Giganology\Gigaget\geturl.htm
IE: Download with Mipony - C:\Program Files (x86)\MiPony\Browser\IEContext.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 184.63.128.68 184.63.128.69
TCP: Interfaces\{3984AA3F-7DCF-4D8C-B5BE-9F8CEBD979E3} : DHCPNameServer = 184.63.128.68 184.63.128.69
TCP: Interfaces\{D00609E9-C55A-4FBE-B461-BEC332D3518D} : NameServer = 8.8.8.8
AppInit_DLLs= c:\progra~3\wincert\win32c~1.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Maureen\AppData\Roaming\Mozilla\Firefox\Profiles\74gw9ffi.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3294791&CUI=UN29568632141652720&UM=2&SearchSource=3& q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Vafmusic2 Customized Web Search
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3294791&SearchSource=2&CUI=UN29568632141652720&UM=2& q=
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Users\Maureen\AppData\Roaming\Mozilla\plugins\np-mswmp.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-04-25 23:20; webbooster@iminent.com; C:\Program Files (x86)\Iminent\webbooster@iminent.com
FF - ExtSQL: 2013-04-28 22:43; {FC34D2F1-2EA2-46CA-9E2D-21D668751438}; C:\Users\Maureen\AppData\Roaming\Mozilla\Firefox\Profiles\74gw9ffi.default\ extensions\{FC34D2F1-2EA2-46CA-9E2D-21D668751438}
FF - ExtSQL: 2013-04-28 22:53; {650EED71-89E2-453B-8DCF-2AA1B4AE6EF3}; C:\Program Files (x86)\Mozilla Firefox\extensions\{650EED71-89E2-453B-8DCF-2AA1B4AE6EF3}
FF - ExtSQL: 2013-05-08 21:19; ascsurfingprotection@iobit.com; C:\Users\Maureen\AppData\Roaming\Mozilla\Firefox\Profiles\74gw9ffi.default\ extensions\ascsurfingprotection@iobit.com
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);user_pref('extensions.blocklist.enabled', false);
============= SERVICES / DRIVERS ===============
.
R0 kavbootc;kavbootc;C:\Windows\System32\drivers\kavbootc64.sys [2012-9-15 31848]
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefrag Driver.sys [2013-2-8 17720]
R1 HssDRV6;Hotspot Shield Routing Driver 6;C:\Windows\System32\drivers\hssdrv6.sys [2013-4-24 46792]
R1 KDHacker;KDHacker;C:\Program Files (x86)\kingsoft\kingsoft antivirus\security\kxescan\kdhacker64.sys [2012-9-15 164696]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-2-7 574272]
R2 CltMngSvc;Search Protect by Conduit Updater;C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [2013-4-11 93984]
R2 DatamngrCoordinator;Datamngr Coordinator;C:\Program Files (x86)\Search Results Toolbar\Datamngr\DatamngrCoordinator.exe [2013-4-24 3019264]
R2 DnsBasic Service;DnsBasic Service;C:\Program Files (x86)\DnsBasic\dnsbasic.exe [2013-4-28 22528]
R2 hshld;Hotspot Shield Service;C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [2013-1-10 533288]
R2 HssWd;Hotspot Shield Monitoring Service;C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2013-4-26 390440]
R2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-2-8 821592]
R2 kisknl;kisknl;C:\Windows\System32\drivers\kisknl.sys [2012-9-15 210296]
R2 kxescore;Kingsoft Core Service;C:\Program Files (x86)\kingsoft\kingsoft antivirus\kxescore.exe [2012-9-15 123992]
R2 SProtection;SProtection;C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [2013-5-23 2839592]
R3 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-2-8 21384]
R3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2013-2-8 33224]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-3-1 187392]
R3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2013-4-24 42184]
R3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2013-2-8 21904]
R4 KUsbGuard;KUsbGuard;C:\Program Files (x86)\kingsoft\kingsoft antivirus\kusbquery64.sys [2012-12-31 18296]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MyWebSearchService;My Web Search Service; [x]
S3 NWUSBCDFIL64;Novatel Wireless Installation CD;C:\Windows\System32\drivers\NwUsbCdFil64.sys [2008-7-7 25600]
S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;C:\Windows\System32\drivers\nwusbser2.sys [2008-5-9 213120]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-2-24 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-2-24 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-5-9 1255736]
.
=============== Created Last 30 ================
.
2013-05-31 13:30:24 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{445D1481-80B4-4E27-9549-8103A5943E18}\offreg.dll
2013-05-31 06:45:46 -------- d-----w- C:\ProgramData\Hotspot Shield
2013-05-31 06:45:43 -------- d-----w- C:\Program Files (x86)\Hotspot Shield
2013-05-31 06:45:13 -------- d-----w- C:\Users\Maureen\AppData\Roaming\OpenCandy
2013-05-31 06:45:13 -------- d-----w- C:\Program Files (x86)\Alternative Flash Player Auto-Updater
2013-05-31 06:43:16 -------- d-----w- C:\Users\Maureen\AppData\Local\Programs
2013-05-28 11:50:48 9460464 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{445D1481-80B4-4E27-9549-8103A5943E18}\mpengine.dll
2013-05-25 17:32:43 -------- d-----w- C:\Users\Maureen\AppData\Roaming\SparkTrust
2013-05-25 17:32:22 -------- d-----w- C:\Program Files (x86)\Common Files\SparkTrust
2013-05-25 17:32:20 -------- d-----w- C:\ProgramData\SparkTrust
2013-05-25 17:32:20 -------- d-----w- C:\Program Files (x86)\SparkTrust
2013-05-23 23:10:30 -------- d-----w- C:\Users\Maureen\SyncFolder
2013-05-21 22:17:17 -------- d-----w- C:\24fbe1b3e9c09beb6c846f8bee
2013-05-19 22:03:30 -------- d-----w- C:\Users\Maureen\AppData\Roaming\SpeedMaxPc
2013-05-19 22:03:16 -------- d-----w- C:\ProgramData\SpeedMaxPc
2013-05-19 22:03:16 -------- d-----w- C:\Program Files (x86)\SpeedMaxPc
2013-05-19 22:03:16 -------- d-----w- C:\Program Files (x86)\Common Files\SpeedMaxPc
2013-05-19 01:36:42 -------- d-----w- C:\Program Files (x86)\SingAlong
2013-05-17 20:49:19 262552 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2013-05-16 00:33:05 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-05-16 00:33:05 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-05-16 00:33:05 144384 ----a-w- C:\Windows\System32\cdd.dll
2013-05-16 00:32:59 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-05-16 00:32:58 70144 ----a-w- C:\Windows\System32\appinfo.dll
2013-05-16 00:32:58 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-05-16 00:32:58 111448 ----a-w- C:\Windows\System32\consent.exe
2013-05-16 00:32:53 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2013-05-16 00:32:53 230400 ----a-w- C:\Windows\System32\wwansvc.dll
2013-05-16 00:32:52 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-05-12 00:03:41 -------- d-----w- C:\Program Files (x86)\Flash Player Pro
2013-05-10 21:24:36 -------- d-----w- C:\Program Files (x86)\GUMC418.tmp
2013-05-09 03:26:30 -------- d-----w- C:\Windows\SysWow64\RTCOM
2013-05-09 03:26:30 -------- d-----w- C:\Program Files\Realtek
.
==================== Find3M ====================
.
2013-05-28 23:34:33 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-28 23:34:33 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-05-15 18:10:14 9195912 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2013-05-02 06:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-04-24 19:28:08 42184 ----a-w- C:\Windows\System32\drivers\taphss6.sys
2013-04-24 19:18:34 46792 ----a-w- C:\Windows\System32\drivers\hssdrv6.sys
2013-04-18 00:20:34 26432 ----a-w- C:\Windows\System32\RegistryDefragBootTime.exe
2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-11 14:22:56 770384 ----a-w- C:\Windows\SysWow64\msvcr100.dll
2013-04-11 14:22:56 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll
2013-04-05 06:52:14 2242048 ----a-w- C:\Windows\System32\wininet.dll
2013-04-05 06:50:36 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-04-05 06:50:31 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-04-05 06:50:31 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-04-05 05:28:24 1767424 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-04-05 05:26:26 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-04-05 05:26:21 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-04-05 05:26:21 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-04-05 04:43:00 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-04-05 04:29:45 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-04-05 03:51:11 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-04-05 03:38:25 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-04-04 09:36:01 866720 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-04-04 09:35:52 788896 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe
.
============= FINISH: 12:32:29.77 ===============
I hope I did this right. Thanks for your help.