-
Browsers Hijacked and HijackThis unable to remove entries
Turned out my log post is too long and I got a message "The text that you have entered is too long (74756 characters). Please shorten it to 64000 characters long."
I have pasted the entire content of my original post into a zipped txt file similar to the requested attach.txt. I hope this is an accepted workaround to posting lengthy items. Please accept my apology if I have overlooked a FAQ instruction.
-
just occurred to me that I can break up the post into two posts.
Hi, I am new. I recently installed a software from a suspicious, something that I should have known better and now I am stuck with a hijacked browser with modified tab and an infection that won't allow to be fixed using HijackThis. Looking forward to any expert guidance and assistance.
As instructed by the FAQ, here is the content of my DDS.txt
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 1.6.0_37
Run by HP at 18:44:23 on 2012-12-29
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.65.1033.18.3894.1794 [GMT 8:00]
.
AV: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vcsFPService.exe
C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Users\HP\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
C:\SwSetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\rundll32.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\i-Funbox DevTeam\ifb_conn.exe
C:\Users\HP\AppData\Local\Smartbar\Application\QuickShare.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\seg13vqf.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}\components\afom.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com.my/
mStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10005
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: QuickShare WidgetEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} -
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: EgisPBIE Class: {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisPBIE.dll
BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\HP\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: QuickShare Widget: {ae07101b-46d4-4a98-af68-0333ea26e113} -
uRun: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
uRun: [iFunBoxConnector] "C:\Program Files (x86)\i-Funbox DevTeam\ifb_conn.exe"
uRun: [Browser Infrastructure Helper] C:\Users\HP\AppData\Local\Smartbar\Application\QuickShare.exe startup
uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
uRunOnce: [SpybotDeletingF9873] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}\ARPPRODUCTICON.exe"
uRunOnce: [SpybotDeletingF6043] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\ContentPackagesActivationHandler.exe"
uRunOnce: [SpybotDeletingF166] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\default.xml"
uRunOnce: [SpybotDeletingF8168] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll"
uRunOnce: [SpybotDeletingF9384] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgArchive.dll"
uRunOnce: [SpybotDeletingF1311] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll"
uRunOnce: [SpybotDeletingF6222] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll"
uRunOnce: [SpybotDeletingF6278] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll"
uRunOnce: [SpybotDeletingF8646] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgFlashPlayer.dll"
uRunOnce: [SpybotDeletingF5470] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll"
uRunOnce: [SpybotDeletingF9809] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgICQAuto.dll"
uRunOnce: [SpybotDeletingF6515] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgICQMessengerAdapter.dll"
uRunOnce: [SpybotDeletingF7163] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mglogger.dll"
uRunOnce: [SpybotDeletingF7187] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgMediaPlayer.dll"
uRunOnce: [SpybotDeletingF7818] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgMsnAuto.dll"
uRunOnce: [SpybotDeletingF8885] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgMsnMessengerAdapter.dll"
uRunOnce: [SpybotDeletingF1840] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll"
uRunOnce: [SpybotDeletingF3068] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgSweetIM.dll"
uRunOnce: [SpybotDeletingF1284] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll"
uRunOnce: [SpybotDeletingF8170] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll"
uRunOnce: [SpybotDeletingF5306] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgYahooAuto.dll"
uRunOnce: [SpybotDeletingF4224] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgYahooMessengerAdapter.dll"
uRunOnce: [SpybotDeletingF8187] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcp71.dll"
uRunOnce: [SpybotDeletingF2126] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll"
uRunOnce: [SpybotDeletingF4654] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\AudibleButton.png"
uRunOnce: [SpybotDeletingF9185] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\DisplayPicturesButton.png"
uRunOnce: [SpybotDeletingF8428] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\EmoticonButton.png"
uRunOnce: [SpybotDeletingF3306] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\GamesButton.png"
uRunOnce: [SpybotDeletingF9270] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\KeyboardButton.png"
uRunOnce: [SpybotDeletingF1684] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\NudgeButton.png"
uRunOnce: [SpybotDeletingF1426] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\SoundFxButton.png"
uRunOnce: [SpybotDeletingF3901] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\WinksButton.png"
uRunOnce: [SpybotDeletingF673] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll"
uRunOnce: [SpybotDeletingF337] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
uRunOnce: [SpybotDeletingF4349] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\ContentPackagesActivationHandler.exe"
uRunOnce: [SpybotDeletingF120] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\default.xml"
uRunOnce: [SpybotDeletingF4302] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll"
uRunOnce: [SpybotDeletingF4021] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgArchive.dll"
uRunOnce: [SpybotDeletingF8101] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll"
uRunOnce: [SpybotDeletingF5956] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll"
uRunOnce: [SpybotDeletingF6361] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll"
uRunOnce: [SpybotDeletingF478] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgFlashPlayer.dll"
uRunOnce: [SpybotDeletingF7909] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll"
uRunOnce: [SpybotDeletingF3263] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgICQAuto.dll"
uRunOnce: [SpybotDeletingF3507] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgICQMessengerAdapter.dll"
uRunOnce: [SpybotDeletingF6005] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mglogger.dll"
uRunOnce: [SpybotDeletingF5373] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgMediaPlayer.dll"
uRunOnce: [SpybotDeletingF6552] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll_old"
uRunOnce: [SpybotDeletingF320] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgMsnMessengerAdapter.dll"
uRunOnce: [SpybotDeletingF2481] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll"
uRunOnce: [SpybotDeletingF234] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgSweetIM.dll"
uRunOnce: [SpybotDeletingF1393] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll"
uRunOnce: [SpybotDeletingF1601] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll"
uRunOnce: [SpybotDeletingF7539] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgYahooAuto.dll"
uRunOnce: [SpybotDeletingF9256] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgYahooMessengerAdapter.dll"
uRunOnce: [SpybotDeletingF5122] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcp71.dll"
uRunOnce: [SpybotDeletingF4896] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll"
uRunOnce: [SpybotDeletingF2157] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\AudibleButton.png"
uRunOnce: [SpybotDeletingF3444] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\DisplayPicturesButton.png"
uRunOnce: [SpybotDeletingF1230] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\EmoticonButton.png"
uRunOnce: [SpybotDeletingF4017] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\GamesButton.png"
uRunOnce: [SpybotDeletingF2525] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\KeyboardButton.png"
uRunOnce: [SpybotDeletingF1134] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\NudgeButton.png"
uRunOnce: [SpybotDeletingF8615] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\SoundFxButton.png"
uRunOnce: [SpybotDeletingF8993] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\WinksButton.png"
uRunOnce: [SpybotDeletingF8072] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll"
uRunOnce: [SpybotDeletingF3875] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
uRunOnce: [SpybotDeletingF5802] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\AudibleButton.png"
uRunOnce: [SpybotDeletingF2035] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\DisplayPicturesButton.png"
uRunOnce: [SpybotDeletingF8554] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\EmoticonButton.png"
uRunOnce: [SpybotDeletingF5611] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\GamesButton.png"
uRunOnce: [SpybotDeletingF8730] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\KeyboardButton.png"
uRunOnce: [SpybotDeletingF9210] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\NudgeButton.png"
uRunOnce: [SpybotDeletingF4659] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\SoundFxButton.png"
uRunOnce: [SpybotDeletingF2993] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\WinksButton.png"
uRunOnce: [SpybotDeletingF2150] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\AudibleButton.png"
uRunOnce: [SpybotDeletingF1091] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\DisplayPicturesButton.png"
uRunOnce: [SpybotDeletingF1890] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\EmoticonButton.png"
uRunOnce: [SpybotDeletingF2485] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\GamesButton.png"
uRunOnce: [SpybotDeletingF7120] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\KeyboardButton.png"
uRunOnce: [SpybotDeletingF685] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\NudgeButton.png"
uRunOnce: [SpybotDeletingF6846] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\SoundFxButton.png"
uRunOnce: [SpybotDeletingF1202] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\WinksButton.png"
uRunOnce: [SpybotDeletingF6916] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll"
uRunOnce: [SpybotDeletingF6672] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}\ARPPRODUCTICON.exe"
uRunOnce: [SpybotDeletingF842] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll_old"
uRunOnce: [SpybotDeletingF9872] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgArchive.dll_old"
uRunOnce: [SpybotDeletingF429] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll_old"
uRunOnce: [SpybotDeletingF8787] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll_old"
uRunOnce: [SpybotDeletingF5983] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll_old"
uRunOnce: [SpybotDeletingF7574] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgFlashPlayer.dll_old"
uRunOnce: [SpybotDeletingF6797] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgMsnAuto.dll_old"
uRunOnce: [SpybotDeletingF8138] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgMsnMessengerAdapter.dll_old"
uRunOnce: [SpybotDeletingF7488] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll_old"
uRunOnce: [SpybotDeletingF800] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgSweetIM.dll_old"
uRunOnce: [SpybotDeletingF3546] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll_old"
uRunOnce: [SpybotDeletingF3876] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll_old"
uRunOnce: [SpybotDeletingF5552] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcp71.dll_old"
uRunOnce: [SpybotDeletingF4811] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll_old"
uRunOnce: [SpybotDeletingF8683] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll_old"
uRunOnce: [SpybotDeletingF142] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgArchive.dll_old"
uRunOnce: [SpybotDeletingF3592] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll_old"
uRunOnce: [SpybotDeletingF3275] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll_old"
uRunOnce: [SpybotDeletingF1646] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll_old"
uRunOnce: [SpybotDeletingF3511] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
uRunOnce: [SpybotDeletingF3142] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll_old"
uRunOnce: [SpybotDeletingF5211] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgMsnAuto.dll_old"
uRunOnce: [SpybotDeletingF3299] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgMsnMessengerAdapter.dll_old"
uRunOnce: [SpybotDeletingF1981] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll_old"
uRunOnce: [SpybotDeletingF4299] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgSweetIM.dll_old"
uRunOnce: [SpybotDeletingF3903] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll_old"
uRunOnce: [SpybotDeletingF9257] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll_old"
uRunOnce: [SpybotDeletingF1356] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcp71.dll_old"
uRunOnce: [SpybotDeletingF4252] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll_old"
uRunOnce: [SpybotDeletingF6689] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\SweetIM\Messenger\conf\sweetim.xml"
uRunOnce: [SpybotDeletingF1288] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\SweetIM\Messenger\conf\messages.xml"
uRunOnce: [SpybotDeletingF3751] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\SweetIM\Messenger\conf\users\main_user_config.xml"
uRunOnce: [SpybotDeletingF4225] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\SweetIM\Messenger\data\contentdb\cache_indx.dat"
uRunOnce: [SpybotDeletingF721] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\default.xml"
uRunOnce: [SpybotDeletingF2596] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcp71.dll"
uRunOnce: [SpybotDeletingF211] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll"
uRunOnce: [SpybotDeletingF587] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\AudibleButton.png"
uRunOnce: [SpybotDeletingF6810] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\DisplayPicturesButton.png"
uRunOnce: [SpybotDeletingF5778] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\EmoticonButton.png"
uRunOnce: [SpybotDeletingF7660] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\GamesButton.png"
uRunOnce: [SpybotDeletingF3431] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\KeyboardButton.png"
uRunOnce: [SpybotDeletingF3836] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\NudgeButton.png"
uRunOnce: [SpybotDeletingF4923] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\SoundFxButton.png"
uRunOnce: [SpybotDeletingF2686] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\WinksButton.png"
uRunOnce: [SpybotDeletingF2529] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}\ARPPRODUCTICON.exe"
uRunOnce: [SpybotDeletingF9938] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll_old"
uRunOnce: [SpybotDeletingF5637] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgArchive.dll_old"
uRunOnce: [SpybotDeletingF9544] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll_old"
uRunOnce: [SpybotDeletingF3424] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll_old"
uRunOnce: [SpybotDeletingF6011] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll_old"
uRunOnce: [SpybotDeletingF0] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgFlashPlayer.dll_old"
uRunOnce: [SpybotDeletingF5249] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll_old"
uRunOnce: [SpybotDeletingF9439] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgMsnAuto.dll_old"
uRunOnce: [SpybotDeletingF9106] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgMsnMessengerAdapter.dll_old"
uRunOnce: [SpybotDeletingF2531] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll_old"
uRunOnce: [SpybotDeletingF4813] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgSweetIM.dll_old"
uRunOnce: [SpybotDeletingF2649] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll_old"
uRunOnce: [SpybotDeletingF4663] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll_old"
uRunOnce: [SpybotDeletingF9932] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcp71.dll_old"
uRunOnce: [SpybotDeletingF216] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll_old"
uRunOnce: [SpybotDeletingF480] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll_old"
uRunOnce: [SpybotDeletingF5438] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgArchive.dll_old"
uRunOnce: [SpybotDeletingF3405] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll_old"
uRunOnce: [SpybotDeletingF5451] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll_old"
uRunOnce: [SpybotDeletingF8019] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll_old"
uRunOnce: [SpybotDeletingF2763] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgFlashPlayer.dll_old"
uRunOnce: [SpybotDeletingF7701] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll_old"
uRunOnce: [SpybotDeletingF6227] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgMsnAuto.dll_old"
uRunOnce: [SpybotDeletingF8963] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgMsnMessengerAdapter.dll_old"
uRunOnce: [SpybotDeletingF497] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll_old"
uRunOnce: [SpybotDeletingF7837] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgSweetIM.dll_old"
uRunOnce: [SpybotDeletingF5434] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll_old"
uRunOnce: [SpybotDeletingF7887] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll_old"
uRunOnce: [SpybotDeletingF4296] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcp71.dll_old"
uRunOnce: [SpybotDeletingF1446] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll_old"
uRunOnce: [SpybotDeletingF8612] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
uRunOnce: [SpybotDeletingF262] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\SweetIM\Messenger\conf\sweetim.xml"
uRunOnce: [SpybotDeletingF3493] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\SweetIM\Messenger\conf\messages.xml"
uRunOnce: [SpybotDeletingF3929] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\SweetIM\Messenger\conf\users\main_user_config.xml"
uRunOnce: [SpybotDeletingF5266] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\SweetIM\Messenger\data\contentdb\cache_indx.dat"
uRunOnce: [SpybotDeletingF8982] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\default.xml"
uRunOnce: [SpybotDeletingF4934] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcp71.dll"
uRunOnce: [SpybotDeletingF1347] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll"
uRunOnce: [SpybotDeletingF1674] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\AudibleButton.png"
uRunOnce: [SpybotDeletingF8469] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\DisplayPicturesButton.png"
uRunOnce: [SpybotDeletingF1942] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\EmoticonButton.png"
uRunOnce: [SpybotDeletingF8415] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\GamesButton.png"
uRunOnce: [SpybotDeletingF1738] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\KeyboardButton.png"
uRunOnce: [SpybotDeletingF7082] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\NudgeButton.png"
uRunOnce: [SpybotDeletingF2643] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\SoundFxButton.png"
uRunOnce: [SpybotDeletingF5814] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\WinksButton.png"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [VitaKeyTSR] C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe /run
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRunOnce: [SpybotDeletingE4547] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}\ARPPRODUCTICON.exe"
mRunOnce: [SpybotDeletingE884] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll_old"
mRunOnce: [SpybotDeletingE7902] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgArchive.dll_old"
mRunOnce: [SpybotDeletingE3305] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll_old"
mRunOnce: [SpybotDeletingE1390] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll_old"
mRunOnce: [SpybotDeletingE4007] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll_old"
mRunOnce: [SpybotDeletingE2226] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgFlashPlayer.dll_old"
mRunOnce: [SpybotDeletingE8441] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll_old"
mRunOnce: [SpybotDeletingE996] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgMsnAuto.dll_old"
mRunOnce: [SpybotDeletingE1156] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgMsnMessengerAdapter.dll_old"
mRunOnce: [SpybotDeletingE8267] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll_old"
mRunOnce: [SpybotDeletingE8045] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgSweetIM.dll_old"
mRunOnce: [SpybotDeletingE5129] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll_old"
mRunOnce: [SpybotDeletingE2785] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll_old"
mRunOnce: [SpybotDeletingE9133] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcp71.dll_old"
mRunOnce: [SpybotDeletingE5819] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll_old"
mRunOnce: [SpybotDeletingE6916] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll_old"
mRunOnce: [SpybotDeletingE8219] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgArchive.dll_old"
mRunOnce: [SpybotDeletingE279] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll_old"
mRunOnce: [SpybotDeletingE6055] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll_old"
mRunOnce: [SpybotDeletingE1104] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll_old"
mRunOnce: [SpybotDeletingE8197] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgFlashPlayer.dll_old"
mRunOnce: [SpybotDeletingE8491] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll_old"
mRunOnce: [SpybotDeletingE2379] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgMsnAuto.dll_old"
mRunOnce: [SpybotDeletingE9937] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgMsnMessengerAdapter.dll_old"
mRunOnce: [SpybotDeletingE9489] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll_old"
mRunOnce: [SpybotDeletingE6665] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgSweetIM.dll_old"
mRunOnce: [SpybotDeletingE6237] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll_old"
mRunOnce: [SpybotDeletingE1888] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll_old"
mRunOnce: [SpybotDeletingE212] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcp71.dll_old"
mRunOnce: [SpybotDeletingE1086] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll_old"
mRunOnce: [SpybotDeletingE6630] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
mRunOnce: [SpybotDeletingE3622] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\SweetIM\Messenger\conf\sweetim.xml"
mRunOnce: [SpybotDeletingE5742] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\SweetIM\Messenger\conf\messages.xml"
mRunOnce: [SpybotDeletingE1572] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\SweetIM\Messenger\conf\users\main_user_config.xml"
mRunOnce: [SpybotDeletingE1094] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\SweetIM\Messenger\data\contentdb\cache_indx.dat"
mRunOnce: [SpybotDeletingE4881] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\default.xml"
mRunOnce: [SpybotDeletingE9906] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcp71.dll"
mRunOnce: [SpybotDeletingE6198] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll"
mRunOnce: [SpybotDeletingE2918] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\AudibleButton.png"
mRunOnce: [SpybotDeletingE4666] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\DisplayPicturesButton.png"
mRunOnce: [SpybotDeletingE4693] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\EmoticonButton.png"
mRunOnce: [SpybotDeletingE7055] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\GamesButton.png"
mRunOnce: [SpybotDeletingE188] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\KeyboardButton.png"
mRunOnce: [SpybotDeletingE2905] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\NudgeButton.png"
mRunOnce: [SpybotDeletingE4046] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\SoundFxButton.png"
mRunOnce: [SpybotDeletingE321] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\WinksButton.png"
mRunOnce: [SpybotDeletingE5381] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}\ARPPRODUCTICON.exe"
mRunOnce: [SpybotDeletingE430] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll_old"
mRunOnce: [SpybotDeletingE8549] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgArchive.dll_old"
mRunOnce: [SpybotDeletingE552] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll_old"
mRunOnce: [SpybotDeletingE9446] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll_old"
mRunOnce: [SpybotDeletingE5039] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll_old"
mRunOnce: [SpybotDeletingE1547] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgFlashPlayer.dll_old"
mRunOnce: [SpybotDeletingE4766] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll_old"
mRunOnce: [SpybotDeletingE1051] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgMsnAuto.dll_old"
mRunOnce: [SpybotDeletingE6238] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgMsnMessengerAdapter.dll_old"
mRunOnce: [SpybotDeletingE1978] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll_old"
mRunOnce: [SpybotDeletingE2058] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgSweetIM.dll_old"
mRunOnce: [SpybotDeletingE2430] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll_old"
mRunOnce: [SpybotDeletingE4001] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll_old"
mRunOnce: [SpybotDeletingE9045] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcp71.dll_old"
mRunOnce: [SpybotDeletingE941] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll_old"
mRunOnce: [SpybotDeletingE1746] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll_old"
mRunOnce: [SpybotDeletingE5501] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgArchive.dll_old"
mRunOnce: [SpybotDeletingE8293] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll_old"
mRunOnce: [SpybotDeletingE1961] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll_old"
mRunOnce: [SpybotDeletingE4076] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll_old"
mRunOnce: [SpybotDeletingE79] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgFlashPlayer.dll_old"
mRunOnce: [SpybotDeletingE2650] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll_old"
mRunOnce: [SpybotDeletingE7956] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgMsnAuto.dll_old"
mRunOnce: [SpybotDeletingE2522] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgMsnMessengerAdapter.dll_old"
mRunOnce: [SpybotDeletingE8701] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll_old"
mRunOnce: [SpybotDeletingE9239] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgSweetIM.dll_old"
mRunOnce: [SpybotDeletingE8015] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll_old"
mRunOnce: [SpybotDeletingE4261] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll_old"
mRunOnce: [SpybotDeletingE608] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcp71.dll_old"
mRunOnce: [SpybotDeletingE4346] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll_old"
mRunOnce: [SpybotDeletingE7939] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
mRunOnce: [SpybotDeletingE1179] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\SweetIM\Messenger\conf\sweetim.xml"
mRunOnce: [SpybotDeletingE2735] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\SweetIM\Messenger\conf\messages.xml"
mRunOnce: [SpybotDeletingE5117] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\SweetIM\Messenger\conf\users\main_user_config.xml"
mRunOnce: [SpybotDeletingE4959] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\ProgramData\SweetIM\Messenger\data\contentdb\cache_indx.dat"
mRunOnce: [SpybotDeletingE161] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\default.xml"
mRunOnce: [SpybotDeletingE4364] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcp71.dll"
mRunOnce: [SpybotDeletingE8091] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll"
mRunOnce: [SpybotDeletingE5886] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\AudibleButton.png"
mRunOnce: [SpybotDeletingE1702] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\DisplayPicturesButton.png"
mRunOnce: [SpybotDeletingE1688] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\EmoticonButton.png"
mRunOnce: [SpybotDeletingE9843] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\GamesButton.png"
mRunOnce: [SpybotDeletingE2370] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\KeyboardButton.png"
mRunOnce: [SpybotDeletingE1649] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\NudgeButton.png"
mRunOnce: [SpybotDeletingE6157] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\SoundFxButton.png"
mRunOnce: [SpybotDeletingE9665] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files (x86)\SweetIM\Messenger\resources\images\WinksButton.png"
StartupFolder: C:\Users\HP\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\Users\HP\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICD~1.LNK - C:\Program Files (x86)\MagicDisc\MagicDisc.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
-
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{4828EB99-DA1D-4695-B4CF-90CDCB7F710C} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{4828EB99-DA1D-4695-B4CF-90CDCB7F710C} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{4828EB99-DA1D-4695-B4CF-90CDCB7F710C}\1405D474D2D416C61697379616 : DHCPNameServer = 10.1.8.2
TCP: Interfaces\{9E8BEB33-11FA-4636-B10D-77BE08229A4C} : NameServer = 0.0.0.0
TCP: Interfaces\{AEF7CD20-AAAA-4BC1-A214-9115BAB18C84} : DHCPNameServer = 16.110.135.52 16.110.135.51
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
LSA: Notification Packages = EgisPwdFilter EgisDSPwdFilter
x64-BHO: QuickShare WidgetEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} -
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: EgisPBIE Class: {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\x64\EgisPBIE.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: QuickShare Widget: {ae07101b-46d4-4a98-af68-0333ea26e113} -
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
x64-Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences Pro\FencesMenu64.dll
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\seg13vqf.default\
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2012-12-29 09:41; addon@defaulttab.com; C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\seg13vqf.default\extensions\addon@defaulttab.com.xpi
FF - ExtSQL: 2012-12-29 09:44; helperbar@helperbar.com; C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\seg13vqf.default\extensions\helperbar@helperbar.com
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-10-15 63328]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2012-9-21 225120]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2012-10-5 111456]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-9-14 40800]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2012-10-22 154464]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-10-2 185696]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2012-9-21 200032]
R1 DVMIO;DeviceVM IO Service;C:\Windows\System32\drivers\dvmio.sys [2009-11-12 20056]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2012-10-3 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-10-3 203264]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-6 5814392]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 DefaultTabUpdate;DefaultTabUpdate;C:\Users\HP\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2012-12-29 107520]
R2 DvmMDES;DeviceVM Meta Data Export Service;C:\SwSetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe [2010-9-29 338208]
R2 EgisTec Service;EgisTec Service;C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe [2010-6-14 697712]
R2 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-6-14 646000]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-22 103992]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-6 291896]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-8-24 26680]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-10-3 13336]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-12-29 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-12-29 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-12-29 168384]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-10-3 2533400]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2010-2-23 2192176]
R3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2012-10-3 344616]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2012-10-3 39464]
R3 clwvd;HP Webcam Splitter;C:\Windows\System32\drivers\clwvd.sys [2010-9-4 31088]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2012-10-3 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2012-10-3 158976]
R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2012-10-3 10603904]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-3-18 7680512]
R3 wdkmd;Intel WiDi KMD;C:\Windows\System32\drivers\WDKMD.sys [2010-8-17 39832]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-3-6 340240]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-11 5434368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-13 19456]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-10-3 349800]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-13 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-10-2 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-11 389120]
.
=============== Created Last 30 ================
.
2012-12-29 09:30:13 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-12-29 09:30:04 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
2012-12-29 09:30:01 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2012-12-29 08:57:12 388096 ----a-r- C:\Users\HP\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-12-29 08:57:12 -------- d-----w- C:\Program Files (x86)\Trend Micro
2012-12-29 08:55:37 -------- d-----w- C:\Users\HP\AppData\Local\Programs
2012-12-28 20:09:03 -------- d-----w- C:\Program Files (x86)\SweetIM
2012-12-28 20:08:55 -------- d-----w- C:\Program Files (x86)\sweetpacks bundle uninstaller
2012-12-28 20:07:56 -------- d-----w- C:\Users\HP\AppData\Local\Smartbar
2012-12-28 20:07:24 -------- d-----w- C:\Users\HP\AppData\Roaming\DefaultTab
2012-12-28 20:07:18 -------- d-----w- C:\Users\HP\AppData\Local\SwvUpdater
2012-12-28 20:01:02 -------- d-----w- C:\Program Files (x86)\WebCam Spy Pro
2012-12-24 19:06:08 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-24 19:06:08 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-24 19:06:07 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-24 19:06:06 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-12 17:00:11 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-12-12 16:58:19 424960 ----a-w- C:\Windows\System32\KernelBase.dll
2012-12-12 16:57:56 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-12-12 16:57:55 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-12-12 16:57:55 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
.
==================== Find3M ====================
.
2012-12-26 02:31:40 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-26 02:31:40 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-12-14 08:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-10-22 05:02:44 154464 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
2012-10-14 19:48:50 63328 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-10-04 19:32:50 111456 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
2012-10-04 17:46:16 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-10-04 17:46:15 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-10-04 17:46:15 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-10-04 17:45:55 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-10-04 17:43:28 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-10-04 16:47:41 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-10-04 16:47:41 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-10-04 15:21:55 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-10-04 14:46:46 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-10-04 14:46:46 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-10-04 14:46:44 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-10-04 14:46:43 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-10-04 14:41:50 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-10-04 14:41:50 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-04 14:41:50 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-04 14:41:50 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2012-10-03 05:58:09 175616 ----a-w- C:\Windows\System32\msclmd.dll
2012-10-03 05:58:09 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2012-10-02 17:04:47 0 ----a-w- C:\Windows\ativpsrm.bin
2012-10-01 19:30:38 185696 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
.
============= FINISH: 18:44:51.53 ===============
content from aswMBR.txt log
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-29 18:53:21
-----------------------------
18:53:21.676 OS Version: Windows x64 6.1.7601 Service Pack 1
18:53:21.676 Number of processors: 4 586 0x2505
18:53:21.676 ComputerName: HP-HP UserName: HP
18:53:23.189 Initialize success
18:55:49.258 AVAST engine defs: 12122900
18:56:16.527 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:56:16.527 Disk 0 Vendor: TOSHIBA_ GS00 Size: 610480MB BusType: 3
18:56:16.527 Disk 0 MBR read successfully
18:56:16.543 Disk 0 MBR scan
18:56:16.543 Disk 0 unknown MBR code
18:56:16.574 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
18:56:16.590 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 578611 MB offset 409600
18:56:16.621 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 31565 MB offset 1185404928
18:56:16.636 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 1250050048
18:56:16.668 Disk 0 scanning C:\Windows\system32\drivers
18:56:26.730 Service scanning
18:57:05.419 Modules scanning
18:57:05.419 Disk 0 trace - called modules:
18:57:05.980 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
18:57:05.980 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800528d060]
18:57:05.980 3 CLASSPNP.SYS[fffff8800181743f] -> nt!IofCallDriver -> [0xfffffa800513ab10]
18:57:05.996 5 hpdskflt.sys[fffff88001bb6189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004fc2050]
18:57:07.462 AVAST engine scan C:\Windows
18:57:10.021 AVAST engine scan C:\Windows\system32
19:01:59.941 AVAST engine scan C:\Windows\system32\drivers
19:02:12.985 AVAST engine scan C:\Users\HP
19:11:52.158 AVAST engine scan C:\ProgramData
19:12:30.052 Scan finished successfully
04:07:46.391 Disk 0 MBR has been saved successfully to "C:\Users\HP\Desktop\MBR.dat"
04:07:46.391 The log file has been saved successfully to "C:\Users\HP\Desktop\aswMBR.txt"
-
-
log from AdwCleaner :
# AdwCleaner v2.104 - Logfile created 01/06/2013 at 20:26:28
# Updated 29/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : HP - HP-HP
# Boot Mode : Normal
# Running from : C:\Users\HP\Desktop\AdwCleaner.exe
# Option [Delete]
***** [Services] *****
Stopped & Deleted : DefaultTabUpdate
***** [Files / Folders] *****
File Deleted : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\seg13vqf.default\extensions\addon@defaulttab.com.xpi
File Deleted : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\seg13vqf.default\searchplugins\search-here.xml
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\Users\HP\AppData\Local\Smartbar
Folder Deleted : C:\Users\HP\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\HP\AppData\Local\Temp\Smartbar
Folder Deleted : C:\Users\HP\AppData\LocalLow\Smartbar
Folder Deleted : C:\Users\HP\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\seg13vqf.default\extensions\helperbar@helperbar.com
Folder Deleted : C:\Users\HP\Desktop\Software
Folder Deleted : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
***** [Registry] *****
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\SmartbarBackup
Key Deleted : HKCU\Software\SmartbarLog
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\Software\SweetIM
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16457
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10005 --> hxxp://www.google.com
-\\ Mozilla Firefox v17.0.1 (en-US)
File : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\seg13vqf.default\prefs.js
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\seg13vqf.default\user.js ... Deleted !
Deleted : user_pref("extensions.defaulttab.config", "{\"status\": \"ok\", \"config\": {\"dns_error_handling\":[...]
Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.google.com.my/");
Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10005");
-\\ Google Chrome v23.0.1271.97
File : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[S1].txt - [6789 octets] - [06/01/2013 20:26:28]
########## EOF - C:\AdwCleaner[S1].txt - [6849 octets] ##########
*********************************
log from Malwarebytes Anti-Malware:
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Database version: v2013.01.06.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
HP :: HP-HP [administrator]
6/1/2013 8:33:46 PM
mbam-log-2013-01-06 (20-33-46).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 214279
Time elapsed: 4 minute(s), 6 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
-
Lets take another look
OTL by OldTimer
- Download OTL to your desktop.
- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
- When the window appears, underneath Output at the top change it to Minimal Output.
- Click the "Scan All Users" checkbox.
- Check the boxes beside LOP Check and Purity Check.
- Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically. - Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules