Please Help,
I have run malware and the other logs if anyone could take a look and help me figure out what has made it's way into my computer?
Thanks!!
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2013.04.24.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Wilson Family :: WILSONFAMILY-PC [administrator]
4/23/2013 9:38:11 PM
mbam-log-2013-04-23 (21-38-11).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 210683
Time elapsed: 5 minute(s), 25 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 1
C:\Users\Wilson Family\AppData\Local\Playtopus\Playtopus.dll (PUP.PlayTopus) -> Delete on reboot.
Registry Keys Detected: 12
HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKCR\Updater.AmiUpd.1 (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKCR\Updater.AmiUpd (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKCR\CLSID\{8EBA1B69-99D8-4135-BD43-729BA79D5CC4} (PUP.PlayTopus) -> Quarantined and deleted successfully.
HKCR\Playtopus.Module.1 (PUP.PlayTopus) -> Quarantined and deleted successfully.
HKCR\Playtopus.Module (PUP.PlayTopus) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8EBA1B69-99D8-4135-BD43-729BA79D5CC4} (PUP.PlayTopus) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{8EBA1B69-99D8-4135-BD43-729BA79D5CC4} (PUP.PlayTopus) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8EBA1B69-99D8-4135-BD43-729BA79D5CC4} (PUP.PlayTopus) -> Quarantined and deleted successfully.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 3
C:\Users\Wilson Family\AppData\Local\SwvUpdater\Updater.exe (PUP.Software.Updater) -> Quarantined and deleted successfully.
C:\Users\Wilson Family\AppData\Local\Playtopus\Playtopus.dll (PUP.PlayTopus) -> Quarantined and deleted successfully.
C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Quarantined and deleted successfully.
(end)
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16476 BrowserJavaVersion: 1.6.0_01
Run by Wilson Family at 21:58:06 on 2013-04-23
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.6007.4132 [GMT -6:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\PROGRA~2\UTILIT~2\bar\1.bin\49barsvc.exe
C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegrator64.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Users\Wilson Family\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
C:\Program Files (x86)\Consumer Input\dca-ua.exe
C:\Users\Wilson Family\AppData\Roaming\SearchProtect\bin\cltmng.exe
C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe
C:\Program Files (x86)\Iminent\Iminent.exe
C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
C:\Users\Wilson Family\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
uURLSearchHooks: <No Name>: {7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrcAs.dll
uURLSearchHooks: WiseConvert B2 Toolbar: {da7a20cf-bef4-4342-ad78-0240fdf87055} - C:\Program Files (x86)\WiseConvert_B2\prxtbWise.dll
uURLSearchHooks: WhiteSmoke New Toolbar: {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll
mURLSearchHooks: WiseConvert B2 Toolbar: {da7a20cf-bef4-4342-ad78-0240fdf87055} - C:\Program Files (x86)\WiseConvert_B2\prxtbWise.dll
mURLSearchHooks: WhiteSmoke New Toolbar: {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll
mWinlogon: Userinit = userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: Search Assistant BHO: {06e05b40-77fa-40b6-9077-ed1a7577b1ef} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrcAs.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: SearchDonkey: {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\Program Files (x86)\SearchDonkey\IE\common.dll
BHO: Toolbar BHO: {58f7b5ca-1162-42e8-8bbc-d543b4edd780} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll
BHO: WhiteSmoke New Toolbar: {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll
BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_01\bin\ssv.dll
BHO: GetSavin 5.0: {843B0FD0-ED4D-488A-8FD9-3C20882A37E2} - C:\Users\Wilson Family\AppData\Local\getsavin\ie\getsavin_1366483201.dll
BHO: IMinent WebBooster (BHO): {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll
BHO: Wajam: {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll
BHO: Arcadesafari BHO: {adff4c9a-4f49-4a1f-8885-360e107b7938} -
BHO: DCA BHO: {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files (x86)\Consumer Input\dca-bho.dll
BHO: WiseConvert B2 Toolbar: {da7a20cf-bef4-4342-ad78-0240fdf87055} - C:\Program Files (x86)\WiseConvert_B2\prxtbWise.dll
BHO: Save Valet: {F0F12903-DE76-4DF7-BCDC-0A0689151189} - C:\Program Files (x86)\SaveValet\ie\SaveValetIE_32.dll
TB: WiseConvert B2 Toolbar: {DA7A20CF-BEF4-4342-AD78-0240FDF87055} - C:\Program Files (x86)\WiseConvert_B2\prxtbWise.dll
TB: WhiteSmoke New Toolbar: {739DF940-C5EE-4BAB-9D7E-270894AE687A} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll
TB: Utility Chest: {CF67755F-9265-449C-87CF-B945519E073B} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: Utility Chest: {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll
TB: WiseConvert B2 Toolbar: {da7a20cf-bef4-4342-ad78-0240fdf87055} - C:\Program Files (x86)\WiseConvert_B2\prxtbWise.dll
TB: WhiteSmoke New Toolbar: {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll
uRun: [Google Update] "C:\Users\Wilson Family\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [6067C2AC2210922E522273F2366461E9D62B57A2._service_run] "C:\Users\Wilson Family\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
uRun: [Consumer Input Update] C:\Program Files (x86)\Consumer Input\dca-ua.exe
uRun: [SearchProtect] C:\Users\Wilson Family\AppData\Roaming\SearchProtect\bin\cltmng.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Utility Chest Search Scope Monitor] "C:\PROGRA~2\UTILIT~2\bar\1.bin\49srchmn.exe" /m=2 /w /h
mRun: [UtilityChest_49 Browser Plugin Loader] C:\PROGRA~2\UTILIT~2\bar\1.bin\49brmon.exe
mRun: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
mRun: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
mRun: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
StartupFolder: C:\Users\WILSON~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Wilson Family\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\WILSON~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
Trusted Zone: dell.com
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
TCP: NameServer = 24.116.2.50 24.116.2.34
TCP: Interfaces\{CA1381DF-366E-48FD-8589-502F15D5AA28} : DHCPNameServer = 24.116.2.50 24.116.2.34
TCP: Interfaces\{CA1381DF-366E-48FD-8589-502F15D5AA28}\24271636B6E697 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{F4124FCD-4933-47A5-BAED-F8259ABFECA1} : DHCPNameServer = 192.168.1.254
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-BHO: Save Valet: {F0F12903-DE76-4DF7-BCDC-0A0689151189} - C:\Program Files (x86)\SaveValet\ie\SaveValetIE_64.dll
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [Utility Chest Home Page Guard 64 bit] "C:\PROGRA~2\UTILIT~2\bar\1.bin\AppIntegrator64.exe"
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Wilson Family\AppData\Roaming\Mozilla\Firefox\Profiles\bdoewn14.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&CUI=UN12672257132617302&UM=2&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - WhiteSmoke New Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3289847&octid=CT3289847&SearchSource=61&CUI=UN12672257132617302&UM=2&UP=SPA2266B28-C0FA-4424-BC75-172324ED7F2A
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&SearchSource=2&CUI=UN12672257132617302&UM=2&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\Users\Wilson Family\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-04-20 12:39; webbooster@iminent.com; C:\Program Files (x86)\Iminent\webbooster@iminent.com
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-1-27 203776]
R2 CltMngSvc;Search Protect by Conduit Updater;C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [2013-4-11 93984]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-31 130008]
R2 SProtection;SProtection;C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe [2013-4-2 2795048]
R2 UtilityChest_49Service;Utility ChestService;C:\PROGRA~2\UTILIT~2\bar\1.bin\49barsvc.exe [2013-4-20 42504]
R2 WajamUpdater;WajamUpdater;C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [2013-4-4 109064]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-10-16 321064]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]
R3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-1-11 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-1-12 1255736]
.
=============== Created Last 30 ================
.
2013-04-24 03:37:40 -------- d-----w- C:\Users\Wilson Family\AppData\Roaming\Malwarebytes
2013-04-24 03:37:23 -------- d-----w- C:\ProgramData\Malwarebytes
2013-04-24 03:37:22 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-04-24 03:37:22 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-04-23 17:21:24 905296 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E279BA8-2BE8-43F1-ABB9-4281986CA915}\gapaengine.dll
2013-04-23 17:20:37 9317456 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0B2CF884-3EA1-4440-ACFE-E70081CE564E}\mpengine.dll
2013-04-21 19:10:27 9317456 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-04-20 22:57:55 -------- d-----w- C:\Program Files\CCleaner
2013-04-20 18:45:12 -------- d-----w- C:\Users\Wilson Family\AppData\Local\Playtopus
2013-04-20 18:45:04 -------- d-----w- C:\Program Files (x86)\SearchDonkey
2013-04-20 18:40:40 -------- d-----w- C:\Users\Wilson Family\AppData\Local\SwvUpdater
2013-04-20 18:40:27 -------- d-----w- C:\Program Files (x86)\WhiteSmoke_New
2013-04-20 18:40:20 -------- d-----w- C:\Users\Wilson Family\AppData\Roaming\Iminent
2013-04-20 18:40:07 -------- d-----w- C:\ProgramData\Iminent
2013-04-20 18:40:06 -------- d-----w- C:\Users\Wilson Family\AppData\Local\CRE
2013-04-20 18:39:44 -------- d-----w- C:\Program Files (x86)\Common Files\Umbrella
2013-04-20 18:39:41 -------- d-----w- C:\Program Files (x86)\Iminent
2013-04-20 18:39:24 -------- d-----w- C:\Users\Wilson Family\AppData\Local\Wajam
2013-04-20 18:39:22 -------- d-----w- C:\Program Files (x86)\Wajam
2013-04-20 18:39:19 -------- d-----w- C:\Users\Wilson Family\AppData\Local\getsavin
2013-04-20 18:36:11 -------- d-----w- C:\Program Files (x86)\SearchProtect
2013-04-20 18:35:59 -------- d-----w- C:\Users\Wilson Family\AppData\Roaming\SearchProtect
2013-04-20 18:35:59 -------- d-----w- C:\Program Files (x86)\Conduit
2013-04-20 18:35:56 -------- d-----w- C:\Users\Wilson Family\AppData\Local\Conduit
2013-04-20 18:35:56 -------- d-----w- C:\Program Files (x86)\WiseConvert_B2
2013-04-20 18:33:23 -------- d-----w- C:\Users\Wilson Family\AppData\Local\Redlynx
2013-04-20 18:29:04 -------- d-----w- C:\Users\Wilson Family\AppData\Local\IAC
2013-04-20 18:29:03 -------- d-----w- C:\Users\Wilson Family\AppData\Local\UtilityChest_49
2013-04-20 18:27:19 -------- d-----w- C:\Program Files (x86)\UtilityChest_49
2013-04-20 18:24:12 -------- d-----w- C:\ProgramData\boost_interprocess
2013-04-20 18:22:19 -------- d-----w- C:\Program Files (x86)\SaveValet
2013-04-20 18:22:14 -------- d-----w- C:\Program Files (x86)\Consumer Input
2013-04-20 18:17:01 -------- d-----w- C:\Program Files (x86)\Yahoo!
2013-04-20 18:16:31 -------- d-----w- C:\ProgramData\APN
2013-04-19 21:36:39 5081608 ----a-w- C:\Windows\System32\d3dx9_36.dll
2013-04-19 21:36:39 3734536 ----a-w- C:\Windows\SysWow64\d3dx9_36.dll
2013-04-19 21:36:38 81768 ----a-w- C:\Windows\SysWow64\xinput1_3.dll
2013-04-19 21:36:38 107368 ----a-w- C:\Windows\System32\xinput1_3.dll
2013-04-19 21:36:25 419840 ----a-w- C:\Windows\System32\wrap_oal.dll
2013-04-19 21:36:25 133632 ----a-w- C:\Windows\System32\OpenAL32.dll
2013-04-19 21:36:25 -------- d-----w- C:\Program Files (x86)\OpenAL
2013-04-19 21:36:24 413696 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2013-04-19 21:36:24 110592 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2013-04-19 21:36:21 -------- d-----w- C:\Program Files (x86)\Trials 2 Second Edition
2013-04-18 02:14:45 -------- d-----w- C:\Program Files super clean
2013-04-11 09:00:59 887808 ----a-w- C:\Program Files\Internet Explorer\iedvtool.dll
2013-04-11 09:00:59 678912 ----a-w- C:\Program Files (x86)\Internet Explorer\iedvtool.dll
2013-04-11 09:00:59 499200 ----a-w- C:\Program Files\Internet Explorer\jsdbgui.dll
2013-04-11 09:00:59 387584 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdbgui.dll
2013-04-10 20:49:03 3717632 ----a-w- C:\Windows\System32\mstscax.dll
2013-04-10 20:49:03 3217408 ----a-w- C:\Windows\SysWow64\mstscax.dll
2013-04-10 20:49:02 44032 ----a-w- C:\Windows\System32\tsgqec.dll
2013-04-10 20:49:02 36864 ----a-w- C:\Windows\SysWow64\tsgqec.dll
2013-04-10 20:49:02 158720 ----a-w- C:\Windows\System32\aaclient.dll
2013-04-10 20:49:02 131584 ----a-w- C:\Windows\SysWow64\aaclient.dll
2013-04-10 20:48:30 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-04-10 20:48:14 1655656 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-10 20:48:09 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2013-04-10 20:47:58 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-04-10 20:47:58 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-04-10 20:47:58 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-04-10 20:47:57 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-04-10 20:47:57 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-04-10 20:47:57 112640 ----a-w- C:\Windows\System32\smss.exe
2013-03-26 00:29:49 -------- d-----w- C:\ProgramData\Oberon Media
2013-03-26 00:29:42 -------- d-----w- C:\Users\Wilson Family\AppData\Local\Arcadesafari
2013-03-25 23:34:56 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
.
==================== Find3M ====================
.
2013-04-02 10:34:28 282744 ------w- C:\Windows\System32\MpSigStub.exe
2013-02-22 06:27:49 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-02-22 06:20:51 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-02-22 06:19:37 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-02-22 06:15:48 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-02-22 06:15:23 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-02-22 06:12:41 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-02-22 03:46:00 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-02-22 03:38:00 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-02-22 03:37:50 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-02-22 03:34:17 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-02-22 03:34:03 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-02-22 03:31:46 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
.
============= FINISH: 21:58:26.04 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 1/8/2013 11:40:38 PM
System Uptime: 4/23/2013 9:50:07 PM (0 hours ago)
.
Motherboard: Dell Inc. | | 0C2KJT
Processor: Intel(R) Core(TM) i5 CPU 650 @ 3.20GHz | CPU 1 | 2784/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 332 GiB total, 180.788 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
I: is FIXED (NTFS) - 586 GiB total, 585.792 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: MTP Bluetooth Device
Device ID: ROOT\UNKNOWN\0000
Manufacturer: (Standard MTP Device)
Name: MTP Bluetooth Device
PNP Device ID: ROOT\UNKNOWN\0000
Service: WUDFRd
.
==== System Restore Points ===================
.
RP43: 3/29/2013 10:58:10 AM - Windows Update
RP44: 4/1/2013 12:15:05 PM - Windows Update
RP45: 4/4/2013 5:35:32 PM - Windows Update
RP46: 4/7/2013 6:07:45 PM - Windows Update
RP47: 4/11/2013 3:00:27 AM - Windows Update
RP48: 4/15/2013 11:36:34 AM - Windows Update
RP49: 4/18/2013 3:14:33 PM - Windows Update
RP50: 4/19/2013 3:36:25 PM - Installed DirectX
RP51: 4/23/2013 11:18:06 AM - Windows Update
.
==== Installed Programs ======================
.
7-Zip 9.20
7-Zip 9.20 (x64 edition)
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.02)
Adobe Shockwave Player 11.6
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Arcadesafari
Bonjour
Broadcom NetXtreme-I Netlink Driver and Management Installer
CCleaner
Consumer Input Software (remove only)
Dell System Detect
Dropbox
DW 1525 Driver Installation
GetSavin
Google Chrome
Google Update Helper
iCloud
iLivid
ImgBurn
Iminent
iTunes
Java 7 Update 10 (64-bit)
Java(TM) SE Runtime Environment 6 Update 1
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Mozilla Firefox 18.0 (x86 en-US)
Mozilla Maintenance Service
MP3 Rocket
OpenAL
PDFCreator
Playtopus
Revo Uninstaller 1.94
SaveValet IE - Stop overpaying! Instantly get the lowest price and best deals right as you shop.
Search Protect by conduit
SearchDonkey
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Skype™ 6.0
swMSM
Trials 2 Second Edition
Unity Web Player
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Utility Chest Toolbar
VLC media player 2.0.5
Wajam
WhiteSmoke New Toolbar
WiseConvert B2 Toolbar
XnView 1.99.6
Yahoo! Software Update
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
4/23/2013 9:51:35 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
4/23/2013 9:51:34 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
4/20/2013 12:40:40 PM, Error: Service Control Manager [7034] - The WajamUpdater service terminated unexpectedly. It has done this 1 time(s).
4/20/2013 12:39:48 PM, Error: Service Control Manager [7030] - The SProtection service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
4/17/2013 5:36:54 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk5\DR5.
.
==== End Of File ===========================
I have run malware and the other logs if anyone could take a look and help me figure out what has made it's way into my computer?
Thanks!!
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2013.04.24.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Wilson Family :: WILSONFAMILY-PC [administrator]
4/23/2013 9:38:11 PM
mbam-log-2013-04-23 (21-38-11).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 210683
Time elapsed: 5 minute(s), 25 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 1
C:\Users\Wilson Family\AppData\Local\Playtopus\Playtopus.dll (PUP.PlayTopus) -> Delete on reboot.
Registry Keys Detected: 12
HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKCR\Updater.AmiUpd.1 (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKCR\Updater.AmiUpd (PUP.Software.Updater) -> Quarantined and deleted successfully.
HKCR\CLSID\{8EBA1B69-99D8-4135-BD43-729BA79D5CC4} (PUP.PlayTopus) -> Quarantined and deleted successfully.
HKCR\Playtopus.Module.1 (PUP.PlayTopus) -> Quarantined and deleted successfully.
HKCR\Playtopus.Module (PUP.PlayTopus) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8EBA1B69-99D8-4135-BD43-729BA79D5CC4} (PUP.PlayTopus) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{8EBA1B69-99D8-4135-BD43-729BA79D5CC4} (PUP.PlayTopus) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8EBA1B69-99D8-4135-BD43-729BA79D5CC4} (PUP.PlayTopus) -> Quarantined and deleted successfully.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 3
C:\Users\Wilson Family\AppData\Local\SwvUpdater\Updater.exe (PUP.Software.Updater) -> Quarantined and deleted successfully.
C:\Users\Wilson Family\AppData\Local\Playtopus\Playtopus.dll (PUP.PlayTopus) -> Quarantined and deleted successfully.
C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Quarantined and deleted successfully.
(end)
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16476 BrowserJavaVersion: 1.6.0_01
Run by Wilson Family at 21:58:06 on 2013-04-23
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.6007.4132 [GMT -6:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\PROGRA~2\UTILIT~2\bar\1.bin\49barsvc.exe
C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegrator64.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Users\Wilson Family\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
C:\Program Files (x86)\Consumer Input\dca-ua.exe
C:\Users\Wilson Family\AppData\Roaming\SearchProtect\bin\cltmng.exe
C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe
C:\Program Files (x86)\Iminent\Iminent.exe
C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
C:\Users\Wilson Family\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
uURLSearchHooks: <No Name>: {7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrcAs.dll
uURLSearchHooks: WiseConvert B2 Toolbar: {da7a20cf-bef4-4342-ad78-0240fdf87055} - C:\Program Files (x86)\WiseConvert_B2\prxtbWise.dll
uURLSearchHooks: WhiteSmoke New Toolbar: {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll
mURLSearchHooks: WiseConvert B2 Toolbar: {da7a20cf-bef4-4342-ad78-0240fdf87055} - C:\Program Files (x86)\WiseConvert_B2\prxtbWise.dll
mURLSearchHooks: WhiteSmoke New Toolbar: {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll
mWinlogon: Userinit = userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: Search Assistant BHO: {06e05b40-77fa-40b6-9077-ed1a7577b1ef} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrcAs.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: SearchDonkey: {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\Program Files (x86)\SearchDonkey\IE\common.dll
BHO: Toolbar BHO: {58f7b5ca-1162-42e8-8bbc-d543b4edd780} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll
BHO: WhiteSmoke New Toolbar: {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll
BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_01\bin\ssv.dll
BHO: GetSavin 5.0: {843B0FD0-ED4D-488A-8FD9-3C20882A37E2} - C:\Users\Wilson Family\AppData\Local\getsavin\ie\getsavin_1366483201.dll
BHO: IMinent WebBooster (BHO): {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll
BHO: Wajam: {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll
BHO: Arcadesafari BHO: {adff4c9a-4f49-4a1f-8885-360e107b7938} -
BHO: DCA BHO: {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files (x86)\Consumer Input\dca-bho.dll
BHO: WiseConvert B2 Toolbar: {da7a20cf-bef4-4342-ad78-0240fdf87055} - C:\Program Files (x86)\WiseConvert_B2\prxtbWise.dll
BHO: Save Valet: {F0F12903-DE76-4DF7-BCDC-0A0689151189} - C:\Program Files (x86)\SaveValet\ie\SaveValetIE_32.dll
TB: WiseConvert B2 Toolbar: {DA7A20CF-BEF4-4342-AD78-0240FDF87055} - C:\Program Files (x86)\WiseConvert_B2\prxtbWise.dll
TB: WhiteSmoke New Toolbar: {739DF940-C5EE-4BAB-9D7E-270894AE687A} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll
TB: Utility Chest: {CF67755F-9265-449C-87CF-B945519E073B} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: Utility Chest: {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll
TB: WiseConvert B2 Toolbar: {da7a20cf-bef4-4342-ad78-0240fdf87055} - C:\Program Files (x86)\WiseConvert_B2\prxtbWise.dll
TB: WhiteSmoke New Toolbar: {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll
uRun: [Google Update] "C:\Users\Wilson Family\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [6067C2AC2210922E522273F2366461E9D62B57A2._service_run] "C:\Users\Wilson Family\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
uRun: [Consumer Input Update] C:\Program Files (x86)\Consumer Input\dca-ua.exe
uRun: [SearchProtect] C:\Users\Wilson Family\AppData\Roaming\SearchProtect\bin\cltmng.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_01\bin\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Utility Chest Search Scope Monitor] "C:\PROGRA~2\UTILIT~2\bar\1.bin\49srchmn.exe" /m=2 /w /h
mRun: [UtilityChest_49 Browser Plugin Loader] C:\PROGRA~2\UTILIT~2\bar\1.bin\49brmon.exe
mRun: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
mRun: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
mRun: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
StartupFolder: C:\Users\WILSON~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Wilson Family\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\WILSON~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
Trusted Zone: dell.com
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
TCP: NameServer = 24.116.2.50 24.116.2.34
TCP: Interfaces\{CA1381DF-366E-48FD-8589-502F15D5AA28} : DHCPNameServer = 24.116.2.50 24.116.2.34
TCP: Interfaces\{CA1381DF-366E-48FD-8589-502F15D5AA28}\24271636B6E697 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{F4124FCD-4933-47A5-BAED-F8259ABFECA1} : DHCPNameServer = 192.168.1.254
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-BHO: Save Valet: {F0F12903-DE76-4DF7-BCDC-0A0689151189} - C:\Program Files (x86)\SaveValet\ie\SaveValetIE_64.dll
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [Utility Chest Home Page Guard 64 bit] "C:\PROGRA~2\UTILIT~2\bar\1.bin\AppIntegrator64.exe"
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Wilson Family\AppData\Roaming\Mozilla\Firefox\Profiles\bdoewn14.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&CUI=UN12672257132617302&UM=2&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - WhiteSmoke New Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3289847&octid=CT3289847&SearchSource=61&CUI=UN12672257132617302&UM=2&UP=SPA2266B28-C0FA-4424-BC75-172324ED7F2A
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&SearchSource=2&CUI=UN12672257132617302&UM=2&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\Users\Wilson Family\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-04-20 12:39; webbooster@iminent.com; C:\Program Files (x86)\Iminent\webbooster@iminent.com
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-1-27 203776]
R2 CltMngSvc;Search Protect by Conduit Updater;C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [2013-4-11 93984]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-31 130008]
R2 SProtection;SProtection;C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe [2013-4-2 2795048]
R2 UtilityChest_49Service;Utility ChestService;C:\PROGRA~2\UTILIT~2\bar\1.bin\49barsvc.exe [2013-4-20 42504]
R2 WajamUpdater;WajamUpdater;C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [2013-4-4 109064]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-10-16 321064]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]
R3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-1-11 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-1-12 1255736]
.
=============== Created Last 30 ================
.
2013-04-24 03:37:40 -------- d-----w- C:\Users\Wilson Family\AppData\Roaming\Malwarebytes
2013-04-24 03:37:23 -------- d-----w- C:\ProgramData\Malwarebytes
2013-04-24 03:37:22 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-04-24 03:37:22 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-04-23 17:21:24 905296 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E279BA8-2BE8-43F1-ABB9-4281986CA915}\gapaengine.dll
2013-04-23 17:20:37 9317456 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0B2CF884-3EA1-4440-ACFE-E70081CE564E}\mpengine.dll
2013-04-21 19:10:27 9317456 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-04-20 22:57:55 -------- d-----w- C:\Program Files\CCleaner
2013-04-20 18:45:12 -------- d-----w- C:\Users\Wilson Family\AppData\Local\Playtopus
2013-04-20 18:45:04 -------- d-----w- C:\Program Files (x86)\SearchDonkey
2013-04-20 18:40:40 -------- d-----w- C:\Users\Wilson Family\AppData\Local\SwvUpdater
2013-04-20 18:40:27 -------- d-----w- C:\Program Files (x86)\WhiteSmoke_New
2013-04-20 18:40:20 -------- d-----w- C:\Users\Wilson Family\AppData\Roaming\Iminent
2013-04-20 18:40:07 -------- d-----w- C:\ProgramData\Iminent
2013-04-20 18:40:06 -------- d-----w- C:\Users\Wilson Family\AppData\Local\CRE
2013-04-20 18:39:44 -------- d-----w- C:\Program Files (x86)\Common Files\Umbrella
2013-04-20 18:39:41 -------- d-----w- C:\Program Files (x86)\Iminent
2013-04-20 18:39:24 -------- d-----w- C:\Users\Wilson Family\AppData\Local\Wajam
2013-04-20 18:39:22 -------- d-----w- C:\Program Files (x86)\Wajam
2013-04-20 18:39:19 -------- d-----w- C:\Users\Wilson Family\AppData\Local\getsavin
2013-04-20 18:36:11 -------- d-----w- C:\Program Files (x86)\SearchProtect
2013-04-20 18:35:59 -------- d-----w- C:\Users\Wilson Family\AppData\Roaming\SearchProtect
2013-04-20 18:35:59 -------- d-----w- C:\Program Files (x86)\Conduit
2013-04-20 18:35:56 -------- d-----w- C:\Users\Wilson Family\AppData\Local\Conduit
2013-04-20 18:35:56 -------- d-----w- C:\Program Files (x86)\WiseConvert_B2
2013-04-20 18:33:23 -------- d-----w- C:\Users\Wilson Family\AppData\Local\Redlynx
2013-04-20 18:29:04 -------- d-----w- C:\Users\Wilson Family\AppData\Local\IAC
2013-04-20 18:29:03 -------- d-----w- C:\Users\Wilson Family\AppData\Local\UtilityChest_49
2013-04-20 18:27:19 -------- d-----w- C:\Program Files (x86)\UtilityChest_49
2013-04-20 18:24:12 -------- d-----w- C:\ProgramData\boost_interprocess
2013-04-20 18:22:19 -------- d-----w- C:\Program Files (x86)\SaveValet
2013-04-20 18:22:14 -------- d-----w- C:\Program Files (x86)\Consumer Input
2013-04-20 18:17:01 -------- d-----w- C:\Program Files (x86)\Yahoo!
2013-04-20 18:16:31 -------- d-----w- C:\ProgramData\APN
2013-04-19 21:36:39 5081608 ----a-w- C:\Windows\System32\d3dx9_36.dll
2013-04-19 21:36:39 3734536 ----a-w- C:\Windows\SysWow64\d3dx9_36.dll
2013-04-19 21:36:38 81768 ----a-w- C:\Windows\SysWow64\xinput1_3.dll
2013-04-19 21:36:38 107368 ----a-w- C:\Windows\System32\xinput1_3.dll
2013-04-19 21:36:25 419840 ----a-w- C:\Windows\System32\wrap_oal.dll
2013-04-19 21:36:25 133632 ----a-w- C:\Windows\System32\OpenAL32.dll
2013-04-19 21:36:25 -------- d-----w- C:\Program Files (x86)\OpenAL
2013-04-19 21:36:24 413696 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2013-04-19 21:36:24 110592 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2013-04-19 21:36:21 -------- d-----w- C:\Program Files (x86)\Trials 2 Second Edition
2013-04-18 02:14:45 -------- d-----w- C:\Program Files super clean
2013-04-11 09:00:59 887808 ----a-w- C:\Program Files\Internet Explorer\iedvtool.dll
2013-04-11 09:00:59 678912 ----a-w- C:\Program Files (x86)\Internet Explorer\iedvtool.dll
2013-04-11 09:00:59 499200 ----a-w- C:\Program Files\Internet Explorer\jsdbgui.dll
2013-04-11 09:00:59 387584 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdbgui.dll
2013-04-10 20:49:03 3717632 ----a-w- C:\Windows\System32\mstscax.dll
2013-04-10 20:49:03 3217408 ----a-w- C:\Windows\SysWow64\mstscax.dll
2013-04-10 20:49:02 44032 ----a-w- C:\Windows\System32\tsgqec.dll
2013-04-10 20:49:02 36864 ----a-w- C:\Windows\SysWow64\tsgqec.dll
2013-04-10 20:49:02 158720 ----a-w- C:\Windows\System32\aaclient.dll
2013-04-10 20:49:02 131584 ----a-w- C:\Windows\SysWow64\aaclient.dll
2013-04-10 20:48:30 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-04-10 20:48:14 1655656 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-10 20:48:09 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2013-04-10 20:47:58 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-04-10 20:47:58 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-04-10 20:47:58 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-04-10 20:47:57 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-04-10 20:47:57 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-04-10 20:47:57 112640 ----a-w- C:\Windows\System32\smss.exe
2013-03-26 00:29:49 -------- d-----w- C:\ProgramData\Oberon Media
2013-03-26 00:29:42 -------- d-----w- C:\Users\Wilson Family\AppData\Local\Arcadesafari
2013-03-25 23:34:56 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
.
==================== Find3M ====================
.
2013-04-02 10:34:28 282744 ------w- C:\Windows\System32\MpSigStub.exe
2013-02-22 06:27:49 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-02-22 06:20:51 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-02-22 06:19:37 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-02-22 06:15:48 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-02-22 06:15:23 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-02-22 06:12:41 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-02-22 03:46:00 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-02-22 03:38:00 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-02-22 03:37:50 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-02-22 03:34:17 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-02-22 03:34:03 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-02-22 03:31:46 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
.
============= FINISH: 21:58:26.04 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 1/8/2013 11:40:38 PM
System Uptime: 4/23/2013 9:50:07 PM (0 hours ago)
.
Motherboard: Dell Inc. | | 0C2KJT
Processor: Intel(R) Core(TM) i5 CPU 650 @ 3.20GHz | CPU 1 | 2784/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 332 GiB total, 180.788 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
I: is FIXED (NTFS) - 586 GiB total, 585.792 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: MTP Bluetooth Device
Device ID: ROOT\UNKNOWN\0000
Manufacturer: (Standard MTP Device)
Name: MTP Bluetooth Device
PNP Device ID: ROOT\UNKNOWN\0000
Service: WUDFRd
.
==== System Restore Points ===================
.
RP43: 3/29/2013 10:58:10 AM - Windows Update
RP44: 4/1/2013 12:15:05 PM - Windows Update
RP45: 4/4/2013 5:35:32 PM - Windows Update
RP46: 4/7/2013 6:07:45 PM - Windows Update
RP47: 4/11/2013 3:00:27 AM - Windows Update
RP48: 4/15/2013 11:36:34 AM - Windows Update
RP49: 4/18/2013 3:14:33 PM - Windows Update
RP50: 4/19/2013 3:36:25 PM - Installed DirectX
RP51: 4/23/2013 11:18:06 AM - Windows Update
.
==== Installed Programs ======================
.
7-Zip 9.20
7-Zip 9.20 (x64 edition)
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.02)
Adobe Shockwave Player 11.6
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Arcadesafari
Bonjour
Broadcom NetXtreme-I Netlink Driver and Management Installer
CCleaner
Consumer Input Software (remove only)
Dell System Detect
Dropbox
DW 1525 Driver Installation
GetSavin
Google Chrome
Google Update Helper
iCloud
iLivid
ImgBurn
Iminent
iTunes
Java 7 Update 10 (64-bit)
Java(TM) SE Runtime Environment 6 Update 1
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Mozilla Firefox 18.0 (x86 en-US)
Mozilla Maintenance Service
MP3 Rocket
OpenAL
PDFCreator
Playtopus
Revo Uninstaller 1.94
SaveValet IE - Stop overpaying! Instantly get the lowest price and best deals right as you shop.
Search Protect by conduit
SearchDonkey
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Skype™ 6.0
swMSM
Trials 2 Second Edition
Unity Web Player
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Utility Chest Toolbar
VLC media player 2.0.5
Wajam
WhiteSmoke New Toolbar
WiseConvert B2 Toolbar
XnView 1.99.6
Yahoo! Software Update
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
4/23/2013 9:51:35 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
4/23/2013 9:51:34 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
4/20/2013 12:40:40 PM, Error: Service Control Manager [7034] - The WajamUpdater service terminated unexpectedly. It has done this 1 time(s).
4/20/2013 12:39:48 PM, Error: Service Control Manager [7030] - The SProtection service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
4/17/2013 5:36:54 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk5\DR5.
.
==== End Of File ===========================
riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
