Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Scan shows Trojan:Win32/Dynamer!ac after removal, should I be worried
Message
<blockquote data-quote="Deb W" data-source="post: 410938" data-attributes="member: 38137"><p>Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015</p><p>Ran by Clare (administrator) on CLARE-HP on 15-07-2015 08:12:22</p><p>Running from C:\Users\Clare\Downloads</p><p>Loaded Profiles: Clare (Available Profiles: Clare)</p><p>Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)</p><p>Internet Explorer Version 11 (Default browser: IE)</p><p>Boot Mode: Normal</p><p>Tutorial for Farbar Recovery Scan Tool: <a href="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/" target="_blank">http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/</a></p><p></p><p>==================== Processes (Whitelisted) =================</p><p></p><p>(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)</p><p></p><p>(HP) C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe</p><p>(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe</p><p>(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe</p><p>(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe</p><p>(Microsoft Corporation) C:\Windows\System32\wlanext.exe</p><p>(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe</p><p>(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe</p><p>(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe</p><p>(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe</p><p>(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe</p><p>(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe</p><p>() C:\Program Files (x86)\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe</p><p>(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe</p><p>() C:\Program Files (x86)\Intel\Intel(R) Smart Connect Technology Agent\iSCTHIDMonitor.exe</p><p>(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe</p><p>(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe</p><p>(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe</p><p>(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE</p><p>(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe</p><p>(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe</p><p>(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe</p><p>(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE</p><p>(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe</p><p>() C:\Program Files (x86)\Intel\Intel(R) Smart Connect Technology Agent\iSCTHIDMonitor.exe</p><p>(HP) C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe</p><p>(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe</p><p>(HP) C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe</p><p>(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe</p><p>(Intel Corporation) C:\Windows\System32\hkcmd.exe</p><p>(Intel Corporation) C:\Windows\System32\igfxpers.exe</p><p>(Microsoft Corporation) C:\Windows\System32\rundll32.exe</p><p>(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe</p><p>(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe</p><p>() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe</p><p>(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe</p><p>(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe</p><p>(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe</p><p>(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe</p><p>(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe</p><p>(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe</p><p>(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe</p><p>(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe</p><p>(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe</p><p>(Microsoft Corporation) C:\Windows\System32\dllhost.exe</p><p>(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe</p><p>(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe</p><p>(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe</p><p>(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe</p><p>(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE</p><p>(Microsoft Corporation) C:\Windows\System32\dllhost.exe</p><p>(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE</p><p>() C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE</p><p>(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE</p><p>(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE</p><p>(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe</p><p>(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_18_0_0_203_ActiveX.exe</p><p>(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe</p><p></p><p></p><p>==================== Registry (Whitelisted) ==================</p><p></p><p>(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)</p><p></p><p>HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2814760 2011-07-15] (Synaptics Incorporated)</p><p>HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp</p><p>HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-08-16] (IDT, Inc.)</p><p>HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [42808 2011-06-27] (Hewlett-Packard Development Company, L.P.)</p><p>HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)</p><p>HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-04-14] (Renesas Electronics Corporation)</p><p>HKLM-x32\...\Run: [] => [X]</p><p>HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-09-02] (Hewlett-Packard Company)</p><p>HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2015-04-29] (Adobe Systems Incorporated)</p><p>HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)</p><p>HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)</p><p>HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)</p><p>Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)</p><p>HKU\S-1-5-21-3932922777-2025855083-975216904-1000\...\MountPoints2: {e9c38588-d2fd-11e2-ab42-101f74692e53} - G:\menu.exe</p><p>BootExecute: autocheck autochk * bootdelete</p><p></p><p>==================== Internet (Whitelisted) ====================</p><p></p><p>(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)</p><p></p><p>HKU\S-1-5-21-3932922777-2025855083-975216904-1000\Software\Microsoft\Internet Explorer\Main,Start Page = <a href="http://www.yahoo.com/?fr=fp-yie10" target="_blank">http://www.yahoo.com/?fr=fp-yie10</a></p><p>HKU\S-1-5-21-3932922777-2025855083-975216904-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = <a href="http://www.yahoo.com/?fr=fp-yie10" target="_blank">http://www.yahoo.com/?fr=fp-yie10</a></p><p>SearchScopes: HKLM -> {6DDDF6FB-19BD-4C73-A910-A5EE0B6C2A0E} URL = <a href="http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}" target="_blank">http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link_code=qs&index=aps&field-keywords={searchTerms}</a></p><p>SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = <a href="http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}" target="_blank">http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}</a></p><p>SearchScopes: HKLM-x32 -> {6DDDF6FB-19BD-4C73-A910-A5EE0B6C2A0E} URL = <a href="http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}" target="_blank">http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link_code=qs&index=aps&field-keywords={searchTerms}</a></p><p>SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = <a href="http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}" target="_blank">http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}</a></p><p>SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = <a href="http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}" target="_blank">http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}</a></p><p>SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = </p><p>SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = </p><p>SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = </p><p>SearchScopes: HKU\S-1-5-21-3932922777-2025855083-975216904-1000 -> DefaultScope {A4388772-E100-4E65-A49C-16BB33FE1382} URL = <a href="http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie10" target="_blank">http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie10</a></p><p>SearchScopes: HKU\S-1-5-21-3932922777-2025855083-975216904-1000 -> {0AB720ED-6F09-41B4-BB55-8254C0894EE5} URL = <a href="http://delicious.com/search?p={searchTerms}" target="_blank">http://delicious.com/search?p={searchTerms}</a></p><p>SearchScopes: HKU\S-1-5-21-3932922777-2025855083-975216904-1000 -> {6DDDF6FB-19BD-4C73-A910-A5EE0B6C2A0E} URL = <a href="http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}" target="_blank">http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link_code=qs&index=aps&field-keywords={searchTerms}</a></p><p>SearchScopes: HKU\S-1-5-21-3932922777-2025855083-975216904-1000 -> {A4388772-E100-4E65-A49C-16BB33FE1382} URL = <a href="http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie10" target="_blank">http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie10</a></p><p>SearchScopes: HKU\S-1-5-21-3932922777-2025855083-975216904-1000 -> {AFF738DD-F7F1-4E2D-B870-F3819955D8F2} URL = <a href="http://www.flickr.com/search/?q={searchTerms}" target="_blank">http://www.flickr.com/search/?q={searchTerms}</a></p><p>SearchScopes: HKU\S-1-5-21-3932922777-2025855083-975216904-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = <a href="http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}" target="_blank">http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}</a></p><p>BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)</p><p>BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll [2011-08-26] (HP)</p><p>BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)</p><p>BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-05-18] (Google Inc.)</p><p>BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)</p><p>BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)</p><p>BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll [2011-08-26] (HP)</p><p>BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)</p><p>BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-05-18] (Google Inc.)</p><p>BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)</p><p>Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)</p><p>Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-05-18] (Google Inc.)</p><p>Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)</p><p>Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-05-18] (Google Inc.)</p><p>Toolbar: HKU\S-1-5-21-3932922777-2025855083-975216904-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File</p><p>Tcpip\Parameters: [DhcpNameServer] 66.51.191.140 8.8.8.8 192.168.1.1</p><p>Tcpip\..\Interfaces\{622127AE-CF16-4844-BB33-982C55D59E97}: [DhcpNameServer] 192.168.2.1</p><p>Tcpip\..\Interfaces\{7C72B34D-7A55-4AE0-9C3B-D514A9488EAA}: [DhcpNameServer] 66.51.191.140 8.8.8.8 192.168.1.1</p><p>Tcpip\..\Interfaces\{D7EC41BE-376B-47BC-955A-8A152A5A657B}: [DhcpNameServer] 192.168.254.254 192.168.254.254</p></blockquote><p></p>
[QUOTE="Deb W, post: 410938, member: 38137"] Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015 Ran by Clare (administrator) on CLARE-HP on 15-07-2015 08:12:22 Running from C:\Users\Clare\Downloads Loaded Profiles: Clare (Available Profiles: Clare) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [URL]http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/[/URL] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (HP) C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe () C:\Program Files (x86)\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe () C:\Program Files (x86)\Intel\Intel(R) Smart Connect Technology Agent\iSCTHIDMonitor.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe () C:\Program Files (x86)\Intel\Intel(R) Smart Connect Technology Agent\iSCTHIDMonitor.exe (HP) C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (HP) C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe () C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE () C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_18_0_0_203_ActiveX.exe (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2814760 2011-07-15] (Synaptics Incorporated) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-08-16] (IDT, Inc.) HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [42808 2011-06-27] (Hewlett-Packard Development Company, L.P.) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation) HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-04-14] (Renesas Electronics Corporation) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-09-02] (Hewlett-Packard Company) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2015-04-29] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3932922777-2025855083-975216904-1000\...\MountPoints2: {e9c38588-d2fd-11e2-ab42-101f74692e53} - G:\menu.exe BootExecute: autocheck autochk * bootdelete ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-3932922777-2025855083-975216904-1000\Software\Microsoft\Internet Explorer\Main,Start Page = [URL]http://www.yahoo.com/?fr=fp-yie10[/URL] HKU\S-1-5-21-3932922777-2025855083-975216904-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [URL]http://www.yahoo.com/?fr=fp-yie10[/URL] SearchScopes: HKLM -> {6DDDF6FB-19BD-4C73-A910-A5EE0B6C2A0E} URL = [URL]http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}[/URL] SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = [URL]http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}[/URL] SearchScopes: HKLM-x32 -> {6DDDF6FB-19BD-4C73-A910-A5EE0B6C2A0E} URL = [URL]http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}[/URL] SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = [URL]http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}[/URL] SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = [URL]http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}[/URL] SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3932922777-2025855083-975216904-1000 -> DefaultScope {A4388772-E100-4E65-A49C-16BB33FE1382} URL = [URL]http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie10[/URL] SearchScopes: HKU\S-1-5-21-3932922777-2025855083-975216904-1000 -> {0AB720ED-6F09-41B4-BB55-8254C0894EE5} URL = [URL]http://delicious.com/search?p={searchTerms}[/URL] SearchScopes: HKU\S-1-5-21-3932922777-2025855083-975216904-1000 -> {6DDDF6FB-19BD-4C73-A910-A5EE0B6C2A0E} URL = [URL]http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}[/URL] SearchScopes: HKU\S-1-5-21-3932922777-2025855083-975216904-1000 -> {A4388772-E100-4E65-A49C-16BB33FE1382} URL = [URL]http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie10[/URL] SearchScopes: HKU\S-1-5-21-3932922777-2025855083-975216904-1000 -> {AFF738DD-F7F1-4E2D-B870-F3819955D8F2} URL = [URL]http://www.flickr.com/search/?q={searchTerms}[/URL] SearchScopes: HKU\S-1-5-21-3932922777-2025855083-975216904-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = [URL]http://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}[/URL] BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.) BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll [2011-08-26] (HP) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-05-18] (Google Inc.) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard) BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.) BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll [2011-08-26] (HP) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-05-18] (Google Inc.) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard) Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-05-18] (Google Inc.) Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-05-18] (Google Inc.) Toolbar: HKU\S-1-5-21-3932922777-2025855083-975216904-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Tcpip\Parameters: [DhcpNameServer] 66.51.191.140 8.8.8.8 192.168.1.1 Tcpip\..\Interfaces\{622127AE-CF16-4844-BB33-982C55D59E97}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{7C72B34D-7A55-4AE0-9C3B-D514A9488EAA}: [DhcpNameServer] 66.51.191.140 8.8.8.8 192.168.1.1 Tcpip\..\Interfaces\{D7EC41BE-376B-47BC-955A-8A152A5A657B}: [DhcpNameServer] 192.168.254.254 192.168.254.254 [/QUOTE]
Insert quotes…
Verification
Post reply
Top