LandzDown Forum

Hello Everybody.

The computer is just a week old (HP Pavillion 1235), Window 7, 64-bit.

Mbam picked up on a PUP Bundleoffer and quarantined and deleted it successfully. I would like to make sure that it is not on my system.

Also, the past two days when starting the computer up for the day, a dialog box says " Windows failed to start" and it proceeds to do the Startup Repair process. About a half hour ago I did a shutdown of the computer, waited a couple of minutes, and then started the computer as I normally do. Everything went as it should, no error messages. I am just wondering if that PUP has anything to do with it.

The computer seems to be running fine other than those two problems.

Thank You, Bernie.

The logs are in the following order;

Mbam showing the PUP
Mbam showing today's scan
DDS
Attach
Checkup

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.09.05.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
bernie :: BERNIE-DESKTOP [administrator]

Protection: Enabled

9/5/2012 12:10:40 PM
mbam-log-2012-09-05 (12-10-40).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 193375
Time elapsed: 2 minute(s), 6 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\bernie\Downloads\7zip_installer_d161680.exe (PUP.BundleOffers.IIQ) -> Quarantined and deleted successfully.

(end)


Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.09.06.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
bernie :: BERNIE-DESKTOP [administrator]

Protection: Enabled

9/6/2012 3:55:46 PM
mbam-log-2012-09-06 (15-55-46).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 193663
Time elapsed: 1 minute(s), 28 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421  BrowserJavaVersion: 10.7.2
Run by bernie at 15:33:31 on 2012-09-06
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.7607.5979 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\atieclxx.exe
C:\windows\system32\WLANExt.exe
C:\windows\system32\conhost.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\WUDFHost.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\IDT\WDM\Beats64.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\DllHost.exe
C:\windows\SysWOW64\RunDll32.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\msiexec.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit=userinit.exe,
BHO: SteadyVideoBHO Class: {6c680bae-655c-4e3d-8fc4-e6a520c3d928} - c:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot
StartupFolder: C:\Users\bernie\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe
StartupFolder: C:\Users\bernie\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
TCP: DhcpNameServer = 75.75.76.76 75.75.75.75 192.168.1.1
TCP: Interfaces\{CB5BF203-BF82-4479-8BFA-5BC01B14F33F} : DhcpNameServer = 75.75.76.76 75.75.75.75 192.168.1.1
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn
BHO-X64: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
BHO-X64:     AMD SteadyVideo BHO - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun-x64: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [(Default)]
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\bernie\AppData\Roaming\Mozilla\Firefox\Profiles\pe180bt7.default\
FF - prefs.js: browser.search.selectedEngine - The Wayback Machine
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\windows\system32\drivers\amd_sata.sys --> C:\windows\system32\drivers\amd_sata.sys [?]
R0 amd_xata;amd_xata;C:\windows\system32\drivers\amd_xata.sys --> C:\windows\system32\drivers\amd_xata.sys [?]
R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\system32\DRIVERS\MpFilter.sys --> C:\windows\system32\DRIVERS\MpFilter.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\system32\atiesrxx.exe --> C:\windows\system32\atiesrxx.exe [?]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-17 682040]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-30 655944]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2011-10-14 994360]
R3 amdhub30;AMD USB 3.0 Hub Driver;C:\windows\system32\DRIVERS\amdhub30.sys --> C:\windows\system32\DRIVERS\amdhub30.sys [?]
R3 amdkmdag;amdkmdag;C:\windows\system32\DRIVERS\atikmdag.sys --> C:\windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\windows\system32\DRIVERS\atikmpag.sys --> C:\windows\system32\DRIVERS\atikmpag.sys [?]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\windows\system32\DRIVERS\amdxhc.sys --> C:\windows\system32\DRIVERS\amdxhc.sys [?]
R3 BTWAMPFL;BTWAMPFL;C:\windows\system32\DRIVERS\btwampfl.sys --> C:\windows\system32\DRIVERS\btwampfl.sys [?]
R3 btwl2cap;Bluetooth L2CAP Service;C:\windows\system32\DRIVERS\btwl2cap.sys --> C:\windows\system32\DRIVERS\btwl2cap.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\windows\system32\DRIVERS\L1C62x64.sys --> C:\windows\system32\DRIVERS\L1C62x64.sys [?]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\windows\system32\DRIVERS\LEqdUsb.Sys --> C:\windows\system32\DRIVERS\LEqdUsb.Sys [?]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\windows\system32\DRIVERS\LHidEqd.Sys --> C:\windows\system32\DRIVERS\LHidEqd.Sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\windows\system32\drivers\mbam.sys --> C:\windows\system32\drivers\mbam.sys [?]
R3 PSI;PSI;C:\windows\system32\DRIVERS\psi_mf.sys --> C:\windows\system32\DRIVERS\psi_mf.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\windows\system32\drivers\usbfilter.sys --> C:\windows\system32\drivers\usbfilter.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-8-30 116648]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-8-30 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-8-30 114144]
S3 NisDrv;Microsoft Network Inspection System;C:\windows\system32\DRIVERS\NisDrvWFP.sys --> C:\windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 Revoflt;Revoflt;C:\windows\system32\DRIVERS\revoflt.sys --> C:\windows\system32\DRIVERS\revoflt.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys --> C:\windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-09-06 18:57:35   9310152   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4D840D9C-9D98-496E-9649-B8F8D947C31F}\mpengine.dll
2012-09-05 16:06:37   9310152   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-09-02 17:16:21   --------   d-----w-   C:\ProgramData\Recovery
2012-09-02 15:29:25   --------   d-----w-   C:\Users\bernie\AppData\Local\Diagnostics
2012-09-02 14:10:45   --------   d-----w-   C:\Users\bernie\AppData\Local\Adobe
2012-09-02 13:50:55   --------   d-----w-   C:\Users\bernie\AppData\Local\Secunia PSI
2012-09-02 13:50:37   --------   d-----w-   C:\Program Files (x86)\Secunia
2012-09-02 03:08:29   --------   d-----w-   C:\Users\bernie\AppData\Roaming\WinPatrol
2012-09-02 03:08:12   --------   d-----w-   C:\ProgramData\InstallMate
2012-09-02 03:08:12   --------   d-----w-   C:\Program Files (x86)\BillP Studios
2012-09-02 00:15:47   --------   d-----w-   C:\Users\bernie\AppData\Roaming\pdfforge
2012-09-02 00:15:45   96768   ----a-w-   C:\windows\System32\pdfcmon.dll
2012-09-02 00:15:45   137000   ----a-w-   C:\windows\SysWow64\MSMAPI32.OCX
2012-09-02 00:15:44   23552   ----a-w-   C:\windows\SysWow64\MSMPIDE.DLL
2012-09-02 00:15:43   --------   d-----w-   C:\Program Files (x86)\PDFCreator
2012-09-01 15:45:05   53248   ----a-r-   C:\Users\bernie\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-09-01 15:44:58   18960   ----a-w-   C:\windows\System32\drivers\LNonPnP.sys
2012-09-01 15:43:10   --------   d-----w-   C:\Users\bernie\AppData\Roaming\Logishrd
2012-09-01 01:28:17   --------   d-----w-   C:\ProgramData\Macrium
2012-08-31 19:14:31   --------   d-----w-   C:\Users\bernie\AppData\Local\ElevatedDiagnostics
2012-08-31 16:25:47   --------   d-----w-   C:\Users\bernie\AppData\Roaming\WinBatch
2012-08-31 16:25:45   220288   ----a-w-   C:\windows\System32\drivers\amdxhc.sys
2012-08-31 16:25:45   103552   ----a-w-   C:\windows\System32\drivers\amdhub30.sys
2012-08-31 15:21:59   821736   ----a-w-   C:\windows\SysWow64\npDeployJava1.dll
2012-08-31 15:21:59   746984   ----a-w-   C:\windows\SysWow64\deployJava1.dll
2012-08-31 15:21:53   95208   ----a-w-   C:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-08-31 13:34:33   552960   ----a-w-   C:\windows\System32\drivers\bthport.sys
2012-08-31 13:02:16   --------   d-----w-   C:\Users\bernie\AppData\Roaming\HP Support Assistant
2012-08-31 13:02:15   --------   d-----w-   C:\Users\bernie\AppData\Roaming\HpUpdate
2012-08-31 12:41:29   81408   ----a-w-   C:\windows\System32\imagehlp.dll
2012-08-31 12:41:29   5120   ----a-w-   C:\windows\SysWow64\wmi.dll
2012-08-31 12:41:29   5120   ----a-w-   C:\windows\System32\wmi.dll
2012-08-31 12:41:29   23408   ----a-w-   C:\windows\System32\drivers\fs_rec.sys
2012-08-31 12:41:29   220672   ----a-w-   C:\windows\System32\wintrust.dll
2012-08-31 12:41:29   172544   ----a-w-   C:\windows\SysWow64\wintrust.dll
2012-08-31 12:41:29   159232   ----a-w-   C:\windows\SysWow64\imagehlp.dll
2012-08-31 12:32:29   --------   d-----w-   C:\windows\SysWow64\Wat
2012-08-31 12:32:29   --------   d-----w-   C:\windows\System32\Wat
2012-08-31 12:21:08   --------   d-----w-   C:\Program Files (x86)\MSXML 4.0
2012-08-31 11:44:54   3148800   ----a-w-   C:\windows\System32\win32k.sys
2012-08-31 02:23:33   --------   d-----w-   C:\Users\bernie\AppData\Roaming\IDT
2012-08-31 00:52:06   --------   d-----w-   C:\Users\bernie\AppData\Roaming\OpenOffice.org
2012-08-31 00:38:57   --------   d-----w-   C:\Program Files (x86)\Everything
2012-08-31 00:30:40   --------   d-----w-   C:\Users\bernie\AppData\Local\Microsoft Games
2012-08-31 00:26:08   --------   d-----w-   C:\Program Files (x86)\OpenOffice.org 3
2012-08-31 00:15:46   --------   d-----w-   C:\Users\bernie\AppData\Roaming\PDF Pro 10
2012-08-31 00:15:46   --------   d-----w-   C:\ProgramData\Avanquest Software
2012-08-31 00:03:26   --------   d-----w-   C:\Program Files (x86)\Free Offers from Freeze.com
2012-08-30 23:59:27   --------   d-----w-   C:\Users\bernie\AppData\Roaming\IrfanView
2012-08-30 23:59:26   --------   d-----w-   C:\Program Files (x86)\IrfanView
2012-08-30 23:52:46   --------   d-----w-   C:\ProgramData\PDFC
2012-08-30 23:52:01   --------   d-----w-   C:\Users\bernie\AppData\Roaming\NewspaperDirect
2012-08-30 23:41:32   --------   d-----w-   C:\Users\bernie\AppData\Local\VS Revo Group
2012-08-30 23:41:30   31800   ----a-w-   C:\windows\System32\drivers\revoflt.sys
2012-08-30 23:41:28   --------   d-----w-   C:\Program Files\VS Revo Group
2012-08-30 23:39:07   --------   d-----w-   C:\Users\bernie\AppData\Local\Macromedia
2012-08-30 23:38:56   696520   ----a-w-   C:\windows\SysWow64\FlashPlayerApp.exe
2012-08-30 23:33:53   --------   d-----w-   C:\Users\bernie\AppData\Roaming\SpeedyComputer
2012-08-30 22:33:37   --------   d-----w-   C:\Users\bernie\AppData\Roaming\Foxit Software
2012-08-30 22:33:25   --------   d-----w-   C:\Program Files (x86)\Foxit Software
2012-08-30 22:27:20   --------   d-----w-   C:\Users\bernie\AppData\Local\Google
2012-08-30 22:20:44   --------   d-----w-   C:\Users\bernie\AppData\Roaming\Ditto
2012-08-30 22:20:37   --------   d-----w-   C:\Program Files\Ditto
2012-08-30 22:06:54   --------   d-----w-   C:\Users\bernie\AppData\Roaming\Malwarebytes
2012-08-30 22:05:51   --------   d-----w-   C:\ProgramData\Malwarebytes
2012-08-30 22:05:50   24904   ----a-w-   C:\windows\System32\drivers\mbam.sys
2012-08-30 22:05:50   --------   d-----w-   C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-08-30 21:49:51   826880   ----a-w-   C:\windows\SysWow64\rdpcore.dll
2012-08-30 21:49:51   23552   ----a-w-   C:\windows\System32\drivers\tdtcp.sys
2012-08-30 21:49:51   1031680   ----a-w-   C:\windows\System32\rdpcore.dll
2012-08-30 21:47:27   2622464   ----a-w-   C:\windows\System32\wucltux.dll
2012-08-30 21:47:24   99840   ----a-w-   C:\windows\System32\wudriver.dll
2012-08-30 21:47:21   36864   ----a-w-   C:\windows\System32\wuapp.exe
2012-08-30 21:47:21   186752   ----a-w-   C:\windows\System32\wuwebv.dll
2012-08-30 21:45:31   --------   d-----w-   C:\Users\bernie\hpremote
2012-08-30 21:38:08   927800   ------w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B57B6C76-3D10-4128-8D04-EA7CA4F31E11}\gapaengine.dll
2012-08-30 21:37:06   --------   d-----w-   C:\Program Files (x86)\Microsoft Security Client
2012-08-30 21:37:05   --------   d-----w-   C:\Program Files\Microsoft Security Client
2012-08-30 21:28:08   --------   d-----w-   C:\Users\bernie\AppData\Local\Mozilla
2012-08-30 21:26:03   --------   d-----w-   C:\Users\bernie\AppData\Roaming\Babylon
2012-08-30 21:26:03   --------   d-----w-   C:\ProgramData\Babylon
2012-08-30 21:14:23   --------   d-----w-   C:\Users\bernie\AppData\Local\Broadcom
2012-08-30 21:13:41   --------   d-----w-   C:\Users\bernie\AppData\Local\PDFC
2012-08-30 21:13:41   --------   d-----w-   C:\Users\bernie\AppData\Local\ATI
2012-08-30 21:12:43   --------   d-----w-   C:\Users\bernie\AppData\Local\VirtualStore
2012-08-30 21:06:05   --------   d-----w-   C:\Users\bernie\AppData\Local\RemEngine
2012-08-30 21:06:03   --------   d-----w-   C:\Users\bernie\AppData\Local\Hewlett-Packard_Company
.
==================== Find3M  ====================
.
2012-09-02 14:08:56   73416   ----a-w-   C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-04 22:13:27   59392   ----a-w-   C:\windows\System32\browcli.dll
2012-07-04 22:13:27   136704   ----a-w-   C:\windows\System32\browser.dll
2012-07-04 21:14:34   41984   ----a-w-   C:\windows\SysWow64\browcli.dll
2012-06-29 03:56:34   2312704   ----a-w-   C:\windows\System32\jscript9.dll
2012-06-29 03:49:11   1392128   ----a-w-   C:\windows\System32\wininet.dll
2012-06-29 03:48:07   1494528   ----a-w-   C:\windows\System32\inetcpl.cpl
2012-06-29 03:43:49   173056   ----a-w-   C:\windows\System32\ieUnatt.exe
2012-06-29 03:39:48   2382848   ----a-w-   C:\windows\System32\mshtml.tlb
2012-06-29 00:16:58   1800704   ----a-w-   C:\windows\SysWow64\jscript9.dll
2012-06-29 00:09:01   1129472   ----a-w-   C:\windows\SysWow64\wininet.dll
2012-06-29 00:08:59   1427968   ----a-w-   C:\windows\SysWow64\inetcpl.cpl
2012-06-29 00:04:43   142848   ----a-w-   C:\windows\SysWow64\ieUnatt.exe
2012-06-29 00:00:45   2382848   ----a-w-   C:\windows\SysWow64\mshtml.tlb
2012-06-25 20:04:24   1394248   ----a-w-   C:\windows\SysWow64\msxml4.dll
.
============= FINISH: 15:34:01.75 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 8/30/2012 5:05:12 PM
System Uptime: 9/6/2012 3:15:37 PM (0 hours ago)
.
Motherboard: MSI |  | 2AE0
Processor: AMD A8-5500 APU with Radeon(tm) HD Graphics     | P0 | 3200/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 914 GiB total, 869.434 GiB free.
D: is FIXED (NTFS) - 17 GiB total, 2.103 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is FIXED (NTFS) - 932 GiB total, 849.669 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP25: 8/31/2012 9:11:08 AM - Windows Update
RP26: 8/31/2012 9:33:51 AM - Windows Update
RP27: 8/31/2012 9:49:07 AM - Windows Update
RP28: 8/31/2012 11:21:26 AM - Installed Java 7 Update 7
RP29: 8/31/2012 12:17:47 PM - Windows Update
RP30: 8/31/2012 12:25:14 PM - HPSF Applying updates
RP31: 8/31/2012 7:56:41 PM - Removed HP Magic Canvas
RP32: 8/31/2012 8:01:28 PM - Removed HP Calendar
RP33: 8/31/2012 8:02:01 PM - Removed HP Clock
RP34: 8/31/2012 8:02:28 PM - Removed HP Notes
RP35: 8/31/2012 8:02:59 PM - Removed HP TouchSmart RecipeBox
RP36: 8/31/2012 8:04:52 PM - Removed HP Weather
RP37: 8/31/2012 9:26:24 PM - Installed Macrium Reflect Free Edition
RP38: 8/31/2012 10:39:26 PM - Removed Macrium Reflect Free Edition
RP39: 8/31/2012 10:42:34 PM - Windows Backup
RP40: 9/2/2012 10:06:52 AM - Installed MSXML 4.0 SP3 Parser
RP41: 9/2/2012 12:45:48 PM - Installed MSXML 4.0 SP3 Parser (KB2721691)
RP42: 9/3/2012 12:26:42 PM - Windows Update
RP43: 9/6/2012 2:57:02 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
AMD VISION Engine Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
D3DX10
DirectX for Managed Code Update (Summer 2004)
eReg
Everything 1.2.1.371
Foxit Reader
Google Earth
Google Update Helper
Hewlett-Packard ACLM.NET v1.1.2.0
HP Customer Experience Enhancements
HP LinkUp
HP MovieStore
HP Odometer
HP RSS
HP Setup
HP Setup Manager
HP Support Assistant
HP Support Information
HP TouchSmart Background - Beats
HP Update
IDT Audio
IrfanView (remove only)
Java 7 Update 7
Java Auto Updater
Junk Mail filter update
Malwarebytes Anti-Malware version 1.62.0.1300
Mesh Runtime
Microsoft Mathematics
Microsoft Office 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
Microsoft WSE 3.0 Runtime
Mozilla Firefox 15.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
OpenOffice.org 3.4.1
opensource
PDFCreator
PlayReady PC Runtime x86
Power2Go
Recovery Manager
Remote Graphics Receiver
Secunia PSI (2.0.0.4003)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
TSHostedAppLauncher
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
8/31/2012 8:33:30 AM, Error: Service Control Manager [7023]  -
.
==== End Of File ===========================


Results of screen317's Security Check version 0.99.50 
Windows 7 Service Pack 1 x64 (UAC is enabled) 
Internet Explorer 9 
``````````````Antivirus/Firewall Check:``````````````[/u]
Windows Firewall Enabled! 
Microsoft Security Essentials   
Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````[/u]
Secunia PSI (2.0.0.4003)   
Malwarebytes Anti-Malware version 1.62.0.1300 
Java 7 Update 7 
Adobe Flash Player 11.4.402.265 
Mozilla Firefox (15.0)
````````Process Check: objlist.exe by Laurent````````[/u] 
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
WinPatrol winpatrol.exe
Malwarebytes Anti-Malware mbamservice.exe 
Malwarebytes Anti-Malware mbamgui.exe 
BillP Studios WinPatrol WinPatrol.exe 
`````````````````System Health check`````````````````[/u]
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````[/u]

BeeZee
You will find that the potentially unwanted program (PUP) is a program that may be unwanted by you that was bundled with the PC when you brought it.
PUPs can and most often do include some spyware, adware, and dialers, and are often downloaded in conjunction with a one of the programs that you wish to use.
But most of the time the PUP can be removed.

GR@PH;<'S   :Hammys pint:

Hi, BeeZee.

Supplemental to GR@PH'<'S reply, I checked your logs and did not find anything.  Enjoy your new computer!

Thanks to you both for your reassurance. After 20 years (14 with a Mac and 6 with a Windows machine) of having my own computer, this is the first virus/ad-ware that  I have encountered. I wanted to make sure that it was nipped in the bud as soon as possible.

Once again, thanks to you both for your time.

Take care, Bernie.

You're very welcome. 

Feel free to ask a question any time. 

BTW, you can delete the programs from your desktop that you downloaded to provide the logs.