Page 1 of 2 12 LastLast
Results 1 to 10 of 13
  1. #1
    Member
    Join Date
    Sep 2012
    Posts
    7
    Points
    0

    Default ib.adnxs.com Issue Any help is appreciated

    To whom it may concern:

    I have this issue with ib.adnxs.com pop ups from time to time. I will post the required logs below. I appreciate any help, thank you.



    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 10:24:21 PM, on 9/8/2012
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.17051)
    Boot mode: Safe mode with network support

    Running processes:
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Users\Steve Patane\Desktop\HiJackThis.exe
    C:\Windows\SysWOW64\DllHost.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://agencygateway1.allstate.com/...waysplash.html
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
    O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
    O4 - HKLM\..\Run: [Smart File Advisor] "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /checkassoc
    O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
    O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
    O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_271_Plugin.exe -update plugin
    O4 - Global Startup: Bluetooth.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
    O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: 启动UUSee 网络电视 - {998A88A0-A355-809B-831C-B83A80000992} - C:\Program Files (x86)\uusee\UUSeePlayer.exe
    O9 - Extra 'Tools' menuitem: 启动UUSee 网络电视 - {998A88A0-A355-809B-831C-B83A80000992} - C:\Program Files (x86)\uusee\UUSeePlayer.exe
    O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/soft...3/CTPIDPDE.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package 1) - http://ccfiles.creative.com/Web/soft...5116/CTPID.cab
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
    O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

    --
    End of file - 11352 bytes





    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 09/09/2012 at 00:44 AM

    Application Version : 5.5.1016

    Core Rules Database Version : 9198
    Trace Rules Database Version: 7010

    Scan type : Complete Scan
    Total Scan Time : 02:08:20

    Operating System Information
    Windows 7 Ultimate 64-bit (Build 6.01.7600)
    UAC Off - Administrator

    Memory items scanned : 417
    Memory threats detected : 0
    Registry items scanned : 66946
    Registry threats detected : 140
    File items scanned : 81596
    File threats detected : 8

    Adware.Tracking Cookie
    C:\Users\Steve Patane\AppData\Roaming\Microsoft\Windows\Cookies\D45U62WO.txt [ /doubleclick.net ]
    C:\Users\Steve Patane\AppData\Roaming\Microsoft\Windows\Cookies\XB325LVJ.txt [ /atdmt.com ]
    C:\Users\Steve Patane\AppData\Roaming\Microsoft\Windows\Cookies\A5I9L66T.txt [ /c.atdmt.com ]
    C:\USERS\STEVE PATANE\Cookies\D45U62WO.txt [ Cookie:steve patane@doubleclick.net/ ]
    C:\USERS\STEVE PATANE\Cookies\XB325LVJ.txt [ Cookie:steve patane@atdmt.com/ ]
    C:\USERS\STEVE PATANE\Cookies\A5I9L66T.txt [ Cookie:steve patane@c.atdmt.com/ ]

    PUP.MyWebSearch/FunWebProducts
    (x64) HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
    (x64) HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid32
    (x64) HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\TypeLib
    (x64) HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\TypeLib#Version
    (x64) HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
    (x64) HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid32
    (x64) HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\TypeLib
    (x64) HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\TypeLib#Version
    (x64) HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
    (x64) HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\ProxyStubClsid32
    (x64) HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\TypeLib
    (x64) HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\TypeLib#Version
    (x64) HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
    (x64) HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\ProxyStubClsid32
    (x64) HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\TypeLib
    (x64) HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\TypeLib#Version
    (x64) HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
    (x64) HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\ProxyStubClsid32
    (x64) HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\TypeLib
    (x64) HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\TypeLib#Version
    (x64) HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
    (x64) HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\ProxyStubClsid32
    (x64) HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\TypeLib
    (x64) HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\TypeLib#Version
    (x64) HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
    (x64) HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\ProxyStubClsid32
    (x64) HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\TypeLib
    (x64) HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\TypeLib#Version
    (x64) HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
    (x64) HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32
    (x64) HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib
    (x64) HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib#Version
    (x64) HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
    (x64) HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32
    (x64) HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib
    (x64) HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib#Version
    (x64) HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
    (x64) HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}\ProxyStubClsid32
    (x64) HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}\TypeLib
    (x64) HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}\TypeLib#Version
    (x64) HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
    (x64) HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\ProxyStubClsid32
    (x64) HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\TypeLib
    (x64) HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\TypeLib#Version
    (x64) HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
    (x64) HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\ProxyStubClsid32
    (x64) HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\TypeLib
    (x64) HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\TypeLib#Version
    (x64) HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
    (x64) HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\ProxyStubClsid32
    (x64) HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\TypeLib
    (x64) HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\TypeLib#Version
    (x64) HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
    (x64) HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid32
    (x64) HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\TypeLib
    (x64) HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\TypeLib#Version
    (x64) HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
    (x64) HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid32
    (x64) HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\TypeLib
    (x64) HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\TypeLib#Version
    (x64) HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
    (x64) HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\ProxyStubClsid32
    (x64) HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\TypeLib
    (x64) HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\TypeLib#Version
    (x64) HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
    (x64) HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}\ProxyStubClsid32
    (x64) HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}\TypeLib
    (x64) HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}\TypeLib#Version
    (x64) HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
    (x64) HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid32
    (x64) HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib
    (x64) HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib#Version
    (x64) HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
    (x64) HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32
    (x64) HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib
    (x64) HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib#Version
    (x64) HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
    (x64) HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32
    (x64) HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib
    (x64) HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib#Version
    (x64) HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
    (x64) HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32
    (x64) HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib
    (x64) HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib#Version
    (x64) HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
    (x64) HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32
    (x64) HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib
    (x64) HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib#Version
    (x64) HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
    (x64) HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\ProxyStubClsid32
    (x64) HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\TypeLib
    (x64) HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\TypeLib#Version
    (x64) HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
    (x64) HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\ProxyStubClsid32
    (x64) HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\TypeLib
    (x64) HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\TypeLib#Version
    (x64) HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
    (x64) HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}\ProxyStubClsid32
    (x64) HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}\TypeLib
    (x64) HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}\TypeLib#Version
    (x64) HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
    (x64) HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\ProxyStubClsid32
    (x64) HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\TypeLib
    (x64) HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\TypeLib#Version
    (x64) HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
    (x64) HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\ProxyStubClsid32
    (x64) HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\TypeLib
    (x64) HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\TypeLib#Version
    (x64) HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
    (x64) HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\ProxyStubClsid32
    (x64) HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\TypeLib
    (x64) HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\TypeLib#Version
    (x64) HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
    (x64) HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\ProxyStubClsid32
    (x64) HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\TypeLib
    (x64) HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\TypeLib#Version
    (x64) HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
    (x64) HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\ProxyStubClsid32
    (x64) HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\TypeLib
    (x64) HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\TypeLib#Version
    (x64) HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
    (x64) HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\ProxyStubClsid32
    (x64) HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\TypeLib
    (x64) HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\TypeLib#Version
    (x64) HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
    (x64) HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid32
    (x64) HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib
    (x64) HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib#Version
    (x64) HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
    (x64) HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid32
    (x64) HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib
    (x64) HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib#Version
    (x64) HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
    (x64) HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\ProxyStubClsid32
    (x64) HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\TypeLib
    (x64) HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\TypeLib#Version
    (x64) HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
    (x64) HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\ProxyStubClsid32
    (x64) HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\TypeLib
    (x64) HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\TypeLib#Version

    Trojan.Agent/Gen-Autorun[Swisyn]
    ZIP ARCHIVE( C:\USERS\STEVE PATANE\DESKTOP\STEVE'S\MALWAREBYTES.ANTI-MALWARE.1.51.2.1300.READNFO_KEYGEN-FFF.ZIP )/RSFAG.EXE
    C:\USERS\STEVE PATANE\DESKTOP\STEVE'S\MALWAREBYTES.ANTI-MALWARE.1.51.2.1300.READNFO_KEYGEN-FFF.ZIP





    Malwarebytes Anti-Malware (PRO) 1.62.0.1300
    Malwarebytes : Free anti-malware download

    Database version: v2012.09.08.09

    Windows 7 x64 NTFS (Safe Mode/Networking)
    Internet Explorer 8.0.7600.16385
    Steve Patane :: STEVEPATANE-PC [administrator]

    Protection: Disabled

    9/8/2012 10:26:15 PM
    mbam-log-2012-09-09 (09-08-36).txt

    Scan type: Full scan (C:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 865761
    Time elapsed: 4 hour(s), 1 minute(s), 45 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 36
    HKCR\CLSID\{22222222-2222-2222-2222-220022502258} (PUP.CrossRider.SSK) -> No action taken.
    HKCR\TypeLib\{44444444-4444-4444-4444-440044504458} (PUP.CrossRider.SSK) -> No action taken.
    HKCR\Interface\{55555555-5555-5555-5555-550055505558} (PUP.CrossRider.SSK) -> No action taken.
    HKCR\CrossriderApp0005058.Sandbox.1 (PUP.CrossRider.SSK) -> No action taken.
    HKCR\CrossriderApp0005058.Sandbox (PUP.CrossRider.SSK) -> No action taken.
    HKCR\CLSID\{33333333-3333-3333-3333-330033503358} (PUP.CrossRider.SSK) -> No action taken.
    HKCR\CrossriderApp0005058.FBApi.1 (PUP.CrossRider.SSK) -> No action taken.
    HKCR\CrossriderApp0005058.FBApi (PUP.CrossRider.SSK) -> No action taken.
    HKCR\CLSID\{38943A5A-33BB-4D28-909A-BF52B994D26A} (PUP.ChinAd) -> No action taken.
    HKCR\CLSID\{AC414988-E5BB-4C2C-873B-EA53D2F3D23A} (PUP.ChinAd) -> No action taken.
    HKCR\TypeLib\{7B0F8D4E-2C8D-4F2A-805B-0E35BF90B713} (PUP.ChinAd) -> No action taken.
    HKCR\Interface\{042C7AAC-BD4A-4450-AA0C-AAC3A30CA19E} (PUP.ChinAd) -> No action taken.
    HKCR\CLSID\{8821A59C-A115-430b-9F0D-089DB4F8B7F3} (PUP.ChinAd) -> No action taken.
    HKCR\TypeLib\{8821A59B-A115-430b-9F0D-089DB4F8B7F3} (PUP.ChinAd) -> No action taken.
    HKCR\Interface\{8821A59A-A115-430B-9F0D-089DB4F8B7F3} (PUP.ChinAd) -> No action taken.
    HKCR\HZP.ReliPlayer.CCTV.1 (PUP.ChinAd) -> No action taken.
    HKCR\HZP.ReliPlayer.CCTV (PUP.ChinAd) -> No action taken.
    HKCR\CLSID\{0583926D-C114-4605-8DF3-770402F50E61} (PUP.ChinAd) -> No action taken.
    HKCR\CLSID\{945E37E3-156F-4757-AA1F-CBA338DDFBE9} (PUP.ChinAd) -> No action taken.
    HKCR\TypeLib\{754EFA30-C752-4F45-8890-6250A53FD512} (PUP.ChinAd) -> No action taken.
    HKCR\Interface\{770B88B4-DCD8-4857-8E82-62C650F58545} (PUP.ChinAd) -> No action taken.
    HKCR\CLSID\{48CF8992-4161-49D6-9A9B-F1FDB3BAE74D} (PUP.ChinAd) -> No action taken.
    HKCR\CLSID\{17413BA0-0160-4C1F-BA66-679436BCA89B} (PUP.ChinAd) -> No action taken.
    HKCR\CLSID\{28966B43-B5D0-4694-9E79-F5B4099F02D4} (PUP.ChinAd) -> No action taken.
    HKCR\TypeLib\{41E77C38-9383-404C-BC49-EDF2AEA4E163} (PUP.ChinAd) -> No action taken.
    HKCR\Interface\{B9587E96-9349-4F58-A7D5-77E53811BDFD} (PUP.ChinAd) -> No action taken.
    HKCR\CLSID\{2CACD7BB-1C59-4BBB-8E81-6E83F82C813B} (PUP.ChinAd) -> No action taken.
    HKCR\TypeLib\{BC85539C-48EA-4222-B6EE-8DA6897175DA} (PUP.ChinAd) -> No action taken.
    HKCR\Interface\{03536919-5F7D-4506-80DF-144C74CB5B45} (PUP.ChinAd) -> No action taken.
    HKCR\UUUPGRADE.UUUpgradeCtrl.1 (PUP.ChinAd) -> No action taken.
    HKCR\CLSID\{1185448F-CD61-4FD0-A728-F62407D354AA} (PUP.ChinAd) -> No action taken.
    HKCR\TypeLib\{34A24C1F-46A0-46B1-92C9-210132D85E60} (PUP.ChinAd) -> No action taken.
    HKCR\Interface\{263BE21D-D834-4971-8097-1F5954995C18} (PUP.ChinAd) -> No action taken.
    HKCR\CrossriderApp0005058.BHO (PUP.CrossFire.Gen) -> No action taken.
    HKCR\CrossriderApp0005058.BHO.1 (PUP.CrossFire.Gen) -> No action taken.
    HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> No action taken.

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 5
    C:\Program Files (x86)\Common Files\uusee (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\Codecs (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\review (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\UUSEETemp (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\UUSEETemp\UUPlayer_2010_update (PUP.ChinAd) -> No action taken.

    Files Detected: 72
    C:\Program Files (x86)\Common Files\uusee\check_cmd.exe (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\out_mmshttp.dll (PUP.ChinAd) -> No action taken.
    C:\Users\Steve Patane\Desktop\HiJackThis\backups\backup-20120821-213554-412.dll (PUP.215Apps) -> No action taken.
    C:\Users\Steve Patane\Desktop\Trend Micro\HiJackThis\backups\backup-20120821-213554-412.dll (PUP.215Apps) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\UUUpgrade.ini (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\b_taobao.ico (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\CCTVPlayer.ocx (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\CCTVUpdateInstall.dll (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\CoCode.dll (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\download.dll (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\ENet.dll (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\EnetDep.dll (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\EnetDepNee.dll (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\flvad.xml (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\flvad.xml.dat (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\flvads.xml (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\flvads.xml.dat (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\in_net.dll (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\kumidesktop.ico (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\LocalInfo.ini (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\MediaCenter.ini (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\Microsoft.VC90.CRT.manifest (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\mp4demux.ax (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\msvcp90.dll (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\msvcr90.dll (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\npuuseep.dll (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\recommend.dll (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\Reli_CCTV.dll (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\rmsp011.ax (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\seeplayer.ocx (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\trafficlight.dll (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\UFDeMux.ax (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\UFSource.ax (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\Update_Data.ini (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\updll.dll (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\UUNet.dll (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\UUPlayer.exe (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\UUPlayer.ocx (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\UUPlayer_2010_path.ini (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\UUSeeMediaCenter.exe (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\UUUpgrade.dll (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\UUUpgrade.exe (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\UUUpgrade.ocx (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\UUWebPlayer.ocx (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\videoAccDll.dll (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\Codecs\cook.dll (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\Codecs\CoreAAC.ax (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\Codecs\CoreAVC.ax (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\Codecs\drvc.dll (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\Codecs\L3CODECX.AX (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\Codecs\mkvSplitter.ax (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\Codecs\msvcr71.dll (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\Codecs\pncrt.dll (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\Codecs\raac.dll (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\review\bf_bg.gif (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\review\local.htm (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\review\skin1_bufferbar.gif (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\review\skin1_bufferbg0.gif (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\review\skin1_bufferbg1.gif (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\review\skin_fullscreen.gif (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\review\skin_mute.gif (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\review\skin_pause.gif (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\review\skin_play.gif (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\review\skin_qback.gif (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\review\skin_qnext.gif (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\review\skin_share.gif (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\review\skin_stop.gif (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\review\skin_volume.gif (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\review\skin_volumebar.gif (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\review\skin_volumebarbg.gif (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\review\skin_volumebarbg2.gif (PUP.ChinAd) -> No action taken.
    C:\Program Files (x86)\Common Files\uusee\review\Thumbs.db (PUP.ChinAd) -> No action taken.

    (end)

  2. #2
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    Hi CIBInc, I
    I'll get you started our expert will follow through.

    Is there a reason you posted the log from Safemode with Networking? Also you did not take any action using Malwarebytes, see where it says "No Action Taken" was there a reason for that?

    Next
    We need to see some information about what is happening in your machine. Please perform the following scan:
    • Download DDS by sUBs from one of the following links. Save it to your desktop.
    • Double click on the DDS icon, allow it to run.
    • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
    • Notepad will open with the results.
    • Follow the instructions that pop up for posting the results.
    • Close the program window, and delete the program from your desktop.
    Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

    Information on A/V control HERE

    Joe

  3. #3
    Member
    Join Date
    Sep 2012
    Posts
    7
    Points
    0

    Default

    Hi Joe:

    I ran in safe mode simply thought it would be wiser. I'm not sure if it matters but that was my thinking. Regarding the Malwarebytes log saying no action taken I must have copied the wrong log. I did remove what was detected. I'll re-run again if you feel I should? I'll put the logs you requested below. I greatly appreciate your time.



    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_35
    Run by Steve Patane at 11:49:52 on 2012-09-09
    Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.4087.1769 [GMT -4:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    c:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\UnHackMe\hackmon.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\Dwm.exe
    C:\Windows\SysWOW64\PnkBstrA.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\WUDFHost.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Windows\SysWOW64\Ctxfihlp.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe
    C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Windows\SysWOW64\CTXFISPI.EXE
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\DllHost.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = https://agencygateway1.allstate.com/...waysplash.html
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
    uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    mRun: [CTxfiHlp] CTXFIHLP.EXE
    mRun: [Smart File Advisor] "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /checkassoc
    mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
    mRun: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
    mRun: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
    IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    IE: {998A88A0-A355-809B-831C-B83A80000992} - C:\Program Files (x86)\uusee\UUSeePlayer.exe
    IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
    DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
    DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15116/CTPID.cab
    TCP: DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{4CD4DCAA-E482-4001-B7BD-706B3EAD8263} : DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{FB3C7BEE-8FD3-46B7-88B5-57934932A6CB} : DhcpNameServer = 192.168.2.1
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
    mASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
    BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
    BHO-X64: 0x1 - No File
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
    BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO-X64: SkypeIEPluginBHO - No File
    BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
    BHO-X64: URLRedirectionBHO - No File
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
    mRun-x64: [CTxfiHlp] CTXFIHLP.EXE
    mRun-x64: [Smart File Advisor] "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /checkassoc
    mRun-x64: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
    mRun-x64: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
    mRun-x64: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    IE-X64: {998A88A0-A355-809B-831C-B83A80000992} - C:\Program Files (x86)\uusee\UUSeePlayer.exe
    IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Steve Patane\AppData\Roaming\Mozilla\Firefox\Profiles\q6kmy9pz.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2818425&SearchSource=3&q={searchTerms}
    FF - prefs.js: browser.startup.homepage - XFINITY by Comcast -- Official Customer Site | Email | Watch TV Online
    FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
    FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
    FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npuuseep.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
    FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
    FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Users\Steve Patane\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
    FF - plugin: C:\Users\Steve Patane\AppData\Roaming\Mozilla\plugins\npoctoshape.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
    FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
    FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(network.protocol-handler.warn-external.dnupdate, false
    FF - user.js: browser.sessionstore.resume_from_crash - false
    user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);
    ============= SERVICES / DRIVERS ===============
    .
    R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
    R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
    R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
    R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
    R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-20 655944]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-5-15 382272]
    R3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]
    R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
    R3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]
    R3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]
    R3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]
    R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
    R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-6-12 1262400]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-11 250568]
    S3 BrSerIb;Brother MFC Serial Interface Driver(WDM);C:\Windows\system32\DRIVERS\BrSerIb.sys --> C:\Windows\system32\DRIVERS\BrSerIb.sys [?]
    S3 BrUsbSIb;Brother MFC Serial USB Driver(WDM);C:\Windows\system32\DRIVERS\BrUsbSIb.sys --> C:\Windows\system32\DRIVERS\BrUsbSIb.sys [?]
    S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-4-7 79360]
    S3 CT20XUT;CT20XUT;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]
    S3 CTEXFIFX;CTEXFIFX;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]
    S3 CTHWIUT;CTHWIUT;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]
    S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 51740536]
    S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-8 114144]
    S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
    S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
    S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2012-09-09 13:33:01 477168 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
    2012-09-09 13:31:23 9310152 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3DF52D28-5171-4A06-95E0-F1878CB80575}\mpengine.dll
    2012-09-09 13:22:14 9310152 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2012-09-09 13:18:22 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{9CFD5FD5-A97B-450D-92BE-F3BB8841DF8A}
    2012-09-09 02:27:13 -------- d-----w- C:\Users\Steve Patane\AppData\Roaming\SUPERAntiSpyware.com
    2012-09-09 02:27:00 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
    2012-09-09 02:27:00 -------- d-----w- C:\Program Files\SUPERAntiSpyware
    2012-09-08 02:07:57 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{AD6A2072-09E6-4CE3-B8D2-B34B49A4AFC3}
    2012-09-06 01:21:39 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{A316561D-2671-4070-81BD-2A045E3B32B4}
    2012-09-01 01:08:34 -------- d-----w- C:\Users\Steve Patane\AppData\Roaming\wargaming.net
    2012-08-31 22:01:49 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{04FA4435-0D31-4662-9490-0499C2472351}
    2012-08-28 01:14:16 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{2353CAB0-36FD-4978-A9AF-9A83F807ADF7}
    2012-08-27 02:06:40 208216 ----a-w- C:\Windows\System32\drivers\86675615.sys
    2012-08-26 14:42:01 -------- d-----w- C:\MGADiagToolOutput
    2012-08-25 01:48:51 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{12138E30-F7D0-4F61-8C9C-DDBB591EDAE8}
    2012-08-24 02:18:26 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{A21C7AED-A101-446C-ADEC-10F09314BB4C}
    2012-08-23 22:44:28 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{D1DADFEF-B343-4DC6-A86A-D496E7BF1CB7}
    2012-08-23 03:28:18 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{E1500331-0D66-4A95-A93C-A025FC2A338B}
    2012-08-22 22:36:43 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{524F25FA-E023-41C8-9E7E-4197D81D5CB1}
    2012-08-22 01:43:29 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{8D25DCAC-0801-4CAA-ACAC-E5E85B5BB2B4}
    2012-08-19 14:15:23 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{7DA8F3F1-883D-40C8-B9F2-A1F77A47524D}
    2012-08-18 23:45:49 -------- d-----w- C:\Users\Steve Patane\fontconfig
    2012-08-18 23:32:19 -------- d-----w- C:\Users\Steve Patane\AppData\Local\Google
    2012-08-18 23:31:34 -------- d-----w- C:\Program Files (x86)\OApps
    2012-08-18 23:30:20 -------- d-----w- C:\Users\Steve Patane\.smplayer
    2012-08-18 23:30:00 -------- d-----w- C:\Program Files (x86)\SMPlayer
    2012-08-18 12:20:42 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{9685425B-8ED4-40EE-BF5C-AE1AE4C474CB}
    2012-08-18 12:20:31 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{679855D8-1127-4860-93BC-8A550E095B75}
    2012-08-16 07:08:10 552448 ----a-w- C:\Windows\System32\drivers\bthport.sys
    2012-08-16 01:02:13 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{5FF4BA11-B6E5-4435-A993-30AB2BFC9F34}
    2012-08-15 22:13:40 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{F40A586B-B9D8-4B27-A529-54BFD2A1B213}
    2012-08-15 22:13:26 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{EDDD776A-FD20-4AF0-829A-958E42A2348A}
    2012-08-15 01:55:27 -------- d-----w- C:\Users\Steve Patane\AppData\Local\CrashDumps
    2012-08-14 00:12:07 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{70545CAD-FF7C-42E6-A48C-543D63BE84AA}
    2012-08-14 00:11:56 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{398B2BD4-65DE-4680-9F9A-8EA68CC7F69D}
    2012-08-13 03:05:41 -------- d-----w- C:\Program Files (x86)\MediaFire
    2012-08-13 00:56:26 -------- d-----w- C:\Users\Steve Patane\AppData\Roaming\YourFileDownloader
    2012-08-12 23:03:49 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{532B13E5-FD20-4006-AA98-845EB341207D}
    2012-08-12 23:03:37 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{A1C1BFC5-34C4-4115-991E-D96A6B522F43}
    2012-08-12 00:49:32 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{51F7A13C-6825-47C7-867E-3D9344BCC39F}
    2012-08-12 00:49:21 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{E085198F-122E-4520-96BC-4DB70FA0E5F3}
    2012-08-11 22:06:59 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{9FA4CBDC-453E-4C26-845C-9596B7960AB2}
    2012-08-11 13:11:36 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{43A6AE59-EDB6-4768-94A8-EA9E74746B43}
    2012-08-11 03:04:43 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{4D84AB6B-A160-4399-BF9B-F0B9640A4374}
    2012-08-11 00:52:26 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{D0B45F09-F209-46AC-87EA-B1B2560D0F07}
    2012-08-10 23:51:20 -------- d-----w- C:\Users\Steve Patane\AppData\Local\{FDA01BAD-D8F1-487F-9030-2E025DCE9460}
    .
    ==================== Find3M ====================
    .
    2012-09-09 13:32:46 473072 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2012-09-09 13:25:29 73416 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-09-09 13:25:29 696520 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-07-18 17:31:12 3146752 ----a-w- C:\Windows\System32\win32k.sys
    2012-07-04 22:01:38 58880 ----a-w- C:\Windows\System32\browcli.dll
    2012-07-04 22:01:38 136704 ----a-w- C:\Windows\System32\browser.dll
    2012-07-04 21:23:55 41472 ----a-w- C:\Windows\SysWow64\browcli.dll
    2012-07-03 17:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2012-06-27 07:03:25 1197568 ----a-w- C:\Windows\System32\wininet.dll
    2012-06-27 06:59:12 57856 ----a-w- C:\Windows\System32\licmgr10.dll
    2012-06-27 06:03:21 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
    2012-06-27 06:01:19 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
    2012-06-27 05:41:43 482816 ----a-w- C:\Windows\System32\html.iec
    2012-06-27 04:58:58 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
    2012-06-27 04:53:25 386048 ----a-w- C:\Windows\SysWow64\html.iec
    2012-06-27 04:19:51 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2012-06-16 05:25:51 609792 ----a-w- C:\Windows\System32\vbscript.dll
    2012-06-16 04:37:51 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll
    .
    ============= FINISH: 11:52:26.71 ===============


    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows 7 Ultimate
    Boot Device: \Device\HarddiskVolume1
    Install Date: 4/6/2011 11:38:19 PM
    System Uptime: 9/9/2012 9:19:49 AM (2 hours ago)
    .
    Motherboard: EVGA | | EVGA P55 SLI E655
    Processor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz | CPU 1 | 2668/133mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 466 GiB total, 345.943 GiB free.
    D: is CDROM ()
    E: is CDROM ()
    F: is CDROM ()
    G: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP600: 8/25/2012 9:27:36 AM - Windows Update
    RP601: 8/28/2012 1:25:37 PM - Windows Update
    RP602: 8/31/2012 8:53:10 PM - Windows Update
    RP603: 9/4/2012 8:32:00 AM - Windows Update
    RP604: 9/7/2012 10:14:36 PM - Windows Update
    RP605: 9/9/2012 9:26:59 AM - Installed Java(TM) 6 Update 35
    .
    ==== Installed Programs ======================
    .
    Adobe AIR
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader X (10.1.4)
    Adobe Shockwave Player 11.6
    Battlefield 2(TM)
    Battlefield: Bad Company™ 2
    Brother MFL-Pro Suite
    CloneCD
    Creative Audio Control Panel
    Creative Software AutoUpdate
    Creative Sound Blaster Properties x64 Edition
    D3DX10
    DAEMON Tools Pro
    Facebook Video Calling 1.2.0.159
    GIMP 2.6.11
    IsoBuster 2.8.5
    Java Auto Updater
    Java(TM) 6 Update 35
    Junk Mail filter update
    Malwarebytes Anti-Malware version 1.62.0.1300
    Mass Effect 2
    Max Media Creator
    MaxDrive PS2
    MediaFireDownloader
    Mesh Runtime
    Messenger Companion
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft VC9 runtime libraries
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable - KB2467175
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Mozilla Firefox 15.0 (x86 en-US)
    Mozilla Firefox 15.0.1 (x86 en-US)
    Mozilla Maintenance Service
    MSVCRT
    MSVCRT_amd64
    NHL 2004
    NVIDIA 3D Vision Controller Driver
    NVIDIA PhysX
    NVIDIA Stereoscopic 3D Driver
    Octoshape Streaming Services
    OpenAL
    Pro Evolution Soccer 2011
    Pro Evolution Soccer 2013 DEMO
    PunkBuster Services
    Revo Uninstaller 1.93
    Rugby Challenge
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Shockwave
    Skype Click to Call
    Skype™ 5.10
    Smart File Advisor 1.1.1
    SMPlayer 0.6.9
    SopCast 3.5.0
    StreamTorrent 1.0
    swMSM
    The Last Starfighter
    UnHackMe 5.99 release
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Veetle TV 0.9.18
    VideoFileDownload
    VirtualCloneDrive
    VLC media player 1.1.8
    vShare.tv plugin 1.3
    Vuze
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Installer
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live Messenger Companion Core
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    Wrestling MPire 2008 (Career Edition)
    XtremeTuner HD
    Yahoo! Messenger
    Yahoo! Software Update
    Yahoo! Toolbar
    Zip Motion Block Video codec (Remove Only)
    .
    ==== Event Viewer Messages From Past Week ========
    .
    9/9/2012 9:22:46 AM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
    9/9/2012 9:22:46 AM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.
    9/9/2012 9:20:42 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Partizan
    9/9/2012 9:18:22 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
    9/9/2012 2:03:25 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.135.762.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8704.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode
    9/9/2012 1:55:40 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.135.762.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8704.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode
    9/9/2012 1:55:39 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
    9/8/2012 9:59:49 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service NVSvc with arguments "" in order to run the server: {DCAB0989-1301-4319-BE5F-ADE89F88581C}
    9/8/2012 9:56:54 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
    9/8/2012 9:56:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    9/8/2012 9:56:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    9/8/2012 9:56:50 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    9/8/2012 9:56:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
    9/8/2012 9:54:57 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache ElbyCDIO MpFilter Partizan spldr sptd Wanarpv6
    9/8/2012 9:54:52 PM, Error: Service Control Manager [7001] - The Creative Audio Service service depends on the Windows Audio service which failed to start because of the following error: The dependency service or group failed to start.
    9/8/2012 9:54:15 PM, Error: sptd [4] - Driver detected an internal error in its data structures for .
    9/8/2012 11:32:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service SkypeUpdate with arguments "/ComService" in order to run the server: {CC957078-B838-47C4-A7CF-626E7A82FC58}
    .
    ==== End Of File ===========================

  4. #4
    Member
    Join Date
    Sep 2012
    Posts
    7
    Points
    0

    Default

    Joe:

    Just to let you know I ran malwarebytes again and it came up clean so I must have took action. Any further help is appreciated. Hope you had goodweekend.

  5. #5
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    Ok. What browser are the pops up occurring in?

    Joe
    Last edited by zep516; 09-10-2012 at 07:57 PM.

  6. #6
    Member
    Join Date
    Sep 2012
    Posts
    7
    Points
    0

    Default

    Joe:

    Mozilla Firefox

  7. #7
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Hello,

    Try uninstalling and reinstalling fFrefox see if that fixes the problem. In most cases if it is just in Firefox after the infection has been removed a reinstall will take care of the redirects. We are seeing this more and more with this type of infection. The key is the infection has been removed first.
    Last edited by fireman4it; 09-10-2012 at 08:00 PM. Reason: Grammer
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  8. #8
    Member
    Join Date
    Sep 2012
    Posts
    7
    Points
    0

    Default

    I removed or uninstalled Firefox and rebooted but I still receive the pop up. I did keep however my favorites with Firefox when I was asked at the uninstall screen. Do you think since I kept some of my personal files or favorites on the toolbar if that cause it to sill happen? Any thoughts?

  9. #9
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Yes, Please uninstall again and make sure to let it delete everything. Are you connected to the internet through a router? The we probably need to rest that router also.

    How to reset your router.
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  10. #10
    Member
    Join Date
    Sep 2012
    Posts
    7
    Points
    0

    Default

    Hi,

    I removed everything this time and that seemed to do the trick. I'm using a Nat device for my VOIP phone which I guess act like a router. I'm running another scan with superantispyware and malwarebtyes.. I didn't reset the router. Thanks.

Page 1 of 2 12 LastLast