Jump to content

Incredibar removal - help please


Recommended Posts

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1

Run by Bill at 22:52:21 on 2012-08-08

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.1919.564 [GMT 9.5:30]

.

AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k hpdevmgmt

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Windows\system32\svchost.exe -k HPService

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\Olympus\DSSPlayerPro\Notification.exe

C:\Program Files\Olympus\DSSPlayerPro\UpdateManager.exe

C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe

C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Innovative Solutions\System Tray Cleaner\stc.exe

C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe

C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe

C:\Program Files\Olympus\DeviceDetector\DeviceDetector4.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Squeezebox\SqueezeTray.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Users\Bill\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe

C:\PROGRA~1\SQUEEZ~1\server\SQUEEZ~3.EXE

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\hh.exe

C:\Program Files\Mozilla Thunderbird\thunderbird.exe

C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com.au/

uURLSearchHooks: H - No File

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

uRun: [sTC] "c:\program files\innovative solutions\system tray cleaner\stc.exe" -startup

uRun: [DriverMax] "c:\program files\innovative solutions\drivermax\drivermax.exe" -agent

uRun: [DriverMax_RESTART]

uRun: [<NO NAME>]

uRun: [NokiaSuite.exe] c:\program files\nokia\nokia suite\NokiaSuite.exe -tray

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [<NO NAME>]

mRun: [Olympus Notification] c:\program files\olympus\dssplayerpro\Notification.exe

mRun: [Olympus DSS UpdateManager] "c:\program files\olympus\dssplayerpro\UpdateManager.exe"

mRun: [sSDMonitor] c:\program files\common files\pc tools\smonitor\SSDMonitor.exe

mRun: [LWS] c:\program files\logitech\lws\webcam software\LWS.exe -hide

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [Cmaudiow] RunDll32 cmcnfgw.cpl,CMICtrlWnd

mRun: [RTHDVCPL] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

StartupFolder: c:\users\bill\appdata\roaming\micros~1\windows\startm~1\programs\startup\cnette~1.lnk - c:\users\bill\appdata\roaming\cbs interactive\cnet techtracker\TechTracker.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\device~1.lnk - c:\program files\olympus\devicedetector\DeviceDetector4.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\direct~1.lnk - c:\program files\olympus\directrecconfig\DirectrecConfigurationTool.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\squeezebox\SqueezeTray.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{17548F06-B1D9-49AF-A597-080BA1655230} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{17548F06-B1D9-49AF-A597-080BA1655230}\1465F4E4D4F42554 : DhcpNameServer = 192.168.1.1

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\bill\appdata\roaming\mozilla\firefox\profiles\jl2nryht.default\

FF - prefs.js: browser.startup.homepage - about:home

FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=

FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll

FF - component: c:\program files\nokia\nokia ovi suite\connectors\bookmarks connector\firefoxextension\components\FirefoxExtension.dll

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre7\bin\new_plugin\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll

FF - plugin: c:\users\bill\appdata\roaming\mozilla\firefox\profiles\jl2nryht.default\extensions\maps@ovi.com\plugins\npNMapNPR.dll

FF - plugin: c:\users\bill\appdata\roaming\mozilla\firefox\profiles\jl2nryht.default\extensions\maps@ovi.com\plugins\npNMapNPRresources.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_257.dll

FF - plugin: c:\windows\system32\npdeployJava1.dll

FF - plugin: c:\windows\system32\npmproxy.dll

FF - plugin: c:\windows\system32\wat\npWatWeb.dll

.

============= SERVICES / DRIVERS ===============

.

R0 hotcore3;hc3ServiceName;c:\windows\system32\drivers\hotcore3.sys [2010-2-11 57112]

R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2009-6-18 171064]

R1 MpKslb66a1ee9;MpKslb66a1ee9;c:\programdata\microsoft\microsoft antimalware\definition updates\{eb0fa2e4-505c-4b3a-a015-29c4ba2ffe47}\MpKslb66a1ee9.sys [2012-8-8 29904]

R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]

R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-8-8 655944]

R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2010-11-7 632792]

R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2012-7-5 3048136]

R2 UMVPFSrv;UMVPFSrv;c:\program files\common files\logishrd\lvmvfm\UMVPFSrv.exe [2012-1-18 450848]

R3 cmvad;C-Media Wi-Sonic Wireless Audio Interface;c:\windows\system32\drivers\cmudaxv.sys [2011-7-24 1361024]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-8-8 22344]

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-8-8 40776]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-6-10 394856]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-12-8 136176]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia update core\daemonu.exe [2012-2-24 2348352]

S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-2-29 158856]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]

S3 DLKRT32;D-Link DGE-528T Gigabit Ethernet Adapter Driver;c:\windows\system32\drivers\DLKRT32.sys [2011-8-28 167936]

S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2011-12-17 23456]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-12-8 136176]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-3-18 114144]

S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 74112]

S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2012-3-26 214952]

S3 Olympus DVR Service;Olympus DVR Service;c:\program files\common files\olympus shared\devicemanager\olydvrsv.exe [2011-2-24 176128]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-3-9 52224]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]

S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-3-17 1343400]

.

=============== Created Last 30 ================

.

2012-08-08 13:02:13 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{eb0fa2e4-505c-4b3a-a015-29c4ba2ffe47}\offreg.dll

2012-08-08 13:02:13 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{eb0fa2e4-505c-4b3a-a015-29c4ba2ffe47}\MpKslb66a1ee9.sys

2012-08-08 09:08:56 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2012-08-08 09:08:56 -------- d-----w- c:\users\bill\appdata\roaming\Malwarebytes

2012-08-08 09:08:43 -------- d-----w- c:\programdata\Malwarebytes

2012-08-08 09:08:41 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-08 09:08:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-08-08 08:55:03 73696 ----a-w- c:\program files\mozilla firefox\breakpadinjector.dll

2012-08-08 08:55:03 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

2012-08-08 08:55:03 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll

2012-08-08 08:55:03 18912 ----a-w- c:\program files\mozilla firefox\AccessibleMarshal.dll

2012-08-08 08:55:02 917984 ----a-w- c:\program files\mozilla firefox\firefox.exe

2012-08-08 08:55:02 82400 ----a-w- c:\program files\mozilla firefox\libEGL.dll

2012-08-08 08:55:02 258528 ----a-w- c:\program files\mozilla firefox\freebl3.dll

2012-08-08 08:55:02 2290144 ----a-w- c:\program files\mozilla firefox\gkmedias.dll

2012-08-08 08:55:02 1998168 ----a-w- c:\program files\mozilla firefox\d3dx9_43.dll

2012-08-08 08:55:02 118240 ----a-w- c:\program files\mozilla firefox\crashreporter.exe

2012-08-08 08:55:01 425952 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll

2012-08-08 08:55:01 114144 ----a-w- c:\program files\mozilla firefox\maintenanceservice.exe

2012-08-08 08:38:15 6762896 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{eb0fa2e4-505c-4b3a-a015-29c4ba2ffe47}\mpengine.dll

2012-08-07 14:44:34 -------- d-----w- C:\sh4ldr

2012-08-07 14:44:34 -------- d-----w- c:\program files\Enigma Software Group

2012-08-07 13:37:47 -------- d-----w- c:\users\bill\appdata\local\VS Revo Group

2012-08-07 13:37:37 -------- d-----w- c:\program files\VS Revo Group

2012-08-07 13:09:13 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2012-08-07 13:09:13 -------- d-----w- c:\program files\Spybot - Search & Destroy

2012-07-29 15:39:33 -------- d-----w- c:\program files\Minibar

2012-07-29 15:39:31 -------- d-----w- c:\program files\Free YouTube Downloader DB Toolbar

2012-07-16 18:10:23 6762896 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2012-07-11 17:32:20 2345984 ----a-w- c:\windows\system32\win32k.sys

.

==================== Find3M ====================

.

2012-08-08 08:48:32 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-08-08 08:48:32 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-06-06 05:05:52 1390080 ----a-w- c:\windows\system32\msxml6.dll

2012-06-06 05:05:52 1236992 ----a-w- c:\windows\system32\msxml3.dll

2012-06-06 05:03:06 805376 ----a-w- c:\windows\system32\cdosys.dll

2012-06-02 22:12:32 2422272 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:12:13 88576 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 08:33:25 1800192 ----a-w- c:\windows\system32\jscript9.dll

2012-06-02 08:25:08 1129472 ----a-w- c:\windows\system32\wininet.dll

2012-06-02 08:25:03 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2012-06-02 08:20:33 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2012-06-02 08:16:52 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-06-02 05:49:42 171904 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 05:42:20 33792 ----a-w- c:\windows\system32\wuapp.exe

2012-06-02 04:45:04 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-06-02 04:45:03 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-06-02 04:40:59 369336 ----a-w- c:\windows\system32\drivers\cng.sys

2012-06-02 04:40:39 225280 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 04:39:10 219136 ----a-w- c:\windows\system32\ncrypt.dll

.

============= FINISH: 22:53:13.97 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 11/02/2010 12:16:18 AM

System Uptime: 8/08/2012 6:07:46 PM (4 hours ago)

.

Motherboard: Gigabyte Technology Co., Ltd. | | M61PME-S2P

Processor: AMD Athlon 7750 Dual-Core Processor | Socket M2 | 1377/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 397 GiB total, 262.79 GiB free.

D: is CDROM (UDF)

E: is FIXED (NTFS) - 534 GiB total, 394.813 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}

Description: Photosmart Prem C410 series

Device ID: ROOT\MULTIFUNCTION\0000

Manufacturer: HP

Name: Photosmart Prem C410 series

PNP Device ID: ROOT\MULTIFUNCTION\0000

Service:

.

==== System Restore Points ===================

.

RP609: 26/07/2012 1:47:30 PM - Windows Update

RP610: 30/07/2012 2:19:03 AM - Windows Update

RP611: 2/08/2012 1:47:52 PM - Windows Update

RP612: 6/08/2012 2:19:05 AM - Windows Update

RP614: 7/08/2012 10:21:53 PM - After installing Advanced Uninstaller PRO

RP616: 7/08/2012 11:16:07 PM - Revo Uninstaller Pro's restore point -

RP618: 7/08/2012 11:16:53 PM - Revo Uninstaller Pro's restore point -

RP619: 7/08/2012 11:48:34 PM - Installed STOPzilla. Available with Windows Installer version 1.2 and later.

RP620: 7/08/2012 11:54:29 PM - Removed STOPzilla. Available with Windows Installer version 1.2 and later.

RP621: 8/08/2012 12:14:09 AM - Installed SpyHunter

RP622: 8/08/2012 6:01:29 PM - Restore Operation

RP623: 8/08/2012 6:25:47 PM - Windows Update

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

@BIOS

32 Bit HP CIO Components Installer

Acrobat.com

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.3)

Adobe Shockwave Player 11.6

Advanced Uninstaller Free - Version 10

Advanced Uninstaller PRO - Version 10

Apple Application Support

Apple Software Update

BufferChm

C-Media Wi-Sonic Wireless Audio Driver

C410

CameraHelperMsi

CCleaner

CNET TechTracker

Destinations

DeviceDiscovery

DGE-528T Ethernet Controller Driver For Windows 7

DocProc

DriverMax 6

EasyBCD 2.1

EndNote X5

erLT

Fax

Free YouTube Downloader 3.3.113

Google Earth

Google Update Helper

GPBaseService2

Hewlett-Packard ACLM.NET v1.1.0.0

HP Imaging Device Functions 14.0

HP Media Vault

HP Photosmart Prem C410 All-In-One Driver Software 14.0 Rel. 7

HP Product Detection

HP Smart Web Printing 4.60

HP Solution Center 14.0

HP Update

HPAppStudio

HPDiagnosticAlert

HPPhotoGadget

HPProductAssistant

Image Resizer Powertoy Clone for Windows

Individual Centile Calculator 5.16 for Australia

Java Auto Updater

Java 7 Update 5

JavaFX 2.1.1

KLS Mail Backup 1.9.7.8

Logitech Media Server 7.7.2

Logitech Webcam Software

LWS Facebook

LWS Gallery

LWS Help_main

LWS Launcher

LWS Motion Detection

LWS Pictures And Video

LWS Twitter

LWS Video Mask Maker

LWS VideoEffects

LWS Webcam Software

LWS WLM Plugin

LWS YouTube Plugin

Malwarebytes Anti-Malware version 1.62.0.1300

Microsoft .NET Framework 4 Client Profile

Microsoft Calculator Plus

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Professional 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Microsoft_VC100_CRT_SP1_x86

Moneysoft Money Manager

Moneysoft Money Manager 6 Business Edition

MozBackup 1.5.1

Mozilla Firefox 15.0 (x86 en-GB)

Mozilla Maintenance Service

Mozilla Thunderbird 14.0 (x86 en-GB)

MSVC80_x86_v2

MSVC90_x86

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Network

Nokia Connectivity Cable Driver

Nokia Suite

NokiaFREE Unlock Codes Calculator

NoteWorthy Composer 2

NTI DriveBackup! 4

NTI Shadow 3

NVIDIA 3D Vision Controller Driver

NVIDIA 3D Vision Controller Driver 296.10

NVIDIA Control Panel 296.10

NVIDIA Drivers

NVIDIA Graphics Driver 296.10

NVIDIA Install Application

NVIDIA Update 1.7.11

NVIDIA Update Components

OCR Software by I.R.I.S. 14.0

OGA Notifier 2.0.0048.0

Olympus DSS Player Pro

Olympus Manager Tool

Paragon Backup & Recovery™ 2011 (Advanced) Free

Paragon Drive Backup™ 9 Professional

Paragon System Upgrade Utilities™ 2010 Suite

PC Connectivity Solution

PS - Power and Sample Size Calculation

PS_AIO_07_C410_SW_Min

QuickTime

QuickTransfer

Realtek High Definition Audio Driver

Registry Mechanic 10.0

ResearchSoft Direct Export Helper

Scan

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition

Skype Click to Call

Skype™ 5.8

SmartWebPrinting

SolutionCenter

Speccy

Status

swMSM

System Requirements Lab

System Tray Cleaner 3

Toolbox

TrayApp

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

WebReg

Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)

Windows Media Player Firefox Plugin

WinRAR 4.00 (32-bit)

.

==== Event Viewer Messages From Past Week ========

.

8/08/2012 6:27:05 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.131.1607.0).

8/08/2012 6:26:51 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: 1.131.1607.0 Previous Signature Version: 1.131.70.0 Update Source: User Update Stage: Install Source Path: Signature Type: AntiVirus Update Type: Delta User: NT AUTHORITY\SYSTEM Current Engine Version: 1.1.8502.0 Previous Engine Version: 1.1.8601.0 Error code: 0x80070666 Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

8/08/2012 6:26:51 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: 1.131.1607.0 Previous Signature Version: 1.131.70.0 Update Source: User Update Stage: Install Source Path: Signature Type: AntiSpyware Update Type: Delta User: NT AUTHORITY\SYSTEM Current Engine Version: 1.1.8502.0 Previous Engine Version: 1.1.8601.0 Error code: 0x80070666 Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

8/08/2012 6:26:51 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.70.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x80070643 Error description: Fatal error during installation.

8/08/2012 6:10:35 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

8/08/2012 6:10:35 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-2147218173.

8/08/2012 6:10:28 PM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

8/08/2012 6:10:28 PM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.

8/08/2012 6:08:15 PM, Error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x80070002 Error description: The system cannot find the file specified. Signature version: 1.131.70.0;1.131.70.0 Engine version: 1.1.8601.0

7/08/2012 11:55:43 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the szserver service.

6/08/2012 10:23:47 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR3.

.

==== End Of File ===========================

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please download AdwCleaner by Xplode onto your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.

Link to post
Share on other sites

# AdwCleaner v1.800 - Logfile created 08/09/2012 at 10:12:02

# Updated 01/08/2012 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)

# User : Bill - NEW

# Running from : C:\Users\Bill\Desktop\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

Folder Found : C:\Program Files\Minibar

***** [Registry] *****

[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2117678

Key Found : HKCU\Software\Conduit

Key Found : HKCU\Software\Zugo

Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine

Key Found : HKLM\SOFTWARE\Conduit

Key Found : HKLM\SOFTWARE\Software

Key Found : HKLM\SOFTWARE\Wise Solutions

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}

Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0 (en-GB)

Profile name : default

File : C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\jl2nryht.default\prefs.js

[OK] File is clean.

Profile name : default

File : C:\Users\Ros\AppData\Roaming\Mozilla\Firefox\Profiles\as2m0qn0.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1875 octets] - [09/08/2012 10:12:02]

########## EOF - C:\AdwCleaner[R1].txt - [2003 octets] ##########

Link to post
Share on other sites

  • Staff

Hi,

  • Please close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with OK.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number

Link to post
Share on other sites

# AdwCleaner v1.800 - Logfile created 08/13/2012 at 21:47:15

# Updated 01/08/2012 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)

# User : Bill - NEW

# Running from : C:\Users\Bill\Desktop\adwcleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

Folder Deleted : C:\Program Files\Minibar

***** [Registry] *****

[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2117678

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\Zugo

Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine

Key Deleted : HKLM\SOFTWARE\Conduit

Key Deleted : HKLM\SOFTWARE\Software

Key Deleted : HKLM\SOFTWARE\Wise Solutions

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0 (en-GB)

Profile name : default

File : C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\jl2nryht.default\prefs.js

[OK] File is clean.

Profile name : default

File : C:\Users\Ros\AppData\Roaming\Mozilla\Firefox\Profiles\as2m0qn0.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2004 octets] - [09/08/2012 10:12:02]

AdwCleaner[s1].txt - [1967 octets] - [13/08/2012 21:47:15]

########## EOF - C:\AdwCleaner[s1].txt - [2095 octets] ##########

Link to post
Share on other sites

Thanks so much, Chris: the browser hijack seems to have been resolved for both Firefox and IE.

Could you perhaps explain what happened and summarise what we did with the software?

I see that there was a folder called Minibar, which we have now cleared: how did you know that was the source of the problem?

Should I have been able to work it out from first principles?

BTW, when I was trying to update Microsoft Security Essentials definitions yesterday after doing the adwarecleaner stuff, it kept baulking partway through the download/install process, with a message about failed internet connection (which was working perfectly!).

After searching on the MS website, it was suggested that there might be a conflict with other malware security software, so I uninstalled malwarebytes, and hey presto!, the problem disappeared.

I am now not sure what to do! Do I reinstall Malwarebytes?

Should I ask this question in another forum?

Finally, I was puzzled that, although I thought I had set Malwarebytes to inform me by email when there was a message about the topic I was interested in, ie this one!, I never had any notifications and always had to go to the website.

Your comments? Should I also ask this question in another forum?

Cheers

Bill

Link to post
Share on other sites

  • Staff

Hi Bill,

The tool we used look for a lot of common adware/annoyances, including the one(s) you were experiencing.

You can set exclusion settings so that MBAM and MSE play nice with each other. See our guide here:

http://forums.malwarebytes.org/index.php?showtopic=10138&view=findpost&p=181018

Unfortunately e-mail notifications are shaky for me as well and don't work right all the time. I'll poke our IT team and see if they see anything wrong. :)

Let me know if there's anything else I can do for you.

Link to post
Share on other sites

  • 2 weeks later...
  • 2 weeks later...

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.