Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 8:25:50 PM, on 2/24/2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)


Boot mode: Normal

Running processes:
C:\Users\Pavilion\AppData\Local\SearchModule\dblaunch.exe
C:\Program Files (x86)\OneSystemCare\CleanupConsole.exe
C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\ScreenSnapshot.exe
C:\Program Files (x86)\MPC Cleaner\MPCTray.exe
C:\Program Files\groover270120160530\Pungh.exe
C:\Program Files (x86)\MPC AdCleaner\AdCleaner.exe
C:\Users\Pavilion\AppData\Local\ELASTI~1\Elaccumulate.exe
C:\Program Files\Sound+\Sound+.exe
C:\Users\Pavilion\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\YTDownloader\YTDownloader.exe
C:\Users\Pavilion\AppData\Local\SearchModule\dblaunch.exe
C:\Users\Pavilion\AppData\Local\SearchModule\2.8.9.113\DeskBar.exe
C:\Users\Pavilion\AppData\Local\Birds\birds365.exe
C:\Program Files (x86)\PasswordBoss\PasswordBoss.exe
C:\Program Files (x86)\cpx\cpx.exe
C:\Program Files (x86)\msrtn32\msrtn32.exe
C:\Program Files (x86)\Note-up\Note-up.exe
C:\Program Files (x86)\cpx\cpx.exe
C:\Program Files (x86)\PasswordBoss\PBIEBroker.exe
C:\Program Files (x86)\MPC AdCleaner\AdxEngine.exe
C:\Program Files (x86)\ShopperPro3\JSDriver\1.42.1.10633\jsdrv.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\ProgramData\219d5106-5a99-41fd-b942-db6b503b0178\plugins\7\plugin.exe
C:\ProgramData\219d5106-5a99-41fd-b942-db6b503b0178\plugins\3\plugin.exe
C:\Program Files (x86)\cpx\cpx.exe
C:\Program Files (x86)\msrtn32\cdhtr.exe
C:\Program Files (x86)\cpx\cpx.exe
C:\Users\Pavilion\Desktop\HijackThis.exe
C:\Program Files (x86)\msrtn32\rthdcpd.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = search.mpc.am
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = search.mpc.am
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = search.mpc.am
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = search.mpc.am
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:18159
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: groover270120160530 Helper - {01597E45-9F85-42DD-8FCD-2996E25BCBD6} - C:\Program Files\groover270120160530\Siqkoj.dll
O2 - BHO: Search Web Know - {3beacc4a-b617-4519-bb20-e5970414cbe4} - C:\Program Files (x86)\Search Web Know\Extensions\3beacc4a-b617-4519-bb20-e5970414cbe4.dll
O2 - BHO: shopperz170220161305 Helper - {5372DE0D-02B6-4505-883A-431BBB712096} - C:\Program Files\shopperz170220161305\Mhnoav.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Password Boss - {99af1bd8-7efc-4361-aed5-8c612492a051} - mscoree.dll (file missing)
O2 - BHO: ShopperProBHO - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} - C:\ProgramData\ShopperPro3\ShopperPro3.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O2 - BHO: shopperz260120162332 Helper - {FF8D2983-3FE2-4DB7-8182-209032C82EAD} - C:\Program Files\shopperz260120162332\Sanace.dll
O3 - Toolbar: Password Boss Toolbar - {2b43dc1c-e3a3-4bad-8242-6fa6302d3f34} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [cpx] "C:\Program Files (x86)\cpx\cpx.exe" -starup
O4 - HKLM\..\Run: [msrtn32] "C:\Program Files (x86)\msrtn32\msrtn32.exe" -startup=smartcpx -check=60
O4 - HKLM\..\Run: [YTDownloader] "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
O4 - HKLM\..\Run: [Note-up] C:\Program Files (x86)\Note-up\note-up.exe /watch
O4 - HKLM\..\Run: [NowUSeeIt Player] "C:\Program Files (x86)\NowUSeeItPlayer\NowUSeeItPlayer.exe" /autostart=1
O4 - HKLM\..\Run: [WindoWeather] "C:\Program Files (x86)\WindoWeather\WindoWeather.exe" monetize
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Pavilion\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [DeskBar] C:\Users\Pavilion\AppData\Local\DeskBar\dblaunch.exe
O4 - HKCU\..\Run: [YTDownloader] "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
O4 - HKCU\..\Run: [SearchModule] C:\Users\Pavilion\AppData\Local\SearchModule\dblaunch.exe /sparam=G1Rzftpbl2,ccc029cb-c56f-4850-9a18-6f06583d6df8,
O4 - HKCU\..\Run: [Birds] C:\Users\Pavilion\AppData\Local\Birds\birds365.exe
O4 - HKCU\..\Run: [UpdateAdmin] C:\Users\Pavilion\AppData\Local\UpdateAdmin\UpdateAdmin.exe /RUN
O4 - HKCU\..\Run: [NowUSeeIt Player] "C:\Program Files (x86)\NowUSeeItPlayer\NowUSeeItPlayer.exe" /autostart=1
O4 - HKCU\..\Run: [Chromium] "c:\users\pavilion\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
O4 - HKCU\..\Run: [PasswordBoss] C:\Program Files (x86)\PasswordBoss\PasswordBoss.exe
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Pavilion\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Pavilion\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: AllPCoptimizer.exe.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{2ed144c8-ef99-402e-87d7-8fcfa45cd0fc}: NameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{5b447fc4-bb07-11e5-aeb0-806e6f6e6963}: NameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{932a3ca1-e4cc-4f12-810a-b5d9a4f2e6c0}: NameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{f1c5c097-c7f1-4f25-a6a0-4a6c47b249bf}: NameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{f7912289-cfbf-458c-b7f7-005fc5492d6e}: NameServer = 54.174.111.151,82.163.142.167
O17 - HKLM\System\CS1\Services\Tcpip\..\{2ed144c8-ef99-402e-87d7-8fcfa45cd0fc}: NameServer = 10.0.0.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O20 - AppInit_DLLs: C:\ProgramData\TomorrowGames\STNPM32.dll C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll
O23 - Service: 4A4D9D04-DA07-40F9-8670-5691287EE347 - Unknown owner - C:\Program Files\shopperz170220161305\Aluobo.exe
O23 - Service: 9873EEEC-E808-4DCE-a75B-B2F72DE2172F - Unknown owner - C:\Program Files\groover270120160530\Pegyax.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: BrsHelper - Unknown owner - C:\PROGRA~2\YTDOWN~1\BROWSE~2.EXE
O23 - Service: D0BCFE49-6A64-41BC-9A5D-5479677F1BD1 - Unknown owner - C:\Program Files\shopperz260120162332\Guwpuegt.exe
O23 - Service: Dataup Service (Dataup) - Unknown owner - C:\Program Files (x86)\dataup\dataup.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @oem0.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lewry - Unknown owner - C:\Users\Pavilion\AppData\Roaming\BejmaDua\Zegbarvh.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: MPC Core Protect Service (MPCProtectService) - DotC United Inc - C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Obamtavw - Unknown owner - C:\Users\Pavilion\AppData\Roaming\ToqtudDoabje\Waymlhk.exe
O23 - Service: Password Boss Updater Service (PBUpdater) - Unknown owner - C:\Program Files (x86)\PasswordBoss\PBUpdater\PBUpdater.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Service Mgr SearchWebKnow - Unknown owner - C:\ProgramData\219d5106-5a99-41fd-b942-db6b503b0178\plugincontainer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Update Mgr SearchWebKnow - Unknown owner - C:\Program Files (x86)\Common Files\219d5106-5a99-41fd-b942-db6b503b0178\updater.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VOTPrx - VentureOmni Technologies - C:\Users\Pavilion\AppData\Local\JumpstThun357\VOTPrx.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: Windows Management Service (windowsmanagementservice) - Google Inc. - C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\Temp\20160203\ct.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13691 bytes