Jump to content

Browser redirecting to random sites when clicking on link


IbanezHomie
 Share

Recommended Posts

I'd say about 1 out of 5 times that I click on a link my browser will redirect me to a site such as livesearchnow. I ran Malwarebytes Anti-Malware but nothing came up. Here is my hijack this log:

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 4:21:34 PM, on 9/27/2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16450)

Boot mode: Normal

 

Running processes:

C:\Program Files (x86)\PC Tools Security\pctsGui.exe

C:\Program Files (x86)\Internet Download Manager\IDMan.exe

C:\Users\Productive\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_278.exe

C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_278.exe

C:\Program Files (x86)\Guitar Pro 5\GP5.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Users\Productive\Downloads\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

F2 - REG:system.ini: UserInit=userinit.exe,

O1 - Hosts: ::1 localhost

O1 - Hosts: 188.119.151.113 www.google-analytics.com.

O1 - Hosts: 188.119.151.113 ad-emea.doubleclick.net.

O1 - Hosts: 188.119.151.113 www.statcounter.com.

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll

O2 - BHO: Freecause Shopping BHO - {3A90A078-4BB9-4568-9557-CDEEFCAE68A0} - C:\Program Files (x86)\Shop to Win 22\Shop to Win 22.dll (file missing)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120622001946.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: Updater For XFIN_PORTAL - {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll (file missing)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe"

O4 - HKLM\..\Run: [indexSearch] "C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe"

O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

O4 - HKLM\..\Run: [iSTray] "C:\Program Files (x86)\PC Tools Security\pctsGui.exe" /hideGUI

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [iDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot

O4 - HKCU\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED

O4 - Startup: Dropbox.lnk = Productive\AppData\Roaming\Dropbox\bin\Dropbox.exe

O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm

O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL

O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files (x86)\Bodog Poker\BPGame.exe (file missing)

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

O23 - Service: McAfee Application Installer Cleanup (0084831348721015) (0084831348721015mcinstcleanup) - Unknown owner - C:\windows\TEMP\008483~1.EXE (file missing)

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)

O23 - Service: Comcast AntiSpyware (AntiSpywareService) - Unknown owner - C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Sentinel HASP License Manager (hasplms) - Unknown owner - C:\windows\system32\hasplms.exe (file missing)

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Pest Patrol Realtime Service (ITMRTSVC) - CA, Inc. - C:\Program Files (x86)\CA\PPRT\bin\ITMRTSVC.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\windows\system32\mfevtps.exe (file missing)

O23 - Service: McAfee Online Backup Service (MOBK755backup) - McAfee, Inc. - C:\Program Files (x86)\McAfee Online Backup\MOBK755backup.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)

O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: Norton PC Checkup Application Launcher - Symantec Corporation - C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe

O23 - Service: Common Client Job Manager Service (PCCUJobMgr) - Symantec Corporation - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files (x86)\PC Tools Security\pctsSvc.exe

O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)

O23 - Service: TOSHIBA HDD Protection (Thpsrv) - Unknown owner - C:\windows\system32\ThpSrv.exe (file missing)

O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)

O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe

O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files (x86)\Webroot\Washer\WasherSvc.exe

 

--

End of file - 15754 bytes

Link to comment
Share on other sites

Hello IbanezHomie and welcome the Pit.

 

My name is Satchfan and I would be glad to help you with your computer problem.

 

Please read the following guidelines which will help to make cleaning your machine easier:

  • please follow all instructions in the order posted
  • please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear
  • all logs/reports, etc. must be posted in Notepad. Please ensure that word wrap is unchecked. In Notepad click Format, uncheck Word wrap if it is checked
  • if you don't understand something, please don't hesitate to ask for clarification before proceeding
  • the fixes are specific to your problem and should only be used for this issue on this machine.
  • please reply within 3 days. If you do not reply within this period I will post a reminder but topics with no reply in 4 days will be closed!
IMPORTANT:

 

Please DO NOT install/uninstall any programs unless asked to.

Please DO NOT run any scans other than those requested

 

I am looking at your log now and will reply with instructions shortly.

 

Satchfan

Link to comment
Share on other sites

Hello again

 

Run RogueKiller

 

IMPORTANT: Do not reboot your computer if at all possible otherwise the malware will reactivate and you will have to run RogueKiller again

 

Download RogueKiller to your desktop.

  • close all running programs
  • for Windows Vista/Seven, right click -> run as administrator, for XP simply double-click on RogueKiller.exe
  • when the prescan is finished, click on Scan
  • click on Report and copy/paste the content in your next post
  • NOTE: DO NOT attempt to remove anything that the scan detects.
If the program is blocked, continue to try it several times. If it still doesn’t work, (it could happen), rename it to winlogon.exe.

 

Please post the contents of the RKreport.txt in your next reply.

 

Satchfan

Link to comment
Share on other sites

Hey thanks for working with me on this Satchfan, I appreciate it. Here's the log:

 

RogueKiller V8.1.0 [09/28/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website: http://tigzy.geekstogo.com/roguekiller.php

Blog: http://tigzyrk.blogspot.com

 

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Drew [Admin rights]

Mode : Scan -- Date : 09/29/2012 16:26:37

 

¤¤¤ Bad processes : 0 ¤¤¤

 

¤¤¤ Registry Entries : 10 ¤¤¤

[TASK][sUSP PATH] 988A : ?globalrootDeviceHarddiskVolume2UsersDrewAppDataLocalTemp988A.tmp -> FOUND

[TASK][sUSP PATH] winupd : C:UsersDrewAppDataLocalTemp:winupd.exe -> FOUND

[PROXY IE] HKCU[...]Internet Settings : ProxyServer (hxxp=127.0.0.1:53919) -> FOUND

[HJPOL] HKLM[...]System : DisableTaskMgr (0) -> FOUND

[HJPOL] HKLM[...]System : DisableRegistryTools (0) -> FOUND

[HJPOL] HKLM[...]Wow6432NodeSystem : DisableTaskMgr (0) -> FOUND

[HJPOL] HKLM[...]Wow6432NodeSystem : DisableRegistryTools (0) -> FOUND

[HJ SMENU] HKCU[...]Advanced : Start_TrackProgs (0) -> FOUND

[HJ DESK] HKLM[...]NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM[...]NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

 

¤¤¤ Particular Files / Folders: ¤¤¤

 

¤¤¤ Driver : [NOT LOADED] ¤¤¤

 

¤¤¤ HOSTS File: ¤¤¤

--> C:windowssystem32driversetchosts

 

127.0.0.1 localhost

::1 localhost

188.119.151.113 www.google-analytics.com.

188.119.151.113 ad-emea.doubleclick.net.

188.119.151.113 www.statcounter.com.

 

 

¤¤¤ MBR Check: ¤¤¤

 

+++++ PhysicalDrive0: TOSHIBA MK5065GSX ATA Device +++++

--- User ---

[MBR] 601eb653ac16d13dceaf1e50bf1ed95d

[bSP] f65927c1b1f1a54fc4ef12d3f6e01e88 : Windows Vista MBR Code

Partition table:

0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 465087 Mo

2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 955572224 | Size: 10352 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

+++++ PhysicalDrive1: HP External HDD USB Device +++++

--- User ---

[MBR] d9cce7c46c3f6942fc4b086ecb6f0b27

[bSP] d4b649fe109bc116ed317c9295eba9bb : Windows XP MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1907058 Mo

User = LL1 ... OK!

Error reading LL2 MBR!

 

Finished : << RKreport[1].txt >>

RKreport[1].txt

Link to comment
Share on other sites

Run RogueKiller

 

IMPORTANT: Do not reboot your computer if at all possible otherwise the malware will reactivate and you will have to run RogueKiller again

  • close all programs
  • double-click RogueKiller.exe - Windows 7: right-click the program and select Run as Administrator'
  • after it has completed it's prescan click on the “Registry” tab
  • make sure the entries there are checked, then click on Delete
  • once again in the RogueKiller console, click the “Hosts tab
  • make sure the entries there are checked if there is an option to do so
  • press the HostFix button.
You should have 2 RogueKiller RKreports to post:

 

1. Mode: Delete

2. Mode: HostFix

 

Satchfan

Link to comment
Share on other sites

Hi IbanezHomie

 

It has been several days since I replied to your request for help with your computer problems.

 

Please let me know if you are having problems and still need help.

 

Thanks

 

Satchfan

Link to comment
Share on other sites

Hey, sorry about that! I only see one RKreport and here it is:

 

RogueKiller V8.1.0 [09/28/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website: http://tigzy.geekstogo.com/roguekiller.php

Blog: http://tigzyrk.blogspot.com

 

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Drew [Admin rights]

Mode : HOSTSFix -- Date : 10/03/2012 16:55:58

 

¤¤¤ Bad processes : 0 ¤¤¤

 

¤¤¤ Registry Entries : 0 ¤¤¤

 

¤¤¤ Driver : [NOT LOADED] ¤¤¤

 

¤¤¤ HOSTS File: ¤¤¤

--> C:windowssystem32driversetchosts

 

127.0.0.1 localhost

::1 localhost

188.119.151.113 www.google-analytics.com.

188.119.151.113 ad-emea.doubleclick.net.

188.119.151.113 www.statcounter.com.

 

 

¤¤¤ Resetted HOSTS: ¤¤¤

 

 

Finished : << RKreport[6].txt >>

RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;

RKreport[6].txt

Link to comment
Share on other sites

OK, let’s have another look.

 

Download and run OTL

 

  • download OTL to your desktop.
  • double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • click Scan all users.
  • under Custom Scan paste this in

     

    netsvcs

    %SYSTEMDRIVE%\*.exe

    /md5start

    explorer.exe

    winlogon.exe

    Userinit.exe

    svchost.exe

    consrv.dll

    /md5stop

    %systemroot%\*. /rp /s

    DRIVES

    CREATERESTOREPOINT

  • click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won’t take long.
  • when the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
  • you may need two posts to fit them both in.
===================================================

 

Run aswMBR

  • download aswMBR.exe to your desktop.
  • double click the aswMBR.exe to run it
  • if asked, accept the AVAST virus definition download
  • click the "Scan" button to start scan
  • on completion of the scan click Save log, save it to your desktop and post in your next reply
Logs to include with next post:

 

OTL.txt

Extras.txt

aswMBR log

 

Thanks

 

Satchfan

Link to comment
Share on other sites

You are doing nothing wrong - sometimes these tools don't work for different reasons.

 

Let's have a look trying other scans that may show me what is happening.

 

Run DDS

 

Please download DDS by sUBs from the following link and save it to your desktop.

 

DDS.pif

  • disable any script blocking protection (How to Disable your Security Programs)
  • double click DDS icon to run the tool (may take up to 3 minutes to run)
  • when done, DDS.txt will open.
  • after a few moments, attach.txt will open in a second window.
  • save both reports to your desktop.
  • Post the contents of the DDS.txt and Attach.txt reports in your next reply.
===================================================

 

Run aswMBR

  • download aswMBR.exe to your desktop.
  • double click aswMBR.exe to run it
  • if asked, accept the AVAST virus definition download
  • click the "Scan" button to start scan
  • on completion of the scan click Save log, save it to your desktop and post in your next reply.
Please include the following in your next post :

 

DDS.txt

Attach.txt

aswMBR log

 

Thanks

 

Satchfan

Link to comment
Share on other sites

I'm having a hard time disabling McAfee. I've turned the firewall off, completely exited out of the program, and the results of the DDS scan still say that my firewall and antivirus stuff is still running. Should I just go ahead and post it anyways or is it completely necessary that everything is turned off?

Link to comment
Share on other sites

Hey, my computer keeps crashing during the aswMBR scan but here are the other two logs.

 

DDS.txt

 

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1

Run by Drew at 21:27:57 on 2012-10-10

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3836.1850 [GMT -4:00]

.

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

AV: Norton Internet Security *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}

FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

.

============== Running Processes ===============

.

C:windowssystem32wininit.exe

C:windowssystem32lsm.exe

C:windowssystem32svchost.exe -k DcomLaunch

C:windowssystem32svchost.exe -k RPCSS

C:windowssystem32atiesrxx.exe

C:windowsSystem32svchost.exe -k LocalServiceNetworkRestricted

C:windowsSystem32svchost.exe -k LocalSystemNetworkRestricted

C:windowssystem32svchost.exe -k netsvcs

C:windowssystem32svchost.exe -k LocalService

C:windowssystem32svchost.exe -k NetworkService

C:windowsSystem32spoolsv.exe

C:Program FilesSUPERAntiSpywareSASCORE64.EXE

C:Program Files (x86)comcasttbComcastSpywareScanComcastAntiSpyService.exe

C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe

C:Program FilesBonjourmDNSResponder.exe

C:windowsSystem32svchost.exe -k LocalServiceNoNetwork

C:windowssystem32svchost.exe -k LocalServiceAndNoImpersonation

C:windowssystem32hasplms.exe

C:Program Files (x86)CAPPRTbinITMRTSVC.exe

C:Program FilesCommon FilesMcAfeeMcSvcHostMcSvHost.exe

C:windowssystem32mfevtps.exe

C:Program Files (x86)Norton PC CheckupEngine2.0.3.198ccSvcHst.exe

C:windowssystem32rundll32.exe

C:windowssystem32rundll32.exe

C:windowsSysWOW64rundll32.exe

C:Program Files (x86)PC Tools SecuritypctsAuxs.exe

C:ProgramDataSkypeToolbarsSkype C2C Servicec2c_service.exe

C:windowssystem32ThpSrv.exe

C:Windowssystem32TODDSrv.exe

C:Program FilesTOSHIBAPower SaverTosCoSrv.exe

C:Program FilesTOSHIBATECOTecoService.exe

C:windowssystem32SearchIndexer.exe

C:Program Files (x86)WebrootWasherWasherSvc.exe

C:Program FilesCommon FilesMcAfeeSystemCoremcshield.exe

C:Program FilesCommon FilesMcAfeeSystemCoremfefire.exe

C:windowssystem32atieclxx.exe

C:Program Files (x86)PC Tools SecuritypctsSvc.exe

C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe

C:Program Files (x86)McAfee Online BackupMOBK755backup.exe

C:Program Files (x86)McAfee Online BackupMOBK755backup.exe

C:Program FilesWindows Media Playerwmpnetwk.exe

C:windowssystem32rundll32.exe

C:windowssystem32taskhost.exe

C:Program Files (x86)McAfee Online BackupMOBK755backup.exe

C:Program Files (x86)Norton PC CheckupEngine2.0.3.198ccSvcHst.exe

C:Program Files (x86)PC Tools SecuritypctsGui.exe

C:windowssystem32Dwm.exe

C:windowsExplorer.EXE

C:Program FilesRealtekAudioHDARAVCpl64.exe

C:Program FilesRealtekAudioHDARAVBg64.exe

C:Program FilesSynapticsSynTPSynTPEnh.exe

C:Program Files (x86)Internet Download ManagerIDMan.exe

C:UsersProductiveAppDataRoamingDropboxbinDropbox.exe

C:Program Files (x86)ScanSoftPaperPortpptd40nt.exe

C:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exe

C:Program Files (x86)iTunesiTunesHelper.exe

C:Program Files (x86)Common FilesJavaJava Updatejusched.exe

C:Program FilesSynapticsSynTPSynTPHelper.exe

C:Program FilesiPodbiniPodService.exe

C:Program Files (x86)Internet Download ManagerIEMonitor.exe

C:Program Files (x86)Mozilla Firefoxfirefox.exe

C:Program Files (x86)Mozilla Firefoxplugin-container.exe

C:windowsSysWOW64MacromedFlashFlashPlayerPlugin_11_4_402_287.exe

C:windowsSysWOW64MacromedFlashFlashPlayerPlugin_11_4_402_287.exe

c:PROGRA~1mcafee.comagentmcupdate.exe

C:Program FilesMcAfee.comAgentmcagent.exe

C:windowssystem32SearchProtocolHost.exe

C:windowssystem32SearchFilterHost.exe

C:windowsSysWOW64cmd.exe

C:windowssystem32conhost.exe

C:windowsSysWOW64cscript.exe

C:windowssystem32wbemwmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://vshare.toolbarhome.com/?hp=df

uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

uInternet Settings,ProxyOverride = *.local

uInternet Settings,ProxyServer = http=127.0.0.1:53919

uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:PROGRA~2mcafeeSITEAD~1mcieplg.dll

uURLSearchHooks: H - No File

mWinlogon: Userinit=userinit.exe,

BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - C:Program Files (x86)Internet Download ManagerIDMIECC.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll

BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:progra~1mcafeemskmskapbho.dll

BHO: Shop to Win: {3a90a078-4bb9-4568-9557-cdeefcae68a0} - C:Program Files (x86)Shop to Win 22Shop to Win 22.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:Program Files (x86)Microsoft OfficeOffice12GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:Program Files (x86)OracleJavaFX 2.1 Runtimebinssv.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:Program Files (x86)Common FilesMcAfeeSystemCoreScriptSn.20120622001946.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:PROGRA~2mcafeeSITEAD~1mcieplg.dll

BHO: Updater For XFIN_PORTAL: {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:Program Files (x86)xfin_portalauxicomcastAu.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:Program Files (x86)OracleJavaFX 2.1 Runtimebinjp2ssv.dll

BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:Program Files (x86)TOSHIBATOSHIBA Media Controller Plug-inTOSHIBAMediaControllerIE.dll

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:PROGRA~2mcafeeSITEAD~1mcieplg.dll

TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

uRun: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe

uRun: [ComcastAntispyClient] "C:Program Files (x86)comcasttbComcastSpywareScanComcastAntispy.exe" /hide

uRun: [iDMan] C:Program Files (x86)Internet Download ManagerIDMan.exe /onboot

mRun: [mcui_exe] "C:Program FilesMcAfee.comAgentmcagent.exe" /runkey

mRun: [sSBkgdUpdate] "C:Program Files (x86)Common FilesScansoft SharedSSBkgdUpdateSSBkgdupdate.exe" -Embedding -boot

mRun: [PaperPort PTD] "C:Program Files (x86)ScanSoftPaperPortpptd40nt.exe"

mRun: [indexSearch] "C:Program Files (x86)ScanSoftPaperPortIndexSearch.exe"

mRun: [PPort11reminder] "C:Program Files (x86)ScanSoftPaperPortEregEreg.exe" -r "C:ProgramDataScanSoftPaperPort11ConfigEregEreg.ini"

mRun: [GrooveMonitor] "C:Program Files (x86)Microsoft OfficeOffice12GrooveMonitor.exe"

mRun: [Malwarebytes' Anti-Malware] "C:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exe" /starttray

mRun: [iSTray] "C:Program Files (x86)PC Tools SecuritypctsGui.exe" /hideGUI

mRun: [APSDaemon] "C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe"

mRun: [iTunesHelper] "C:Program Files (x86)iTunesiTunesHelper.exe"

mRun: [sunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe"

uPolicies-explorer: HideSCAHealth = 1 (0x1)

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: Download all links with IDM - C:Program Files (x86)Internet Download ManagerIEGetAll.htm

IE: Download with IDM - C:Program Files (x86)Internet Download ManagerIEExt.htm

IE: E&xport to Microsoft Excel - C:PROGRA~2MIF5BA~1Office12EXCEL.EXE/3000

IE: Google Sidewiki... - C:Program Files (x86)GoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html

IE: {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:Program Files (x86)Bodog PokerBPGame.exe

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:PROGRA~2MIF5BA~1Office12ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:PROGRA~2MIF5BA~1Office12REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.1 65.32.5.111 65.32.5.112

TCP: Interfaces{A951ABE8-64A9-4875-9794-CBAE631DC447} : DhcpNameServer = 192.168.1.1 65.32.5.111 65.32.5.112

TCP: Interfaces{A951ABE8-64A9-4875-9794-CBAE631DC447}334343 : DhcpNameServer = 75.75.75.75 75.75.76.76

TCP: Interfaces{A951ABE8-64A9-4875-9794-CBAE631DC447}445626269656 : DhcpNameServer = 65.32.5.111 65.32.5.112

TCP: Interfaces{A951ABE8-64A9-4875-9794-CBAE631DC447}C696E6B6379737 : DhcpNameServer = 65.32.5.111 65.32.5.112

TCP: Interfaces{A951ABE8-64A9-4875-9794-CBAE631DC447}E4544574541425 : DhcpNameServer = 192.168.0.1

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:PROGRA~2McAfeeMSCMcSnIePl.dll

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:PROGRA~2McAfeeSITEAD~1McIEPlg.dll

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:Program Files (x86)Microsoft OfficeOffice12GrooveSystemServices.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:PROGRA~2McAfeeSITEAD~1McIEPlg.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~2COMMON~1SkypeSKYPE4~1.DLL

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:Program Files (x86)Microsoft OfficeOffice12GrooveShellExtensions.dll

BHO-X64: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:Program Files (x86)Internet Download ManagerIDMIECC.dll

BHO-X64: IDM Helper - No File

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:progra~1mcafeemskmskapbho.dll

BHO-X64: McAfee Phishing Filter - No File

BHO-X64: Shop to Win: {3A90A078-4BB9-4568-9557-CDEEFCAE68A0} - C:Program Files (x86)Shop to Win 22Shop to Win 22.dll

BHO-X64: Freecause Shopping BHO - No File

BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:Program Files (x86)Microsoft OfficeOffice12GrooveShellExtensions.dll

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)OracleJavaFX 2.1 Runtimebinssv.dll

BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:Program Files (x86)Common FilesMcAfeeSystemCoreScriptSn.20120622001946.dll

BHO-X64: scriptproxy - No File

BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll

BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:PROGRA~2mcafeeSITEAD~1mcieplg.dll

BHO-X64: Updater For XFIN_PORTAL: {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:Program Files (x86)xfin_portalauxicomcastAu.dll

BHO-X64: Updater For XFIN_PORTAL - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)OracleJavaFX 2.1 Runtimebinjp2ssv.dll

BHO-X64: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:Program Files (x86)TOSHIBATOSHIBA Media Controller Plug-inTOSHIBAMediaControllerIE.dll

TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:PROGRA~2mcafeeSITEAD~1mcieplg.dll

TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

mRun-x64: [mcui_exe] "C:Program FilesMcAfee.comAgentmcagent.exe" /runkey

mRun-x64: [sSBkgdUpdate] "C:Program Files (x86)Common FilesScansoft SharedSSBkgdUpdateSSBkgdupdate.exe" -Embedding -boot

mRun-x64: [PaperPort PTD] "C:Program Files (x86)ScanSoftPaperPortpptd40nt.exe"

mRun-x64: [indexSearch] "C:Program Files (x86)ScanSoftPaperPortIndexSearch.exe"

mRun-x64: [PPort11reminder] "C:Program Files (x86)ScanSoftPaperPortEregEreg.exe" -r "C:ProgramDataScanSoftPaperPort11ConfigEregEreg.ini"

mRun-x64: [GrooveMonitor] "C:Program Files (x86)Microsoft OfficeOffice12GrooveMonitor.exe"

mRun-x64: [Malwarebytes' Anti-Malware] "C:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exe" /starttray

mRun-x64: [iSTray] "C:Program Files (x86)PC Tools SecuritypctsGui.exe" /hideGUI

mRun-x64: [APSDaemon] "C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe"

mRun-x64: [iTunesHelper] "C:Program Files (x86)iTunesiTunesHelper.exe"

mRun-x64: [sunJavaUpdateSched] "C:Program Files (x86)Common FilesJavaJava Updatejusched.exe"

IE-X64: {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:Program Files (x86)Bodog PokerBPGame.exe

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:Program Files (x86)Microsoft OfficeOffice12GrooveShellExtensions.dll

Hosts: 188.119.151.113 www.google-analytics.com.

Hosts: 188.119.151.113 ad-emea.doubleclick.net.

Hosts: 188.119.151.113 www.statcounter.com.

.

================= FIREFOX ===================

.

FF - ProfilePath - C:UsersDrewAppDataRoamingMozillaFirefoxProfilesiwy8h5nf.default

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: browser.startup.homepage - hxxp://en.wikipedia.org/wiki/Electromagnetism

FF - plugin: c:progra~2mcafeemscnpMcSnFFPl.dll

FF - plugin: C:Program Files (x86)GoogleUpdate1.3.21.115npGoogleUpdate3.dll

FF - plugin: C:Program Files (x86)GoogleUpdate1.3.21.79npGoogleUpdate3.dll

FF - plugin: C:Program Files (x86)Javajre6binnew_pluginnpdeployJava1.dll

FF - plugin: C:Program Files (x86)McAfeeSiteAdvisorNPMcFFPlg32.dll

FF - plugin: c:Program Files (x86)Microsoft Silverlight4.1.10329.0npctrlui.dll

FF - plugin: C:Program Files (x86)Mozilla FirefoxpluginsnpdeployJava1.dll

FF - plugin: C:Program Files (x86)OracleJavaFX 2.1 Runtimebinplugin2npjp2.dll

FF - plugin: C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll

FF - plugin: C:windowsSysWOW64MacromedFlashNPSWF32_11_3_300_270.dll

FF - plugin: C:windowsSysWOW64npDeployJava1.dll

FF - plugin: C:windowsSysWOW64npmproxy.dll

.

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;C:windowssystem32driversmfehidk.sys --> C:windowssystem32driversmfehidk.sys [?]

R0 mfewfpk;McAfee Inc. mfewfpk;C:windowssystem32driversmfewfpk.sys --> C:windowssystem32driversmfewfpk.sys [?]

R0 PCTCore;PCTools KDS;C:windowssystem32driversPCTCore64.sys --> C:windowssystem32driversPCTCore64.sys [?]

R0 pctDS;PC Tools Data Store;C:windowssystem32driverspctDS64.sys --> C:windowssystem32driverspctDS64.sys [?]

R0 pctEFA;PC Tools Extended File Attributes;C:windowssystem32driverspctEFA64.sys --> C:windowssystem32driverspctEFA64.sys [?]

R0 Thpdrv;TOSHIBA HDD Protection Driver;C:windowssystem32DRIVERSthpdrv.sys --> C:windowssystem32DRIVERSthpdrv.sys [?]

R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:windowssystem32DRIVERSThpevm.SYS --> C:windowssystem32DRIVERSThpevm.SYS [?]

R0 tos_sps64;TOSHIBA tos_sps64 Service;C:windowssystem32DRIVERStos_sps64.sys --> C:windowssystem32DRIVERStos_sps64.sys [?]

R1 mfenlfk;McAfee NDIS Light Filter;C:windowssystem32DRIVERSmfenlfk.sys --> C:windowssystem32DRIVERSmfenlfk.sys [?]

R1 MOBK755Filter;MOBK755Filter;C:windowssystem32DRIVERSMOBK755.sys --> C:windowssystem32DRIVERSMOBK755.sys [?]

R1 SASDIFSV;SASDIFSV;C:Program FilesSUPERAntiSpywaresasdifsv64.sys [2010-2-17 14920]

R1 SASKUTIL;SASKUTIL;C:Program FilesSUPERAntiSpywaresaskutil64.sys [2010-2-17 12360]

R1 vwififlt;Virtual WiFi Filter Driver;C:windowssystem32DRIVERSvwififlt.sys --> C:windowssystem32DRIVERSvwififlt.sys [?]

R2 !SASCORE;SAS Core Service;C:Program FilesSUPERAntiSpywareSASCore64.exe [2010-6-7 125440]

R2 aksdf;aksdf;??C:windowssystem32driversaksdf.sys --> C:windowssystem32driversaksdf.sys [?]

R2 AMD External Events Utility;AMD External Events Utility;C:windowssystem32atiesrxx.exe --> C:windowssystem32atiesrxx.exe [?]

R2 AntiSpywareService;Comcast AntiSpyware;C:Program Files (x86)comcasttbComcastSpywareScanComcastAntiSpyService.exe [2009-6-17 616408]

R2 hasplms;Sentinel HASP License Manager;C:windowssystem32hasplms.exe -run --> C:windowssystem32hasplms.exe -run [?]

R2 MBAMService;MBAMService;C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe [2012-4-24 654408]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:Program FilesCommon FilesMcAfeeMcSvcHostMcSvHost.exe [2012-1-10 249936]

R2 McNaiAnn;McAfee VirusScan Announcer;C:Program FilesCommon FilesMcAfeeMcSvcHostMcSvHost.exe [2012-1-10 249936]

R2 McProxy;McAfee Proxy Service;C:Program FilesCommon FilesMcAfeeMcSvcHostMcSvHost.exe [2012-1-10 249936]

R2 McShield;McAfee McShield;C:Program FilesCommon FilesMcAfeeSystemCoremcshield.exe [2011-1-9 199272]

R2 mfefire;McAfee Firewall Core Service;C:Program FilesCommon FilesMcAfeeSystemCoremfefire.exe [2011-1-9 210584]

R2 mfevtp;McAfee Validation Trust Protection Service;"C:windowssystem32mfevtps.exe" --> C:windowssystem32mfevtps.exe [?]

R2 MOBK755backup;McAfee Online Backup Service;C:Program Files (x86)McAfee Online BackupMOBK755backup.exe [2010-9-20 207672]

R2 PCCUJobMgr;Common Client Job Manager Service;C:Program Files (x86)Norton PC CheckupEngine2.0.3.198ccSvcHst.exe [2010-9-8 126392]

R2 sdAuxService;PC Tools Auxiliary Service;C:Program Files (x86)PC Tools SecuritypctsAuxs.exe [2012-2-12 366840]

R2 sdCoreService;PC Tools Security Service;C:Program Files (x86)PC Tools SecuritypctsSvc.exe [2012-2-12 1150936]

R2 Skype C2C Service;Skype C2C Service;C:ProgramDataSkypeToolbarsSkype C2C Servicec2c_service.exe [2012-8-13 3064000]

R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:Program FilesTOSHIBATECOTecoService.exe [2010-4-6 258928]

R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:windowssystem32DRIVERSTVALZFL.sys --> C:windowssystem32DRIVERSTVALZFL.sys [?]

R2 wwEngineSvc;Window Washer Engine;C:Program Files (x86)WebrootWasherWasherSvc.exe [2011-6-13 598856]

R3 amdkmdag;amdkmdag;C:windowssystem32DRIVERSatikmdag.sys --> C:windowssystem32DRIVERSatikmdag.sys [?]

R3 amdkmdap;amdkmdap;C:windowssystem32DRIVERSatikmpag.sys --> C:windowssystem32DRIVERSatikmpag.sys [?]

R3 appliandMP;appliandMP;C:windowssystem32DRIVERSappliand.sys --> C:windowssystem32DRIVERSappliand.sys [?]

R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:windowssystem32DRIVERSManyCam_x64.sys --> C:windowssystem32DRIVERSManyCam_x64.sys [?]

R3 MBAMProtector;MBAMProtector;??C:windowssystem32driversmbam.sys --> C:windowssystem32driversmbam.sys [?]

R3 mfeavfk;McAfee Inc. mfeavfk;C:windowssystem32driversmfeavfk.sys --> C:windowssystem32driversmfeavfk.sys [?]

R3 mfefirek;McAfee Inc. mfefirek;C:windowssystem32driversmfefirek.sys --> C:windowssystem32driversmfefirek.sys [?]

R3 PGEffect;Pangu effect driver;C:windowssystem32DRIVERSpgeffect.sys --> C:windowssystem32DRIVERSpgeffect.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:windowssystem32DRIVERSRt64win7.sys --> C:windowssystem32DRIVERSRt64win7.sys [?]

R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:windowssystem32DRIVERSrtl8192se.sys --> C:windowssystem32DRIVERSrtl8192se.sys [?]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:windowssystem32DRIVERSvwifimp.sys --> C:windowssystem32DRIVERSvwifimp.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2011-1-8 135664]

S2 IDMWFP;IDMWFP;C:windowssystem32DRIVERSidmwfp.sys --> C:windowssystem32DRIVERSidmwfp.sys [?]

S2 McMPFSvc;McAfee Personal Firewall Service;C:Program FilesCommon FilesMcAfeeMcSvcHostMcSvHost.exe [2012-1-10 249936]

S2 SkypeUpdate;Skype Updater;C:Program Files (x86)SkypeUpdaterUpdater.exe [2012-6-7 160944]

S3 acpials;ALS Sensor Filter;C:windowssystem32DRIVERSacpials.sys --> C:windowssystem32DRIVERSacpials.sys [?]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-4-3 250808]

S3 appliand;Applian Network Service;C:windowssystem32DRIVERSappliand.sys --> C:windowssystem32DRIVERSappliand.sys [?]

S3 cfwids;McAfee Inc. cfwids;C:windowssystem32driverscfwids.sys --> C:windowssystem32driverscfwids.sys [?]

S3 gupdatem;Google Update Service (gupdatem);C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2011-1-8 135664]

S3 JMCR;JMCR;C:windowssystem32DRIVERSjmcr.sys --> C:windowssystem32DRIVERSjmcr.sys [?]

S3 mferkdet;McAfee Inc. mferkdet;C:windowssystem32driversmferkdet.sys --> C:windowssystem32driversmferkdet.sys [?]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe [2012-4-24 113120]

S3 TMachInfo;TMachInfo;C:Program Files (x86)TOSHIBATOSHIBA Service StationTMachInfo.exe [2010-9-8 51512]

S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosSmartSrv.exe [2010-2-5 137560]

S3 TPCHSrv;TPCH Service;C:Program FilesTOSHIBATPHMTPCHSrv.exe [2010-3-31 835952]

S3 TsUsbFlt;TsUsbFlt;C:windowssystem32driverstsusbflt.sys --> C:windowssystem32driverstsusbflt.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:windowssystem32Driversusbaapl64.sys --> C:windowssystem32Driversusbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:windowssystem32WatWatAdminSvc.exe --> C:windowssystem32WatWatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2012-10-09 22:34:44 1659760 ----a-w- C:windowsSystem32driversntfs.sys

2012-10-09 22:34:39 5559664 ----a-w- C:windowsSystem32ntoskrnl.exe

2012-10-09 22:34:36 3968880 ----a-w- C:windowsSysWow64ntkrnlpa.exe

2012-10-09 22:34:36 3914096 ----a-w- C:windowsSysWow64ntoskrnl.exe

2012-10-09 22:34:01 424448 ----a-w- C:windowsSystem32KernelBase.dll

2012-10-09 22:34:00 338432 ----a-w- C:windowsSystem32conhost.exe

2012-10-09 22:34:00 215040 ----a-w- C:windowsSystem32winsrv.dll

2012-10-09 22:32:23 220160 ----a-w- C:windowsSystem32wintrust.dll

2012-10-09 22:32:22 172544 ----a-w- C:windowsSysWow64wintrust.dll

2012-10-09 22:31:47 2048 ----a-w- C:windowsSysWow64tzres.dll

2012-10-09 22:31:47 2048 ----a-w- C:windowsSystem32tzres.dll

2012-10-09 22:30:57 715776 ----a-w- C:windowsSystem32kerberos.dll

2012-10-09 22:30:57 542208 ----a-w- C:windowsSysWow64kerberos.dll

2012-10-09 22:30:39 1464320 ----a-w- C:windowsSystem32crypt32.dll

2012-10-09 22:30:38 1159680 ----a-w- C:windowsSysWow64crypt32.dll

2012-10-09 22:30:37 184320 ----a-w- C:windowsSystem32cryptsvc.dll

2012-10-09 22:30:37 140288 ----a-w- C:windowsSystem32cryptnet.dll

2012-10-09 22:30:36 140288 ----a-w- C:windowsSysWow64cryptsvc.dll

2012-10-09 22:30:35 103936 ----a-w- C:windowsSysWow64cryptnet.dll

2012-10-04 22:30:51 1700352 ----a-w- C:windowsSysWow64gdiplus.dll

2012-10-04 22:30:16 -------- d-----w- C:Program Files (x86)ASIO4ALL v2

2012-10-04 22:29:49 1554944 ----a-w- C:windowsSysWow64vorbis.acm

2012-10-04 22:29:45 -------- d-----w- C:Program Files (x86)Outsim

2012-10-04 22:25:05 -------- d-----w- C:Program Files (x86)Image-Line

2012-10-04 21:38:41 -------- d-----w- C:Program FilesDigiTech

2012-10-04 21:38:36 -------- dc-h--w- C:ProgramData{F11320B2-B532-46FC-8CCD-8CF363BC83C6}

2012-10-04 21:38:26 -------- d-----w- C:UsersDrewAppDataLocalPackageAware

2012-09-25 19:12:40 245760 ----a-w- C:windowsSystem32OxpsConverter.exe

2012-09-25 18:37:09 -------- d-----w- C:Program Files (x86)Space International

2012-09-24 07:01:06 2382848 ----a-w- C:windowsSystem32mshtml.tlb

2012-09-24 07:01:05 2382848 ----a-w- C:windowsSysWow64mshtml.tlb

2012-09-24 07:01:01 420864 ----a-w- C:windowsSysWow64vbscript.dll

2012-09-24 07:01:01 174216 ----a-w- C:Program FilesInternet Explorersqmapi.dll

2012-09-24 07:01:01 140936 ----a-w- C:Program Files (x86)Internet Explorersqmapi.dll

2012-09-24 07:01:00 304640 ----a-w- C:Program FilesInternet ExplorerIEShims.dll

2012-09-24 07:01:00 194048 ----a-w- C:Program Files (x86)Internet ExplorerIEShims.dll

2012-09-12 16:43:32 950128 ----a-w- C:windowsSystem32driversndis.sys

2012-09-12 16:43:31 41472 ----a-w- C:windowsSystem32driversRNDISMP.sys

2012-09-12 16:43:28 574464 ----a-w- C:windowsSystem32d3d10level9.dll

2012-09-12 16:43:28 490496 ----a-w- C:windowsSysWow64d3d10level9.dll

2012-09-12 16:43:25 1913200 ----a-w- C:windowsSystem32driverstcpip.sys

2012-09-12 16:43:24 376688 ----a-w- C:windowsSystem32driversnetio.sys

2012-09-12 16:43:24 288624 ----a-w- C:windowsSystem32driversFWPKCLNT.SYS

.

==================== Find3M ====================

.

2012-10-09 03:19:12 73656 ----a-w- C:windowsSysWow64FlashPlayerCPLApp.cpl

2012-10-09 03:19:12 696760 ----a-w- C:windowsSysWow64FlashPlayerApp.exe

2012-08-24 10:31:32 2312704 ----a-w- C:windowsSystem32jscript9.dll

2012-08-24 10:21:18 1392128 ----a-w- C:windowsSystem32wininet.dll

2012-08-24 10:20:11 1494528 ----a-w- C:windowsSystem32inetcpl.cpl

2012-08-24 10:14:45 173056 ----a-w- C:windowsSystem32ieUnatt.exe

2012-08-24 10:13:29 599040 ----a-w- C:windowsSystem32vbscript.dll

2012-08-24 06:59:17 1800704 ----a-w- C:windowsSysWow64jscript9.dll

2012-08-24 06:51:27 1129472 ----a-w- C:windowsSysWow64wininet.dll

2012-08-24 06:51:02 1427968 ----a-w- C:windowsSysWow64inetcpl.cpl

2012-08-24 06:47:26 142848 ----a-w- C:windowsSysWow64ieUnatt.exe

2012-08-20 18:48:44 362496 ----a-w- C:windowsSystem32wow64win.dll

2012-08-20 18:48:44 243200 ----a-w- C:windowsSystem32wow64.dll

2012-08-20 18:48:44 13312 ----a-w- C:windowsSystem32wow64cpu.dll

2012-08-20 18:48:37 16384 ----a-w- C:windowsSystem32ntvdm64.dll

2012-08-20 17:40:21 14336 ----a-w- C:windowsSysWow64ntvdm64.dll

2012-08-20 17:38:44 44032 ----a-w- C:windowsapppatchacwow64.dll

2012-08-20 17:38:26 25600 ----a-w- C:windowsSysWow64setup16.exe

2012-08-20 17:37:19 5120 ----a-w- C:windowsSysWow64wow32.dll

2012-08-20 17:37:18 274944 ----a-w- C:windowsSysWow64KernelBase.dll

2012-08-20 15:38:21 7680 ----a-w- C:windowsSysWow64instnm.exe

2012-08-20 15:38:20 2048 ----a-w- C:windowsSysWow64user.exe

2012-08-20 15:33:28 6144 ---ha-w- C:windowsSysWow64api-ms-win-security-base-l1-1-0.dll

2012-08-20 15:33:28 4608 ---ha-w- C:windowsSysWow64api-ms-win-core-threadpool-l1-1-0.dll

2012-08-20 15:33:28 3584 ---ha-w- C:windowsSysWow64api-ms-win-core-xstate-l1-1-0.dll

2012-08-20 15:33:28 3072 ---ha-w- C:windowsSysWow64api-ms-win-core-util-l1-1-0.dll

2012-07-18 18:15:06 3148800 ----a-w- C:windowsSystem32win32k.sys

.

============= FINISH: 21:29:29.58 ===============

 

 

Attach.txt

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: DeviceHarddiskVolume1

Install Date: 1/8/2011 11:10:35 AM

System Uptime: 10/10/2012 7:38:56 AM (14 hours ago)

.

Motherboard: TOSHIBA | | NWQAE

Processor: AMD Phenom II P920 Quad-Core Processor | Socket M2/S1G1 | 1600/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 454 GiB total, 67.382 GiB free.

D: is CDROM (CDFS)

E: is CDROM (CDFS)

F: is FIXED (NTFS) - 1862 GiB total, 49.506 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

µTorrent

Adobe Flash Player 10 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 9.3

AIM for Windows

Anki

Apple Application Support

Apple Software Update

ASIO4ALL

Bejeweled 2 Deluxe

CA Pest Patrol Realtime Protection

calibre

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Common

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Chuzzle Deluxe

Compatibility Pack for the 2007 Office system

DigiTech GNX4 Drivers

EasyKeytec (Å°º¸µå º¸¾È ÇÁ·Î±×·¥)

Escape Rosecliff Island

EZdrummer

EZXDfh

FATE - The Traitor Soul

FL Studio 10

Google Update Helper

Guitar Pro 5.2

IL Download Manager

Internet Download Manager

Java Auto Updater

Java 6 Update 26

Java 7 Update 5

JavaFX 2.1.1

Jewel Quest 3

JMicron Flash Media Controller Driver

Junk Mail filter update

Label@Once 1.0

Malwarebytes Anti-Malware version 1.61.0.1400

ManyCam 2.6.60 (remove only)

McAfee Internet Security

McAfee Online Backup

Microsoft Choice Guard

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Suite Activation Assistant

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Works

Mobipocket Creator 4.2

Mozilla Firefox 14.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Native Instruments Guitar Rig 3

Native Instruments Service Center

Octoshape add-in for Adobe Flash Player

Penguins!

Polar Bowler

Pro Tracks Plus 2.2

Quickbooks Financial Center

QuickTime

Realtek Ethernet Controller Driver For Windows 7

Realtek HDMI Audio Driver for ATI

Realtek High Definition Audio Driver

Realtek WLAN Driver

Replay Media Catcher 4 (4.3.2)

ScanSoft PaperPort 11

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition

Skype Click to Call

Skype Launcher

Skype™ 5.10

SONAR 8.0 Producer Edition

SONAR 8.5 Producer x64

Spyware Doctor 8.0

Tassman DXi SE 2.0

TOSHIBA Application Installer

TOSHIBA Assist

TOSHIBA Bulletin Board

TOSHIBA DVD PLAYER

TOSHIBA eco Utility

TOSHIBA Face Recognition

TOSHIBA Flash Cards Support Utility

TOSHIBA Hardware Setup

TOSHIBA HDD/SSD Alert

Toshiba Laptop Checkup

TOSHIBA Media Controller

TOSHIBA Media Controller Plug-in

Toshiba Online Backup

TOSHIBA Quality Application

TOSHIBA ReelTime

TOSHIBA Service Station

TOSHIBA Sleep Utility

TOSHIBA Supervisor Password

TOSHIBA Value Added Package

TOSHIBA Web Camera Application

ToshibaRegistration

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Utility Common Driver

Virtual Families

Virtual Villagers - The Secret City

VLC media player 2.0.2

VLC Setup Helper

VLC Streamer 1.28

WildTangent Games

WildTangent ORB Game Console

Window Washer

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Mail

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Gallery

Windows Live Sign-in Assistant

Windows Live Sync

Windows Live Upload Tool

Windows Live Writer

Windows Media Player Firefox Plugin

WinRAR 4.01 (32-bit)

WinZip 15.0

Zuma's Revenge

.

==== Event Viewer Messages From Past Week ========

.

10/9/2012 4:23:36 AM, Error: Microsoft-Windows-Eventlog [23] - The event logging service encountered an error (res=32) while initializing logging resources for channel Microsoft-Windows-LanguagePackSetup/Operational.

10/9/2012 4:08:05 PM, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {9C0BA3C1-2B67-45EB-BF69-BED9658D28D2} as /. The error: "740" Happened while starting this command: C:PROGRA~2COMMON~1INSTAL~1Driver10INTEL3~1IDriver.exe -Embedding

10/9/2012 3:47:58 PM, Error: Disk [11] - The driver detected a controller error on DeviceHarddisk1DR1.

10/9/2012 2:06:24 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000004a (0x0000000076f1166a, 0x0000000000000002, 0x0000000000000000, 0xfffff8800a969ca0). A dump was saved in: C:windowsMEMORY.DMP. Report Id: .

10/9/2012 11:37:06 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

10/7/2012 9:53:36 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

10/7/2012 9:53:36 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.

10/7/2012 9:52:30 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000ce (0xfffff88001af9577, 0x0000000000000008, 0xfffff88001af9577, 0x0000000000000000). A dump was saved in: C:windowsMEMORY.DMP. Report Id: 100712-63008-01.

10/7/2012 12:35:33 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000009f (0x0000000000000003, 0xfffffa8004f86a10, 0xfffff80000b9c518, 0xfffffa80045ba010). A dump was saved in: C:windowsMEMORY.DMP. Report Id: 100712-37877-01.

10/7/2012 10:59:37 PM, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.

10/5/2012 7:59:06 PM, Error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 1 time(s).

10/5/2012 2:29:26 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000009f (0x0000000000000003, 0xfffffa8004fafa10, 0xfffff80000b9c518, 0xfffffa8013661b80). A dump was saved in: C:windowsMEMORY.DMP. Report Id: 100512-29936-01.

10/4/2012 2:37:39 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000ce (0xfffff88001bac577, 0x0000000000000008, 0xfffff88001bac577, 0x0000000000000000). A dump was saved in: C:windowsMEMORY.DMP. Report Id: 100412-42432-01.

10/4/2012 2:25:49 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000ce (0xfffff88001b8c577, 0x0000000000000008, 0xfffff88001b8c577, 0x0000000000000000). A dump was saved in: C:windowsMEMORY.DMP. Report Id: 100412-37424-01.

10/4/2012 12:27:10 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service.

10/3/2012 8:35:46 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007a (0xfffff6fc500029f8, 0xffffffffc000000e, 0x000000008ee33880, 0xfffff8a00053f000). A dump was saved in: C:windowsMEMORY.DMP. Report Id: 100312-38859-01.

10/10/2012 3:44:03 AM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume TI105859W0G.

10/10/2012 3:43:17 AM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.

10/10/2012 3:16:21 AM, Error: Service Control Manager [7000] - The PC Tools Security Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

10/10/2012 3:16:21 AM, Error: Microsoft-Windows-Eventlog [23] - The event logging service encountered an error (res=23) while initializing logging resources for channel Microsoft-Windows-Known Folders API Service.

10/10/2012 3:16:13 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the PC Tools Security Service service to connect.

10/10/2012 3:15:43 AM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

10/10/2012 3:15:43 AM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

10/10/2012 3:15:39 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.

10/10/2012 3:10:55 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Volume Shadow Copy service to connect.

10/10/2012 3:10:55 AM, Error: Service Control Manager [7000] - The Volume Shadow Copy service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

10/10/2012 3:01:11 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service VSS with arguments "" in order to run the server: {0B5A2C52-3EB9-470A-96E2-6C6D4570E40F}

10/10/2012 2:42:59 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1005] - Unable to produce a minidump file from the full dump file.

10/10/2012 2:42:59 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000019 (0x0000000000000003, 0xfffffa8003f5e680, 0x0000001ba2022068, 0xfffffa8003f5e680). A dump was saved in: C:windowsMEMORY.DMP. Report Id: .

10/10/2012 12:41:42 PM, Error: Service Control Manager [7003] - The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

10/10/2012 12:41:29 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

.

==== End Of File ===========================

Link to comment
Share on other sites

Thanks for the logs.

 

You have a proxy server which is causing some of the problems so we’ll fix that with RogueKiller first and when you’ve followed the steps here I’ll need you to run another scan so that we can clear up the rest.

 

I’m also surprised that you are not having more problems because you are running many conflicting programs. This is likely also why aswMBR wouldn't run.

 

CA Pest Patrol Realtime is a component of the Comcast Antispy Toolbar and can cause conflicts and shutdown errors. It can also conflict with Norton products as it also runs real time, so you if you keep Norton, it is unwise to keep this as an additional scanner.

 

Running multiple antivirus programs

 

You can not run two real-time antiviruses at the same time. Although many have different methods of searching for and recognising threats, they will all be 'fighting' in memory to kick each other out, rendering them all ineffective.

 

Uninstall either Norton or McAfee .

 

===================================================

 

Firewall

 

Whichever antivirus you keep, they both have firewalls ehich means that you will need to make sure that Windows firewall is disabled.

 

Disable Windows firewall:

  • click on Start, Control Pane, Windows Firewall
  • on the left, click on Turn Windows Firewall on or off
  • click Turn off Windows Firewall (not recommended) and then click OK
===================================================

 

P2P - I see you have P2P software, (uTorrent ), installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infection. If your computer is infected, it almost certainly contributed to your current situation.

 

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are more often than not, infected. The bad guys use P2P file-sharing as a major conduit to spread their wares.

 

Please see this topic for more information:

 

Perils of P2P File Sharing.

 

I would strongly recommend that you uninstall it now.

 

Should you decide to keep it, please don’t use it until we have finished up here.

 

===================================================

 

Run RogueKiller

  • close all programs
  • double-click RogueKiller.exe - Windows 7: right-click the program and select Run as Administrator'
  • after it has completed it's prescan click on the “Proxy” tab
  • make sure the entries there are checked, then click on Fix Proxy button
Please send the log that is produced and let me know when you have finished these steps.

 

Satchfan

Link to comment
Share on other sites

Hey, I'm having some more issues. First off, I can't find any Norton software on my computer. I did a search on my C drive for "norton" and the only thing that came up was the log that I posted earlier which said that Norton was enabled. I don't want to uninstall McAfee because my subscription is still active. Secondly, when I go to control panel to change my firewall settings I click on 'Turn windows firewall on or off' and the only option from there is clicking on 'Use recommended settings'. Unfortunately, when I click on that I get a popup saying "Windows firewall can't change some of your settings. Error code 0x80070424'. Thanks for your help and sorry that this is getting complicated.

Link to comment
Share on other sites

sorry that this is getting complicated.

These things usually are so don’t worry, we’ll sort it.

 

I’d like you to run a different scan so that we can look from a different perspective.

 

Download and run OTL

  • download OTL to your desktop.
  • double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • click Scan all users.
  • under Custom Scan paste this in

     

    netsvcs

    %SYSTEMDRIVE%\*.exe

    /md5start

    explorer.exe

    winlogon.exe

    Userinit.exe

    svchost.exe

    services.exe

    /md5stop

    %systemroot%\*. /rp /s

    DRIVES

    CREATERESTOREPOINT

  • click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won’t take long.
  • when the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
Logs to include with next post:

 

OTL.txt

Extras.txt

 

Thanks

 

Satchfan

Link to comment
Share on other sites

For some reason I didn't get an extras file but I found one from 9 days ago so I'm guessing it will have most of the same info as a current log would

 

OTL.txt

 

OTL logfile created on: 10/13/2012 9:13:29 AM - Run 3

OTL by OldTimer - Version 3.2.70.2 Folder = C:UsersProductiveDesktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

3.75 Gb Total Physical Memory | 2.36 Gb Available Physical Memory | 63.05% Memory free

7.49 Gb Paging File | 5.61 Gb Available in Paging File | 74.91% Paging File free

Paging file location(s): ?:pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:windows | %ProgramFiles% = C:Program Files (x86)

Drive C: | 454.19 Gb Total Space | 59.69 Gb Free Space | 13.14% Space Free | Partition Type: NTFS

Drive D: | 28.19 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Drive E: | 0.86 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Drive F: | 1862.36 Gb Total Space | 49.51 Gb Free Space | 2.66% Space Free | Partition Type: NTFS

 

Computer Name: DREW-PC | User Name: Drew | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - File not found --

PRC - [2012/10/04 21:32:17 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:UsersProductiveDesktopOTL(1).exe

PRC - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:ProgramDataSkypeToolbarsSkype C2C Servicec2c_service.exe

PRC - [2012/07/24 22:08:10 | 026,909,544 | ---- | M] (Dropbox, Inc.) -- C:UsersProductiveAppDataRoamingDropboxbinDropbox.exe

PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe

PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exe

PRC - [2011/04/25 11:30:52 | 003,298,712 | ---- | M] (Tonec Inc.) -- C:Program Files (x86)Internet Download ManagerIDMan.exe

PRC - [2011/01/13 16:17:26 | 001,589,208 | ---- | M] (PC Tools) -- C:Program Files (x86)PC Tools SecuritypctsGui.exe

PRC - [2010/11/19 07:57:14 | 001,150,936 | ---- | M] (PC Tools) -- C:Program Files (x86)PC Tools SecuritypctsSvc.exe

PRC - [2010/05/25 10:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:Program Files (x86)Internet Download ManagerIEMonitor.exe

PRC - [2010/03/15 15:02:36 | 000,366,840 | ---- | M] (PC Tools) -- C:Program Files (x86)PC Tools SecuritypctsAuxs.exe

PRC - [2009/06/17 13:49:44 | 000,616,408 | ---- | M] () -- C:Program Files (x86)comcasttbComcastSpywareScanComcastAntiSpyService.exe

PRC - [2007/11/26 14:47:40 | 000,598,856 | ---- | M] (Webroot Software, Inc.) -- C:Program Files (x86)WebrootWasherWasherSvc.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:Program Files (x86)Common FilesAppleApple Application Supportzlib1.dll

MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:Program Files (x86)Common FilesAppleApple Application Supportlibxml2.dll

 

 

========== Services (SafeList) ==========

 

SRV:64bit: - [2012/08/23 11:57:48 | 000,502,064 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:Program FilesMcAfeeVirusScanmcods.exe -- (McODS)

SRV:64bit: - [2012/03/20 13:11:30 | 000,162,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:WindowsSysNativemfevtps.exe -- (mfevtp)

SRV:64bit: - [2012/03/20 12:56:24 | 000,210,584 | ---- | M] () [Auto | Running] -- C:Program FilesCommon FilesMcAfeeSystemCoremfefire.exe -- (mfefire)

SRV:64bit: - [2012/03/20 12:55:54 | 000,199,272 | ---- | M] () [Auto | Running] -- C:Program FilesCommon FilesMcAfeeSystemCoremcshield.exe -- (McShield)

SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:Program FilesCommon FilesMcAfeeMcSvcHostMcSvHost.exe -- (MSK80Service)

SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:Program FilesCommon FilesMcAfeeMcSvcHostMcSvHost.exe -- (McProxy)

SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:Program FilesCommon FilesMcAfeeMcSvcHostMcSvHost.exe -- (McNASvc)

SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:Program FilesCommon FilesMcAfeeMcSvcHostMcSvHost.exe -- (McNaiAnn)

SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:Program FilesCommon FilesMcAfeeMcSvcHostMcSvHost.exe -- (mcmscsvc)

SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:Program FilesCommon FilesMcAfeeMcSvcHostMcSvHost.exe -- (McMPFSvc)

SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:Program FilesCommon FilesMcAfeeMcSvcHostMcSvHost.exe -- (McAfee SiteAdvisor Service)

SRV:64bit: - [2010/06/07 13:02:48 | 000,125,440 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:Program FilesSUPERAntiSpywareSASCore64.exe -- (!SASCORE)

SRV:64bit: - [2010/05/12 15:17:04 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:Program FilesTOSHIBAPower SaverTosCoSrv.exe -- (TosCoSrv)

SRV:64bit: - [2010/04/27 01:49:36 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:WindowsSysNativeatiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2010/04/06 17:53:14 | 000,258,928 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:Program FilesTOSHIBATECOTecoService.exe -- (TOSHIBA eco Utility Service)

SRV:64bit: - [2010/03/31 17:43:38 | 000,835,952 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:Program FilesTOSHIBATPHMTPCHSrv.exe -- (TPCHSrv)

SRV:64bit: - [2010/02/05 20:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)

SRV:64bit: - [2009/12/16 16:44:44 | 003,750,400 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:WindowsSysNativehasplms.exe -- (hasplms)

SRV:64bit: - [2009/10/21 12:30:36 | 000,531,520 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:WindowsSysNativeThpSrv.exe -- (Thpsrv)

SRV:64bit: - [2009/07/28 18:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:WindowsSysNativeTODDSrv.exe -- (TODDSrv)

SRV - [2012/10/08 23:19:14 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012/09/04 12:07:30 | 000,828,032 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:WindowsTemp0059581350094949mcinst.exe -- (0059581350094949mcinstcleanup)

SRV - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:ProgramDataSkypeToolbarsSkype C2C Servicec2c_service.exe -- (Skype C2C Service)

SRV - [2012/08/02 11:43:49 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012/06/07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:Program Files (x86)SkypeUpdaterUpdater.exe -- (SkypeUpdate)

SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe -- (MBAMService)

SRV - [2010/11/19 07:57:14 | 001,150,936 | ---- | M] (PC Tools) [Auto | Running] -- C:Program Files (x86)PC Tools SecuritypctsSvc.exe -- (sdCoreService)

SRV - [2010/09/20 04:27:20 | 000,207,672 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:Program Files (x86)McAfee Online BackupMOBK755backup.exe -- (MOBK755backup)

SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/03/15 15:02:36 | 000,366,840 | ---- | M] (PC Tools) [Auto | Running] -- C:Program Files (x86)PC Tools SecuritypctsAuxs.exe -- (sdAuxService)

SRV - [2009/12/03 22:30:18 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:Program Files (x86)TOSHIBA GamesTOSHIBA Game ConsoleGameConsoleService.exe -- (GameConsoleService)

SRV - [2009/10/06 12:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:Program Files (x86)TOSHIBATOSHIBA Service StationTMachInfo.exe -- (TMachInfo)

SRV - [2009/06/17 13:49:44 | 000,616,408 | ---- | M] () [Auto | Running] -- C:Program Files (x86)comcasttbComcastSpywareScanComcastAntiSpyService.exe -- (AntiSpywareService)

SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:WindowsMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2007/11/26 14:47:40 | 000,598,856 | ---- | M] (Webroot Software, Inc.) [Auto | Running] -- C:Program Files (x86)WebrootWasherWasherSvc.exe -- (wwEngineSvc)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:WindowsSysNativedriversmbam.sys -- (MBAMProtector)

DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:windowsSysNativedriversfs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2012/02/22 13:29:46 | 000,647,208 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:WindowsSysNativedriversmfehidk.sys -- (mfehidk)

DRV:64bit: - [2012/02/22 13:29:46 | 000,487,296 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversmfefirek.sys -- (mfefirek)

DRV:64bit: - [2012/02/22 13:29:46 | 000,289,664 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:WindowsSysNativedriversmfewfpk.sys -- (mfewfpk)

DRV:64bit: - [2012/02/22 13:29:46 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversmfeavfk.sys -- (mfeavfk)

DRV:64bit: - [2012/02/22 13:29:46 | 000,160,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversmfeapfk.sys -- (mfeapfk)

DRV:64bit: - [2012/02/22 13:29:46 | 000,100,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversmferkdet.sys -- (mferkdet)

DRV:64bit: - [2012/02/22 13:29:46 | 000,075,936 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:WindowsSysNativedriversmfenlfk.sys -- (mfenlfk)

DRV:64bit: - [2012/02/22 13:29:46 | 000,065,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriverscfwids.sys -- (cfwids)

DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversusbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2011/03/28 13:46:40 | 000,146,568 | ---- | M] (Tonec Inc.) [Kernel | Auto | Stopped] -- C:WindowsSysNativedriversidmwfp.sys -- (IDMWFP)

DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversamdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:WindowsSysNativedriversamdxata.sys -- (amdxata)

DRV:64bit: - [2010/12/10 14:24:50 | 000,257,232 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:WindowsSysNativedriversPCTCore64.sys -- (PCTCore)

DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversHpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversTsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010/11/20 05:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriverssdbus.sys -- (sdbus)

DRV:64bit: - [2010/09/20 04:27:12 | 000,066,040 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:WindowsSysNativedriversMOBK755.sys -- (MOBK755Filter)

DRV:64bit: - [2010/07/16 15:53:32 | 000,816,016 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:WindowsSysNativedriverspctEFA64.sys -- (pctEFA)

DRV:64bit: - [2010/06/29 11:35:34 | 000,452,872 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:WindowsSysNativedriverspctDS64.sys -- (pctDS)

DRV:64bit: - [2010/05/24 23:07:56 | 000,253,728 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversRtHDMIVX.sys -- (RTHDMIAzAudService)

DRV:64bit: - [2010/05/18 19:02:48 | 000,164,464 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversjmcr.sys -- (JMCR)

DRV:64bit: - [2010/04/27 07:56:34 | 006,659,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversatikmdag.sys -- (amdkmdag)

DRV:64bit: - [2010/04/27 04:23:08 | 001,103,904 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversrtl8192se.sys -- (rtl8192se)

DRV:64bit: - [2010/04/27 01:17:26 | 000,195,584 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversatikmpag.sys -- (amdkmdap)

DRV:64bit: - [2010/03/10 21:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversSynTP.sys -- (SynTP)

DRV:64bit: - [2010/03/05 20:15:14 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:WindowsSysNativedriverstos_sps64.sys -- (tos_sps64)

DRV:64bit: - [2010/03/05 00:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversRt64win7.sys -- (RTL8167)

DRV:64bit: - [2010/02/17 14:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:Program FilesSUPERAntiSpywaresasdifsv64.sys -- (SASDIFSV)

DRV:64bit: - [2010/02/17 14:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:Program FilesSUPERAntiSpywaresaskutil64.sys -- (SASKUTIL)

DRV:64bit: - [2009/09/21 08:07:26 | 000,071,040 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:WindowsSysNativedriversaksdf.sys -- (aksdf)

DRV:64bit: - [2009/08/20 07:02:06 | 000,130,816 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:WindowsSysNativedriversaksfridge.sys -- (aksfridge)

DRV:64bit: - [2009/07/31 00:02:36 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:WindowsSysNativedriversLPCFilter.sys -- (LPCFilter)

DRV:64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriverstdcmdpst.sys -- (tdcmdpst)

DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:WindowsSysNativedriversTVALZ_O.SYS -- (TVALZ)

DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversamdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriverslsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversstexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversserscan.sys -- (StillCam)

DRV:64bit: - [2009/07/13 20:00:24 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversacpials.sys -- (acpials)

DRV:64bit: - [2009/06/29 19:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:WindowsSysNativedriversThpevm.sys -- (Thpevm)

DRV:64bit: - [2009/06/29 13:25:22 | 000,034,880 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:WindowsSysNativedriversthpdrv.sys -- (Thpdrv)

DRV:64bit: - [2009/06/22 20:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversPGEffect.sys -- (PGEffect)

DRV:64bit: - [2009/06/19 22:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:WindowsSysNativedriversTVALZFL.sys -- (TVALZFL)

DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversevbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversbxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversb57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedrivershcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversGEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2009/05/05 13:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:WindowsSysNativedriversAtiPcie.sys -- (AtiPcie)

DRV:64bit: - [2009/03/13 10:55:38 | 000,318,464 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:WindowsSysNativedrivershardlock.sys -- (hardlock)

DRV:64bit: - [2008/03/13 03:46:00 | 000,027,136 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversManyCam_x64.sys -- (ManyCam)

DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:WindowsSysWOW64driverswimmount.sys -- (WIMMount)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE:64bit: - HKLM..SearchScopes,DefaultScope = {65731C11-4645-4A39-A31A-B61E121B0AB2}

IE:64bit: - HKLM..SearchScopes{65731C11-4645-4A39-A31A-B61E121B0AB2}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA

IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm

IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

IE - HKLM..SearchScopes,DefaultScope = {2617EEEB-8A4D-44E0-9B7D-502E9B5867B6}

IE - HKLM..SearchScopes{2617EEEB-8A4D-44E0-9B7D-502E9B5867B6}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA

 

 

IE - HKU.DEFAULT..SearchScopes,DefaultScope = {2617EEEB-8A4D-44E0-9B7D-502E9B5867B6}

IE - HKU.DEFAULT..SearchScopes{6FA3FD7E-B8D4-498F-95A4-BC01CE6334D3}: "URL" = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}

IE - HKU.DEFAULTSoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0

 

IE - HKUS-1-5-18..SearchScopes,DefaultScope = {2617EEEB-8A4D-44E0-9B7D-502E9B5867B6}

IE - HKUS-1-5-18..SearchScopes{6FA3FD7E-B8D4-498F-95A4-BC01CE6334D3}: "URL" = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}

IE - HKUS-1-5-18SoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0

 

 

 

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1000SOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1000SOFTWAREMicrosoftInternet ExplorerMain,SearchDefaultBranded = 1

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1000SOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://vshare.toolbarhome.com/?hp=df

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1000..URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:Program Files (x86)McAfeeSiteAdvisorMcIEPlg.dll (McAfee, Inc.)

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1000..URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1000..SearchScopes,DefaultScope = {D268B9A5-25E2-4497-AEDB-3B91AA9A0965}

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1000..SearchScopes{2617EEEB-8A4D-44E0-9B7D-502E9B5867B6}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1000..SearchScopes{9EF0872E-A246-479F-AFE5-C082724A9C70}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=MYC-ST&o=102868&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=5I&apn_dtid=YYYYYYYYUS&apn_uid=1638353d-7c4c-4125-8a99-ab890529aaed&apn_sauid=14043211-4C2F-4006-BA2D-1379D68BFCEC&

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1000..SearchScopes{D268B9A5-25E2-4497-AEDB-3B91AA9A0965}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA_enUS413

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1000SoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1000SoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyOverride" = *.local

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1000SoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyServer" = http=127.0.0.1:53919

 

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1003SOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.google.com/ig?brand=TSNA&bmod=TSNA

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1003SOFTWAREMicrosoftInternet ExplorerMain,SearchDefaultBranded = 1

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1003SOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.google.com/ig?brand=TSNA&bmod=TSNA

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1003..URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:Program Files (x86)McAfeeSiteAdvisorMcIEPlg.dll (McAfee, Inc.)

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1003..SearchScopes,DefaultScope = {0F9954BD-E365-4390-8680-080EB6BDCC33}

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1003..SearchScopes{0F9954BD-E365-4390-8680-080EB6BDCC33}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1003..SearchScopes{C5FFF4A5-34D3-4A6F-B40E-E928235FFAE8}: "URL" = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1003SoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..browser.search.defaultengine: "Ask.com"

FF - prefs.js..browser.search.defaultenginename: "Ask.com"

FF - prefs.js..browser.search.order.1: "Ask.com"

FF - prefs.js..browser.search.selectedEngine: "Yahoo"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://en.wikipedia.org/wiki/Electromagnetism"

FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1

FF - user.js - File not found

 

FF:64bit: - HKLMSoftwareMozillaPlugins@adobe.com/FlashPlayer: C:windowssystem32MacromedFlashNPSWF64_11_4_402_287.dll File not found

FF:64bit: - HKLMSoftwareMozillaPlugins@mcafee.com/MSC,version=10: c:PROGRA~1mcafeemscNPMCSN~1.DLL ()

FF:64bit: - HKLMSoftwareMozillaPlugins@microsoft.com/GENUINE: disabled File not found

FF - HKLMSoftwareMozillaPlugins@adobe.com/FlashPlayer: C:windowsSysWOW64MacromedFlashNPSWF32_11_4_402_287.dll ()

FF - HKLMSoftwareMozillaPlugins@Apple.com/iTunes,version=: File not found

FF - HKLMSoftwareMozillaPlugins@Apple.com/iTunes,version=1.0: C:Program Files (x86)iTunesMozilla Pluginsnpitunes.dll ()

FF - HKLMSoftwareMozillaPlugins@java.com/DTPlugin,version=10.5.1: C:windowsSysWOW64npDeployJava1.dll (Oracle Corporation)

FF - HKLMSoftwareMozillaPlugins@java.com/JavaPlugin,version=10.5.1: C:Program Files (x86)OracleJavaFX 2.1 Runtimebinplugin2npjp2.dll (Oracle Corporation)

FF - HKLMSoftwareMozillaPlugins@mcafee.com/MSC,version=10: c:progra~2mcafeemscnpmcsn~1.dll ()

FF - HKLMSoftwareMozillaPlugins@mcafee.com/SAFFPlugin: C:Program Files (x86)McAfeeSiteAdvisornpmcffplg32.dll (McAfee, Inc.)

FF - HKLMSoftwareMozillaPlugins@microsoft.com/GENUINE: disabled File not found

FF - HKLMSoftwareMozillaPlugins@Microsoft.com/NpCtrl,version=1.0: c:Program Files (x86)Microsoft Silverlight4.1.10329.0npctrl.dll ( Microsoft Corporation)

FF - HKLMSoftwareMozillaPlugins@microsoft.com/WLPG,version=14.0.8081.0709: C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation)

FF - HKLMSoftwareMozillaPlugins@spaceinter.com/EZKeytecPlugin: C:Program Files (x86)Space InternationalEasykeytec v2.0npEZKeytecPlugin.dll (Space International, Inc. )

FF - HKLMSoftwareMozillaPlugins@spaceinter.com/EZKeytecPlugins: C:Program Files (x86)Space InternationalEasykeytec v2.0npEZKeytecPlugins.dll (Space International, Inc. )

FF - HKLMSoftwareMozillaPlugins@tools.google.com/Google Update;version=3: C:Program Files (x86)GoogleUpdate1.3.21.123npGoogleUpdate3.dll (Google Inc.)

FF - HKLMSoftwareMozillaPlugins@tools.google.com/Google Update;version=9: C:Program Files (x86)GoogleUpdate1.3.21.123npGoogleUpdate3.dll (Google Inc.)

FF - HKLMSoftwareMozillaPlugins@videolan.org/vlc,version=2.0.2: C:Program Files (x86)VideoLANVLCnpvlc.dll (VideoLAN)

 

FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:Program Files (x86)McAfeeSiteAdvisor [2012/05/13 01:08:45 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:Program Files (x86)Common FilesMcAfeeSystemCore [2012/06/22 01:22:22 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINEsoftwaremozillaMozilla Firefox 14.0.1extensionsComponents: C:Program Files (x86)Mozilla Firefoxcomponents [2012/08/02 11:43:50 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINEsoftwaremozillaMozilla Firefox 14.0.1extensionsPlugins: C:Program Files (x86)Mozilla Firefoxplugins [2012/08/26 00:19:27 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USERsoftwaremozillaFirefoxExtensionsmozilla_cc@internetdownloadmanager.com: C:UsersDrewAppDataRoamingIDMidmmzcc3 [2011/05/10 20:45:16 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USERsoftwaremozillaMozilla Firefox 13.0.1extensionsComponents: C:Program Files (x86)Mozilla Firefoxcomponents [2012/08/02 11:43:50 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USERsoftwaremozillaMozilla Firefox 13.0.1extensionsPlugins: C:Program Files (x86)Mozilla Firefoxplugins [2012/08/26 00:19:27 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USERsoftwaremozillaSeaMonkeyExtensionsmozilla_cc@internetdownloadmanager.com: C:UsersDrewAppDataRoamingIDMidmmzcc3 [2011/05/10 20:45:16 | 000,000,000 | ---D | M]

 

[2011/01/08 16:17:58 | 000,000,000 | ---D | M] (No name found) -- C:UsersDrewAppDataRoamingMozillaExtensions

[2012/07/25 09:16:39 | 000,000,000 | ---D | M] (No name found) -- C:UsersDrewAppDataRoamingMozillaFirefoxProfilesiwy8h5nf.defaultextensions

[2011/07/07 23:25:27 | 000,031,748 | ---- | M] () (No name found) -- C:UsersDrewAppDataRoamingMozillaFirefoxProfilesiwy8h5nf.defaultextensionswebmaster@keep-tube.com.xpi

[2012/07/25 09:16:39 | 000,741,958 | ---- | M] () (No name found) -- C:UsersDrewAppDataRoamingMozillaFirefoxProfilesiwy8h5nf.defaultextensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

[2011/10/27 11:41:16 | 000,002,577 | ---- | M] () -- C:UsersDrewAppDataRoamingMozillaFirefoxProfilesiwy8h5nf.defaultsearchpluginsaskcom.xml

[2011/03/19 21:29:40 | 000,001,583 | ---- | M] () -- C:UsersDrewAppDataRoamingMozillaFirefoxProfilesiwy8h5nf.defaultsearchpluginsweb-search.xml

[2012/06/28 02:02:08 | 000,000,000 | ---D | M] (No name found) -- C:Program Files (x86)Mozilla Firefoxextensions

[2012/08/23 13:44:44 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:Program Files (x86)Mozilla Firefoxextensions{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

[2012/08/02 11:43:49 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:Program Files (x86)mozilla firefoxcomponentsbrowsercomps.dll

[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:Program Files (x86)mozilla firefoxcomponentsScriptff.dll

[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:Program Files (x86)mozilla firefoxpluginsnpdeployJava1.dll

[2012/06/17 17:31:35 | 000,002,252 | ---- | M] () -- C:Program Files (x86)mozilla firefoxsearchpluginsbing.xml

[2011/10/09 12:01:19 | 000,002,024 | ---- | M] () -- C:Program Files (x86)mozilla firefoxsearchpluginsMcSiteAdvisor.xml

[2012/06/17 17:31:35 | 000,002,040 | ---- | M] () -- C:Program Files (x86)mozilla firefoxsearchpluginstwitter.xml

 

O1 HOSTS File: ([2012/01/18 22:14:35 | 000,001,401 | RHS- | M]) - C:WindowsSysNativedriversetchosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O1 - Hosts: 188.119.151.113 www.google-analytics.com.

O1 - Hosts: 188.119.151.113 ad-emea.doubleclick.net.

O1 - Hosts: 188.119.151.113 www.statcounter.com.

O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:Program Files (x86)Internet Download ManagerIDMIECC64.dll (Internet Download Manager, Tonec Inc.)

O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:PROGRA~1mcafeemskMSKAPB~1.DLL File not found

O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:Program FilesCommon FilesMcAfeeSystemCoreScriptSn.20120622001946.dll (McAfee, Inc.)

O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll (Skype Technologies S.A.)

O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:Program Files (x86)McAfeeSiteAdvisorx64McIEPlg.dll (McAfee, Inc.)

O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:Program Files (x86)Internet Download ManagerIDMIECC.dll (Internet Download Manager, Tonec Inc.)

O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:Program FilesMcAfeeMSKmskapbho.dll ()

O2 - BHO: (Shop to Win) - {3A90A078-4BB9-4568-9557-CDEEFCAE68A0} - C:Program Files (x86)Shop to Win 22Shop to Win 22.dll File not found

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)OracleJavaFX 2.1 Runtimebinssv.dll (Oracle Corporation)

O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:Program Files (x86)Common FilesMcAfeeSystemCoreScriptSn.20120622001946.dll (McAfee, Inc.)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:Program Files (x86)McAfeeSiteAdvisorMcIEPlg.dll (McAfee, Inc.)

O2 - BHO: (Updater For XFIN_PORTAL) - {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:Program Files (x86)xfin_portalauxicomcastAu.dll File not found

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)OracleJavaFX 2.1 Runtimebinjp2ssv.dll (Oracle Corporation)

O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:Program Files (x86)TOSHIBATOSHIBA Media Controller Plug-inTOSHIBAMediaControllerIE.dll (<TOSHIBA>)

O3:64bit: - HKLM..Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:Program Files (x86)McAfeeSiteAdvisorx64McIEPlg.dll (McAfee, Inc.)

O3:64bit: - HKLM..Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM..Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:Program Files (x86)McAfeeSiteAdvisorMcIEPlg.dll (McAfee, Inc.)

O3 - HKLM..Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKUS-1-5-21-2060765680-1826480785-136355512-1000..ToolbarWebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.

O3 - HKUS-1-5-21-2060765680-1826480785-136355512-1000..ToolbarWebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.

O4:64bit: - HKLM..Run: [] File not found

O4:64bit: - HKLM..Run: [RtHDVBg] C:Program FilesRealtekAudioHDARAVBg64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..Run: [RtHDVCpl] C:Program FilesRealtekAudioHDARAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..Run: [APSDaemon] C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe (Apple Inc.)

O4 - HKLM..Run: [iSTray] C:Program Files (x86)PC Tools SecuritypctsGui.exe (PC Tools)

O4 - HKLM..Run: [Malwarebytes' Anti-Malware] C:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exe (Malwarebytes Corporation)

O4 - HKLM..Run: [mcui_exe] C:Program FilesMcAfee.comAgentmcagent.exe (McAfee, Inc.)

O4 - HKUS-1-5-19..Run: [sidebar] C:Program Files (x86)Windows SidebarSidebar.exe (Microsoft Corporation)

O4 - HKUS-1-5-20..Run: [sidebar] C:Program Files (x86)Windows SidebarSidebar.exe (Microsoft Corporation)

O4 - HKUS-1-5-21-2060765680-1826480785-136355512-1000..Run: [ComcastAntispyClient] C:Program Files (x86)comcasttbComcastSpywareScanComcastAntispy.exe ()

O4 - HKUS-1-5-21-2060765680-1826480785-136355512-1000..Run: [iDMan] C:Program Files (x86)Internet Download ManagerIDMan.exe (Tonec Inc.)

O4 - HKUS-1-5-21-2060765680-1826480785-136355512-1003..Run: [iDMan] C:Program Files (x86)Internet Download ManagerIDMan.exe (Tonec Inc.)

O4 - HKUS-1-5-21-2060765680-1826480785-136355512-1003..Run: [NortonOnlineBackupReminder] C:Program Files (x86)TOSHIBAToshiba Online BackupActivationTobuActivation.exe (Toshiba)

O4 - HKUS-1-5-19..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe File not found

O4 - HKUS-1-5-20..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe File not found

O4 - Startup: C:UsersProductiveAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupDropbox.lnk = File not found

O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoActiveDesktop = 1

O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoActiveDesktopChanges = 1

O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoControlPanel = 0

O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: ConsentPromptBehaviorAdmin = 5

O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: ConsentPromptBehaviorUser = 3

O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: PromptOnSecureDesktop = 0

O7 - HKUS-1-5-21-2060765680-1826480785-136355512-1000SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: HideSCAHealth = 1

O7 - HKUS-1-5-21-2060765680-1826480785-136355512-1000SOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: LogonHoursAction = 2

O7 - HKUS-1-5-21-2060765680-1826480785-136355512-1000SOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: DontDisplayLogonHoursWarnings = 1

O7 - HKUS-1-5-21-2060765680-1826480785-136355512-1003SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 145

O7 - HKUS-1-5-21-2060765680-1826480785-136355512-1003SOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: LogonHoursAction = 2

O7 - HKUS-1-5-21-2060765680-1826480785-136355512-1003SOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: DontDisplayLogonHoursWarnings = 1

O8:64bit: - Extra context menu item: Download all links with IDM - C:Program Files (x86)Internet Download ManagerIEGetAll.htm ()

O8:64bit: - Extra context menu item: Download with IDM - C:Program Files (x86)Internet Download ManagerIEExt.htm ()

O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:Program Files (x86)GoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html File not found

O8 - Extra context menu item: Download all links with IDM - C:Program Files (x86)Internet Download ManagerIEGetAll.htm ()

O8 - Extra context menu item: Download with IDM - C:Program Files (x86)Internet Download ManagerIEExt.htm ()

O8 - Extra context menu item: Google Sidewiki... - res://C:Program Files (x86)GoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html File not found

O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:Program Files (x86)Bodog PokerBPGame.exe File not found

O10:64bit: - NameSpace_Catalog5Catalog_Entries64000000000005 [] - C:Program FilesBonjourmdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5Catalog_Entries000000000005 [] - C:Program Files (x86)BonjourmdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.5.1)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.5.1)

O17 - HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1 65.32.5.111 65.32.5.112

O17 - HKLMSystemCCSServicesTcpipParametersInterfaces{A951ABE8-64A9-4875-9794-CBAE631DC447}: DhcpNameServer = 192.168.1.1 65.32.5.111 65.32.5.112

O18:64bit: - ProtocolHandlerdssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:Program Files (x86)McAfeeSiteAdvisorx64McIEPlg.dll (McAfee, Inc.)

O18:64bit: - ProtocolHandlergrooveLocalGWS - No CLSID value found

O18:64bit: - ProtocolHandlerlivecall - No CLSID value found

O18:64bit: - ProtocolHandlerms-help - No CLSID value found

O18:64bit: - ProtocolHandlerms-itss - No CLSID value found

O18:64bit: - ProtocolHandlermsnim - No CLSID value found

O18:64bit: - ProtocolHandlersacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:Program Files (x86)McAfeeSiteAdvisorx64McIEPlg.dll (McAfee, Inc.)

O18:64bit: - ProtocolHandlerskype4com - No CLSID value found

O18:64bit: - ProtocolHandlerskype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll (Skype Technologies S.A.)

O18:64bit: - ProtocolHandlerwlmailhtml - No CLSID value found

O18 - ProtocolHandlerdssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:Program Files (x86)McAfeeSiteAdvisorMcIEPlg.dll (McAfee, Inc.)

O18 - ProtocolHandlersacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:Program Files (x86)McAfeeSiteAdvisorMcIEPlg.dll (McAfee, Inc.)

O18 - ProtocolHandlerskype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program Files (x86)Common FilesSkypeSkype4COM.dll (Skype Technologies)

O18 - ProtocolHandlerskype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.)

O18:64bit: - ProtocolFilterapplication/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:Program FilesMcAfeeMSCMcSnIePl64.dll (McAfee, Inc.)

O18 - ProtocolFilterapplication/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:Program Files (x86)McAfeeMSCMcSnIePl.dll (McAfee, Inc.)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:windowsexplorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:Windowssystem32userinit.exe) - C:WindowsSysNativeuserinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:windowsSysWow64explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:windowsSysWow64userinit.exe (Microsoft Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2003/04/16 05:35:26 | 000,010,134 | R--- | M] () - D:autorun.ico -- [ CDFS ]

O32 - AutoRun File - [2003/04/23 09:52:45 | 000,000,052 | R--- | M] () - D:autorun.inf -- [ CDFS ]

O32 - AutoRun File - [2009/06/12 17:56:58 | 000,000,030 | RH-- | M] () - E:autorun.inf -- [ CDFS ]

O33 - MountPoints2{7aaf447b-1b5a-11e0-8183-88ae1d5a2032}Shell - "" = AutoRun

O33 - MountPoints2{7aaf447b-1b5a-11e0-8183-88ae1d5a2032}ShellAutoRuncommand - "" = E:HPLauncher.exe -- [2009/05/18 13:46:50 | 000,565,248 | R--- | M] ()

O33 - MountPoints2{cbf1125e-1ead-11e0-91d7-806e6f6e6963}Shell - "" = AutoRun

O33 - MountPoints2{cbf1125e-1ead-11e0-91d7-806e6f6e6963}ShellAutoRuncommand - "" = D:InstMenu.exe -- [2004/05/13 11:50:07 | 000,634,880 | R--- | M] ()

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM..comfile [open] -- "%1" %*

O35:64bit: - HKLM..exefile [open] -- "%1" %*

O35 - HKLM..comfile [open] -- "%1" %*

O35 - HKLM..exefile [open] -- "%1" %*

O35 - HKUS-1-5-21-2060765680-1826480785-136355512-1000..exefile [open] -- "%1" %*

O37:64bit: - HKLM...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM...exe [@ = exefile] -- "%1" %*

O37 - HKLM...com [@ = comfile] -- "%1" %*

O37 - HKLM...exe [@ = exefile] -- "%1" %*

O37 - HKUS-1-5-21-2060765680-1826480785-136355512-1000...exe [@ = exefile] -- "%1" %*

O38 - SubSystemsWindows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystemsWindows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystemsWindows: (ServerDll=sxssrv,4)

 

 

CREATERESTOREPOINT

System Restore Service not available.

 

========== Files/Folders - Created Within 30 Days ==========

 

[2012/10/13 00:16:06 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsMcAfee

[2012/10/11 14:34:21 | 000,000,000 | -HSD | C] -- C:Config.Msi

[2012/10/10 22:15:44 | 000,000,000 | -HSD | C] -- C:found.003

[2012/10/09 18:34:39 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativentoskrnl.exe

[2012/10/09 18:34:36 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:windowsSysWow64ntkrnlpa.exe

[2012/10/09 18:34:36 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:windowsSysWow64ntoskrnl.exe

[2012/10/09 18:34:01 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativekernel32.dll

[2012/10/09 18:34:01 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativeKernelBase.dll

[2012/10/09 18:34:00 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativeconhost.exe

[2012/10/09 18:34:00 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativewinsrv.dll

[2012/10/09 18:33:57 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativewow64.dll

[2012/10/09 18:33:55 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:windowsSysWow64setup16.exe

[2012/10/09 18:33:53 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativentvdm64.dll

[2012/10/09 18:33:52 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativewow64win.dll

[2012/10/09 18:33:52 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:windowsSysWow64ntvdm64.dll

[2012/10/09 18:33:52 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativewow64cpu.dll

[2012/10/09 18:33:50 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:windowsSysWow64wow32.dll

[2012/10/09 18:33:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-sysinfo-l1-1-0.dll

[2012/10/09 18:33:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-processthreads-l1-1-0.dll

[2012/10/09 18:33:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-synch-l1-1-0.dll

[2012/10/09 18:33:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-misc-l1-1-0.dll

[2012/10/09 18:33:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-localregistry-l1-1-0.dll

[2012/10/09 18:33:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:windowsSysWow64instnm.exe

[2012/10/09 18:33:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-string-l1-1-0.dll

[2012/10/09 18:33:46 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-processthreads-l1-1-0.dll

[2012/10/09 18:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-rtlsupport-l1-1-0.dll

[2012/10/09 18:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-profile-l1-1-0.dll

[2012/10/09 18:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-profile-l1-1-0.dll

[2012/10/09 18:33:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-processenvironment-l1-1-0.dll

[2012/10/09 18:33:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-namedpipe-l1-1-0.dll

[2012/10/09 18:33:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-memory-l1-1-0.dll

[2012/10/09 18:33:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-memory-l1-1-0.dll

[2012/10/09 18:33:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-libraryloader-l1-1-0.dll

[2012/10/09 18:33:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-interlocked-l1-1-0.dll

[2012/10/09 18:33:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-io-l1-1-0.dll

[2012/10/09 18:33:42 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-file-l1-1-0.dll

[2012/10/09 18:33:42 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-heap-l1-1-0.dll

[2012/10/09 18:33:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-handle-l1-1-0.dll

[2012/10/09 18:33:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-fibers-l1-1-0.dll

[2012/10/09 18:33:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-errorhandling-l1-1-0.dll

[2012/10/09 18:33:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-delayload-l1-1-0.dll

[2012/10/09 18:33:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-delayload-l1-1-0.dll

[2012/10/09 18:33:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-debug-l1-1-0.dll

[2012/10/09 18:33:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-debug-l1-1-0.dll

[2012/10/09 18:33:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-datetime-l1-1-0.dll

[2012/10/09 18:33:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-datetime-l1-1-0.dll

[2012/10/09 18:33:37 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-threadpool-l1-1-0.dll

[2012/10/09 18:33:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-xstate-l1-1-0.dll

[2012/10/09 18:33:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-synch-l1-1-0.dll

[2012/10/09 18:33:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-namedpipe-l1-1-0.dll

[2012/10/09 18:33:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-localregistry-l1-1-0.dll

[2012/10/09 18:33:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-heap-l1-1-0.dll

[2012/10/09 18:33:26 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-file-l1-1-0.dll

[2012/10/09 18:33:23 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-security-base-l1-1-0.dll

[2012/10/09 18:33:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-xstate-l1-1-0.dll

[2012/10/09 18:33:22 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-threadpool-l1-1-0.dll

[2012/10/09 18:33:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-util-l1-1-0.dll

[2012/10/09 18:33:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-util-l1-1-0.dll

[2012/10/09 18:33:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-rtlsupport-l1-1-0.dll

[2012/10/09 18:33:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-processenvironment-l1-1-0.dll

[2012/10/09 18:33:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-misc-l1-1-0.dll

[2012/10/09 18:33:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-libraryloader-l1-1-0.dll

[2012/10/09 18:33:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-string-l1-1-0.dll

[2012/10/09 18:33:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-io-l1-1-0.dll

[2012/10/09 18:33:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-interlocked-l1-1-0.dll

[2012/10/09 18:33:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-handle-l1-1-0.dll

[2012/10/09 18:33:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-fibers-l1-1-0.dll

[2012/10/09 18:33:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-errorhandling-l1-1-0.dll

[2012/10/09 18:33:19 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-security-base-l1-1-0.dll

[2012/10/09 18:33:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-sysinfo-l1-1-0.dll

[2012/10/09 18:33:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-localization-l1-1-0.dll

[2012/10/09 18:33:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-console-l1-1-0.dll

[2012/10/09 18:33:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-localization-l1-1-0.dll

[2012/10/09 18:33:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-console-l1-1-0.dll

[2012/10/09 18:33:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:windowsSysWow64user.exe

[2012/10/09 18:32:23 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativewintrust.dll

[2012/10/09 18:30:39 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativecrypt32.dll

[2012/10/09 18:30:37 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativecryptnet.dll

[2012/10/04 18:30:51 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:windowsSysWow64gdiplus.dll

[2012/10/04 18:30:17 | 000,000,000 | ---D | C] -- C:UsersDrewAppDataRoamingMicrosoftWindowsStart MenuProgramsASIO4ALL v2

[2012/10/04 18:30:16 | 000,000,000 | ---D | C] -- C:Program Files (x86)ASIO4ALL v2

[2012/10/04 18:30:04 | 000,000,000 | ---D | C] -- C:UsersDrewDocumentsImage-Line

[2012/10/04 18:29:49 | 001,554,944 | ---- | C] (HMS http://hp.vector.co.jp/authors/VA012897/) -- C:windowsSysWow64vorbis.acm

[2012/10/04 18:29:49 | 000,000,000 | ---D | C] -- C:UsersDrewAppDataRoamingMicrosoftWindowsStart MenuProgramsImage-Line

[2012/10/04 18:29:45 | 000,000,000 | ---D | C] -- C:Program Files (x86)Outsim

[2012/10/04 18:25:05 | 000,000,000 | ---D | C] -- C:Program Files (x86)Image-Line

[2012/10/04 17:38:41 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsDigiTech

[2012/10/04 17:38:41 | 000,000,000 | ---D | C] -- C:Program FilesDigiTech

[2012/10/04 17:38:36 | 000,000,000 | -H-D | C] -- C:ProgramData{F11320B2-B532-46FC-8CCD-8CF363BC83C6}

[2012/10/04 17:38:26 | 000,000,000 | ---D | C] -- C:UsersDrewAppDataLocalPackageAware

[2012/09/29 16:25:47 | 000,000,000 | ---D | C] -- C:UsersDrewDownloadsDesktopRK_Quarantine

[2012/09/25 15:12:40 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativeOxpsConverter.exe

[2012/09/25 14:37:09 | 000,000,000 | ---D | C] -- C:Program Files (x86)Space International

[2012/09/24 03:01:04 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativemshtmled.dll

[2012/09/24 03:01:04 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:windowsSysWow64mshtmled.dll

[2012/09/24 03:01:00 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:windowsSysWow64ieui.dll

[2012/09/24 03:00:59 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativeieui.dll

[2012/09/24 03:00:59 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativeieUnatt.exe

[2012/09/24 03:00:59 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:windowsSysWow64ieUnatt.exe

[2012/09/24 03:00:58 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativeurl.dll

[2012/09/24 03:00:58 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:windowsSysWow64url.dll

[2012/09/24 03:00:56 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:windowsSysWow64inetcpl.cpl

[2012/09/24 03:00:55 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativejscript9.dll

[2012/09/24 03:00:55 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativeinetcpl.cpl

[2012/09/24 03:00:53 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativemsfeeds.dll

[2012/09/24 03:00:48 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:windowsSysWow64jscript.dll

[2012/09/24 03:00:48 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativevbscript.dll

[2012/09/24 03:00:47 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativejscript.dll

[10 C:UsersDrewDownloadsDesktop*.tmp files -> C:UsersDrewDownloadsDesktop*.tmp -> ]

[1 C:windows*.tmp files -> C:windows*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2012/10/13 09:19:00 | 000,000,830 | ---- | M] () -- C:windowstasksAdobe Flash Player Updater.job

[2012/10/13 09:12:32 | 000,000,898 | ---- | M] () -- C:windowstasksGoogleUpdateTaskMachineUA.job

[2012/10/13 09:12:25 | 000,067,584 | --S- | M] () -- C:windowsbootstat.dat

[2012/10/12 22:29:55 | 000,016,304 | -H-- | M] () -- C:windowsSysNative7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012/10/12 22:29:55 | 000,016,304 | -H-- | M] () -- C:windowsSysNative7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012/10/12 22:27:48 | 000,726,444 | ---- | M] () -- C:windowsSysNativePerfStringBackup.INI

[2012/10/12 22:27:48 | 000,624,412 | ---- | M] () -- C:windowsSysNativeperfh009.dat

[2012/10/12 22:27:48 | 000,

Link to comment
Share on other sites

Your log was incomplete and I received no Extras file but don't worry, I'll get the information I need with these instructions.

 

Run OTL

 

  • double click on the icon to run it.
  • copy/paste ALL the following text written inside the code box into the Custom Scans/Fixes box located at the bottom of OTL

     

    :Services
    
    :OTL
    IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {65731C11-4645-4A39-A31A-B61E121B0AB2}
    IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{65731C11-4645-4A39-A31A-B61E121B0AB2}: "URL" = [url="http://www.google.com/search?sourceid=ie7&q=%7bsearchTerms%7d&rls=com.microsoft:%7blanguage%7d:%7breferrer:source?%7d&ie=%7binputEncoding%7d&oe=%7boutputEncoding%7d&rlz=1I7TSNA"]http://www.google.co...ng}&rlz=1I7TSNA[/url]
    IE - HKLM\..\SearchScopes,DefaultScope = {2617EEEB-8A4D-44E0-9B7D-502E9B5867B6}
    IE - HKLM\..\SearchScopes\{2617EEEB-8A4D-44E0-9B7D-502E9B5867B6}: "URL" = [url="http://www.google.com/search?sourceid=ie7&q=%7bsearchTerms%7d&rls=com.microsoft:%7blanguage%7d:%7breferrer:source?%7d&ie=%7binputEncoding%7d&oe=%7boutputEncoding%7d&rlz=1I7TSNA"]http://www.google.co...ng}&rlz=1I7TSNA[/url]
    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {2617EEEB-8A4D-44E0-9B7D-502E9B5867B6}
    IE - HKU\.DEFAULT\..\SearchScopes\{6FA3FD7E-B8D4-498F-95A4-BC01CE6334D3}: "URL" = [url="http://search.yahoo.com/search?fr=mcafee&p=%7bSearchTerms%7d"]http://search.yahoo....p={SearchTerms}[/url]
    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {2617EEEB-8A4D-44E0-9B7D-502E9B5867B6}
    IE - HKU\S-1-5-18\..\SearchScopes\{6FA3FD7E-B8D4-498F-95A4-BC01CE6334D3}: "URL" = [url="http://search.yahoo.com/search?fr=mcafee&p=%7bSearchTerms%7d"]http://search.yahoo....p={SearchTerms}[/url]
    IE - HKU\S-1-5-21-2060765680-1826480785-136355512-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://vshare.toolbarhome.com/?hp=df"]http://vshare.toolbarhome.com/?hp=df[/url]
    IE - HKU\S-1-5-21-2060765680-1826480785-136355512-1000\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
    IE - HKU\S-1-5-21-2060765680-1826480785-136355512-1000\..\SearchScopes,DefaultScope = {D268B9A5-25E2-4497-AEDB-3B91AA9A0965}
    IE - HKU\S-1-5-21-2060765680-1826480785-136355512-1000\..\SearchScopes\{2617EEEB-8A4D-44E0-9B7D-502E9B5867B6}: "URL" = [url="http://www.google.com/search?sourceid=ie7&q=%7bsearchTerms%7d&rls=com.microsoft:%7blanguage%7d:%7breferrer:source?%7d&ie=%7binputEncoding%7d&oe=%7boutputEncoding%7d&rlz=1I7TSNA"]http://www.google.co...ng}&rlz=1I7TSNA[/url]
    IE - HKU\S-1-5-21-2060765680-1826480785-136355512-1000\..\SearchScopes\{9EF0872E-A246-479F-AFE5-C082724A9C70}: "URL" = [url="http://websearch.ask.com/redirect?client=ie&tb=MYC-ST&o=102868&src=crm&q=%7bsearchTerms%7d&locale=en_US&apn_ptnrs=5I&apn_dtid=YYYYYYYYUS&apn_uid=1638353d-7c4c-4125-8a99-ab890529aaed&apn_sauid=14043211-4C2F-4006-BA2D-1379D68BFCEC&"]http://websearch.ask...D-1379D68BFCEC[/url]
    IE - HKU\S-1-5-21-2060765680-1826480785-136355512-1000\..\SearchScopes\{D268B9A5-25E2-4497-AEDB-3B91AA9A0965}: "URL" = [url="http://www.google.com/search?sourceid=ie7&q=%7bsearchTerms%7d&rls=com.microsoft:%7blanguage%7d:%7breferrer:source?%7d&ie=%7binputEncoding%7d&oe=%7boutputEncoding%7d&rlz=1I7TSNA_enUS413"]http://www.google.co...1I7TSNA_enUS413[/url]
    IE - HKU\S-1-5-21-2060765680-1826480785-136355512-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:53919
    IE - HKU\S-1-5-21-2060765680-1826480785-136355512-1003\..\SearchScopes,DefaultScope = {0F9954BD-E365-4390-8680-080EB6BDCC33}
    IE - HKU\S-1-5-21-2060765680-1826480785-136355512-1003\..\SearchScopes\{0F9954BD-E365-4390-8680-080EB6BDCC33}: "URL" = [url="http://www.google.com/search?sourceid=ie7&q=%7bsearchTerms%7d&rls=com.microsoft:%7blanguage%7d:%7breferrer:source?%7d&ie=%7binputEncoding%7d&oe=%7boutputEncoding%7d&rlz=1I7TSNA"]http://www.google.co...ng}&rlz=1I7TSNA[/url]
    IE - HKU\S-1-5-21-2060765680-1826480785-136355512-1003\..\SearchScopes\{C5FFF4A5-34D3-4A6F-B40E-E928235FFAE8}: "URL" = [url="http://search.yahoo.com/search?fr=mcafee&p=%7bSearchTerms%7d"]http://search.yahoo....p={SearchTerms}[/url]
    FF - prefs.js..browser.search.defaultengine: "Ask.com"
    FF - prefs.js..browser.search.defaultenginename: "Ask.com"
    FF - prefs.js..browser.search.order.1: "Ask.com"
    [2011/10/27 11:41:16 | 000,002,577 | ---- | M] () -- C:\Users\Drew\AppData\Roaming\Mozilla\Firefox\Profiles\iwy8h5nf.default\searchplugins\askcom.xml
    [2011/03/19 21:29:40 | 000,001,583 | ---- | M] () -- C:\Users\Drew\AppData\Roaming\Mozilla\Firefox\Profiles\iwy8h5nf.default\searchplugins\web-search.xml
    O2 - BHO: (Shop to Win) - {3A90A078-4BB9-4568-9557-CDEEFCAE68A0} - C:\Program Files (x86)\Shop to Win 22\Shop to Win 22.dll File not found
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (Updater For XFIN_PORTAL) - {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll File not found
    O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKU\S-1-5-21-2060765680-1826480785-136355512-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O3 - HKU\S-1-5-21-2060765680-1826480785-136355512-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
    O4:[b]64bit:[/b] - HKLM..\Run: [] File not found
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [Reboot]
  • click the Run Fix button at the top
  • let the program run unhindered, reboot when it is done
  • post a new OTL log (don't check the boxes beside LOP Check or Purity this time)
================================================

 

Run MiniToolBox

 

Note: Please make sure Firefox is closed before you run this.

 

Please download MiniToolBox, save it to your desktop and run it.

 

Place a checkmark in the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

 

Logs to include in the next post:

 

OTL fix log

New OTL log

Result.txt

 

Thanks

 

Satchfan

Link to comment
Share on other sites

OTL fix

 

All processes killed

========== SERVICES/DRIVERS ==========

========== OTL ==========

HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearchScopesDefaultScope| /E : value set successfully!

Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearchScopes{65731C11-4645-4A39-A31A-B61E121B0AB2} not found.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{65731C11-4645-4A39-A31A-B61E121B0AB2} not found.

HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearchScopesDefaultScope| /E : value set successfully!

Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearchScopes{2617EEEB-8A4D-44E0-9B7D-502E9B5867B6} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{2617EEEB-8A4D-44E0-9B7D-502E9B5867B6} not found.

HKEY_USERS.DEFAULTSoftwareMicrosoftInternet ExplorerSearchScopesDefaultScope| /E : value set successfully!

Registry key HKEY_USERS.DEFAULTSoftwareMicrosoftInternet ExplorerSearchScopes{6FA3FD7E-B8D4-498F-95A4-BC01CE6334D3} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{6FA3FD7E-B8D4-498F-95A4-BC01CE6334D3} not found.

HKEY_USERSS-1-5-18SoftwareMicrosoftInternet ExplorerSearchScopesDefaultScope| /E : value set successfully!

Registry key HKEY_USERSS-1-5-18SoftwareMicrosoftInternet ExplorerSearchScopes{6FA3FD7E-B8D4-498F-95A4-BC01CE6334D3} not found.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{6FA3FD7E-B8D4-498F-95A4-BC01CE6334D3} not found.

HKUS-1-5-21-2060765680-1826480785-136355512-1000SOFTWAREMicrosoftInternet ExplorerMainStart Page| /E : value set successfully!

Registry value HKEY_USERSS-1-5-21-2060765680-1826480785-136355512-1000SoftwareMicrosoftInternet ExplorerURLSearchHooks{472734EA-242A-422b-ADF8-83D1E48CC825} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{472734EA-242A-422b-ADF8-83D1E48CC825} not found.

HKEY_USERSS-1-5-21-2060765680-1826480785-136355512-1000SoftwareMicrosoftInternet ExplorerSearchScopesDefaultScope| /E : value set successfully!

Registry key HKEY_USERSS-1-5-21-2060765680-1826480785-136355512-1000SoftwareMicrosoftInternet ExplorerSearchScopes{2617EEEB-8A4D-44E0-9B7D-502E9B5867B6} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{2617EEEB-8A4D-44E0-9B7D-502E9B5867B6} not found.

Registry key HKEY_USERSS-1-5-21-2060765680-1826480785-136355512-1000SoftwareMicrosoftInternet ExplorerSearchScopes{9EF0872E-A246-479F-AFE5-C082724A9C70} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{9EF0872E-A246-479F-AFE5-C082724A9C70} not found.

Registry key HKEY_USERSS-1-5-21-2060765680-1826480785-136355512-1000SoftwareMicrosoftInternet ExplorerSearchScopes{D268B9A5-25E2-4497-AEDB-3B91AA9A0965} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{D268B9A5-25E2-4497-AEDB-3B91AA9A0965} not found.

HKUS-1-5-21-2060765680-1826480785-136355512-1000SoftwareMicrosoftWindowsCurrentVersionInternet SettingsProxyServer| /E : value set successfully!

HKEY_USERSS-1-5-21-2060765680-1826480785-136355512-1003SoftwareMicrosoftInternet ExplorerSearchScopesDefaultScope| /E : value set successfully!

Registry key HKEY_USERSS-1-5-21-2060765680-1826480785-136355512-1003SoftwareMicrosoftInternet ExplorerSearchScopes{0F9954BD-E365-4390-8680-080EB6BDCC33} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{0F9954BD-E365-4390-8680-080EB6BDCC33} not found.

Registry key HKEY_USERSS-1-5-21-2060765680-1826480785-136355512-1003SoftwareMicrosoftInternet ExplorerSearchScopes{C5FFF4A5-34D3-4A6F-B40E-E928235FFAE8} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{C5FFF4A5-34D3-4A6F-B40E-E928235FFAE8} not found.

Prefs.js: "Ask.com" removed from browser.search.defaultengine

Prefs.js: "Ask.com" removed from browser.search.defaultenginename

Prefs.js: "Ask.com" removed from browser.search.order.1

C:UsersDrewAppDataRoamingMozillaFirefoxProfilesiwy8h5nf.defaultsearchpluginsaskcom.xml moved successfully.

C:UsersDrewAppDataRoamingMozillaFirefoxProfilesiwy8h5nf.defaultsearchpluginsweb-search.xml moved successfully.

Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3A90A078-4BB9-4568-9557-CDEEFCAE68A0} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{3A90A078-4BB9-4568-9557-CDEEFCAE68A0} deleted successfully.

Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{5C255C8A-E604-49b4-9D64-90988571CECB} not found.

Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{bb46be07-13eb-4c49-b0f0-fc78b9ea4983} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{bb46be07-13eb-4c49-b0f0-fc78b9ea4983} deleted successfully.

Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerToolbarLocked deleted successfully.

Registry value HKEY_USERSS-1-5-21-2060765680-1826480785-136355512-1000SoftwareMicrosoftInternet ExplorerToolbarWebBrowser{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.

Registry value HKEY_USERSS-1-5-21-2060765680-1826480785-136355512-1000SoftwareMicrosoftInternet ExplorerToolbarWebBrowser{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{D4027C7F-154A-4066-A1AD-4243D8127440} not found.

Registry value HKEY_USERSS-1-5-19SoftwareMicrosoftWindowsCurrentVersionRunOncemctadmin deleted successfully.

Registry value HKEY_USERSS-1-5-20SoftwareMicrosoftWindowsCurrentVersionRunOncemctadmin deleted successfully.

========== COMMANDS ==========

C:windowsSystem32driversetcHosts moved successfully.

HOSTS file reset successfully

 

[EMPTYTEMP]

 

User: Administrator

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Drew

->Temp folder emptied: 6229194945 bytes

->Temporary Internet Files folder emptied: 598443977 bytes

->Java cache emptied: 2974730 bytes

->FireFox cache emptied: 62435745 bytes

->Flash cache emptied: 1367698 bytes

 

User: Productive

->Temp folder emptied: 1750361804 bytes

->Temporary Internet Files folder emptied: 100023477 bytes

->Java cache emptied: 1122920 bytes

->FireFox cache emptied: 61091523 bytes

->Flash cache emptied: 877 bytes

 

User: Public

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%System32 .tmp files removed: 0 bytes

%systemroot%System32 (64bit) .tmp files removed: 0 bytes

%systemroot%System32drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 443381873 bytes

%systemroot%sysnativeconfigsystemprofileAppDataLocalMicrosoftWindowsTemporary Internet Files folder emptied: 67563 bytes

RecycleBin emptied: 34957324 bytes

 

Total Files Cleaned = 8,855.00 mb

 

 

OTL by OldTimer - Version 3.2.70.2 log created on 10152012_150658

 

FilesFolders moved on Reboot...

File move failed. C:UsersProductiveAppDataLocalTempFXSAPIDebugLogFile.txt scheduled to be moved on reboot.

File move failed. C:windowstempTmpFile1 scheduled to be moved on reboot.

 

PendingFileRenameOperations files...

 

Registry entries deleted on Reboot...

 

 

 

New OTL

 

OTL logfile created on: 10/15/2012 3:27:08 PM - Run 5

OTL by OldTimer - Version 3.2.70.2 Folder = C:UsersProductiveDesktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

3.75 Gb Total Physical Memory | 2.21 Gb Available Physical Memory | 59.08% Memory free

7.49 Gb Paging File | 5.54 Gb Available in Paging File | 74.00% Paging File free

Paging file location(s): ?:pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:windows | %ProgramFiles% = C:Program Files (x86)

Drive C: | 454.19 Gb Total Space | 69.61 Gb Free Space | 15.33% Space Free | Partition Type: NTFS

Drive D: | 28.19 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Drive E: | 0.86 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Drive F: | 1862.36 Gb Total Space | 46.92 Gb Free Space | 2.52% Space Free | Partition Type: NTFS

 

Computer Name: DREW-PC | User Name: Drew | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - File not found --

PRC - [2012/10/04 21:32:17 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:UsersProductiveDesktopOTL(1).exe

PRC - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:ProgramDataSkypeToolbarsSkype C2C Servicec2c_service.exe

PRC - [2012/07/24 22:08:10 | 026,909,544 | ---- | M] (Dropbox, Inc.) -- C:UsersProductiveAppDataRoamingDropboxbinDropbox.exe

PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe

PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exe

PRC - [2011/04/25 11:30:52 | 003,298,712 | ---- | M] (Tonec Inc.) -- C:Program Files (x86)Internet Download ManagerIDMan.exe

PRC - [2011/01/13 16:17:26 | 001,589,208 | ---- | M] (PC Tools) -- C:Program Files (x86)PC Tools SecuritypctsGui.exe

PRC - [2010/11/19 07:57:14 | 001,150,936 | ---- | M] (PC Tools) -- C:Program Files (x86)PC Tools SecuritypctsSvc.exe

PRC - [2010/05/25 10:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:Program Files (x86)Internet Download ManagerIEMonitor.exe

PRC - [2010/03/15 15:02:36 | 000,366,840 | ---- | M] (PC Tools) -- C:Program Files (x86)PC Tools SecuritypctsAuxs.exe

PRC - [2009/06/17 13:49:44 | 000,616,408 | ---- | M] () -- C:Program Files (x86)comcasttbComcastSpywareScanComcastAntiSpyService.exe

PRC - [2007/11/26 14:47:40 | 000,598,856 | ---- | M] (Webroot Software, Inc.) -- C:Program Files (x86)WebrootWasherWasherSvc.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:Program Files (x86)Common FilesAppleApple Application Supportzlib1.dll

MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:Program Files (x86)Common FilesAppleApple Application Supportlibxml2.dll

 

 

========== Services (SafeList) ==========

 

SRV:64bit: - [2012/08/23 11:57:48 | 000,502,064 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:Program FilesMcAfeeVirusScanmcods.exe -- (McODS)

SRV:64bit: - [2012/03/20 13:11:30 | 000,162,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:WindowsSysNativemfevtps.exe -- (mfevtp)

SRV:64bit: - [2012/03/20 12:56:24 | 000,210,584 | ---- | M] () [Auto | Running] -- C:Program FilesCommon FilesMcAfeeSystemCoremfefire.exe -- (mfefire)

SRV:64bit: - [2012/03/20 12:55:54 | 000,199,272 | ---- | M] () [Auto | Running] -- C:Program FilesCommon FilesMcAfeeSystemCoremcshield.exe -- (McShield)

SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:Program FilesCommon FilesMcAfeeMcSvcHostMcSvHost.exe -- (MSK80Service)

SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:Program FilesCommon FilesMcAfeeMcSvcHostMcSvHost.exe -- (McProxy)

SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:Program FilesCommon FilesMcAfeeMcSvcHostMcSvHost.exe -- (McNASvc)

SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:Program FilesCommon FilesMcAfeeMcSvcHostMcSvHost.exe -- (McNaiAnn)

SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:Program FilesCommon FilesMcAfeeMcSvcHostMcSvHost.exe -- (mcmscsvc)

SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:Program FilesCommon FilesMcAfeeMcSvcHostMcSvHost.exe -- (McMPFSvc)

SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:Program FilesCommon FilesMcAfeeMcSvcHostMcSvHost.exe -- (McAfee SiteAdvisor Service)

SRV:64bit: - [2010/06/07 13:02:48 | 000,125,440 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:Program FilesSUPERAntiSpywareSASCore64.exe -- (!SASCORE)

SRV:64bit: - [2010/05/12 15:17:04 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:Program FilesTOSHIBAPower SaverTosCoSrv.exe -- (TosCoSrv)

SRV:64bit: - [2010/04/27 01:49:36 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:WindowsSysNativeatiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2010/04/06 17:53:14 | 000,258,928 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:Program FilesTOSHIBATECOTecoService.exe -- (TOSHIBA eco Utility Service)

SRV:64bit: - [2010/03/31 17:43:38 | 000,835,952 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:Program FilesTOSHIBATPHMTPCHSrv.exe -- (TPCHSrv)

SRV:64bit: - [2010/02/05 20:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)

SRV:64bit: - [2009/12/16 16:44:44 | 003,750,400 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:WindowsSysNativehasplms.exe -- (hasplms)

SRV:64bit: - [2009/10/21 12:30:36 | 000,531,520 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:WindowsSysNativeThpSrv.exe -- (Thpsrv)

SRV:64bit: - [2009/07/28 18:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:WindowsSysNativeTODDSrv.exe -- (TODDSrv)

SRV - [2012/10/08 23:19:14 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:ProgramDataSkypeToolbarsSkype C2C Servicec2c_service.exe -- (Skype C2C Service)

SRV - [2012/08/02 11:43:49 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012/06/07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:Program Files (x86)SkypeUpdaterUpdater.exe -- (SkypeUpdate)

SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe -- (MBAMService)

SRV - [2010/11/19 07:57:14 | 001,150,936 | ---- | M] (PC Tools) [Auto | Running] -- C:Program Files (x86)PC Tools SecuritypctsSvc.exe -- (sdCoreService)

SRV - [2010/09/20 04:27:20 | 000,207,672 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:Program Files (x86)McAfee Online BackupMOBK755backup.exe -- (MOBK755backup)

SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/03/15 15:02:36 | 000,366,840 | ---- | M] (PC Tools) [Auto | Running] -- C:Program Files (x86)PC Tools SecuritypctsAuxs.exe -- (sdAuxService)

SRV - [2009/12/03 22:30:18 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:Program Files (x86)TOSHIBA GamesTOSHIBA Game ConsoleGameConsoleService.exe -- (GameConsoleService)

SRV - [2009/10/06 12:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:Program Files (x86)TOSHIBATOSHIBA Service StationTMachInfo.exe -- (TMachInfo)

SRV - [2009/06/17 13:49:44 | 000,616,408 | ---- | M] () [Auto | Running] -- C:Program Files (x86)comcasttbComcastSpywareScanComcastAntiSpyService.exe -- (AntiSpywareService)

SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:WindowsMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2007/11/26 14:47:40 | 000,598,856 | ---- | M] (Webroot Software, Inc.) [Auto | Running] -- C:Program Files (x86)WebrootWasherWasherSvc.exe -- (wwEngineSvc)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:WindowsSysNativedriversmbam.sys -- (MBAMProtector)

DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:windowsSysNativedriversfs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2012/02/22 13:29:46 | 000,647,208 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:WindowsSysNativedriversmfehidk.sys -- (mfehidk)

DRV:64bit: - [2012/02/22 13:29:46 | 000,487,296 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversmfefirek.sys -- (mfefirek)

DRV:64bit: - [2012/02/22 13:29:46 | 000,289,664 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:WindowsSysNativedriversmfewfpk.sys -- (mfewfpk)

DRV:64bit: - [2012/02/22 13:29:46 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversmfeavfk.sys -- (mfeavfk)

DRV:64bit: - [2012/02/22 13:29:46 | 000,160,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversmfeapfk.sys -- (mfeapfk)

DRV:64bit: - [2012/02/22 13:29:46 | 000,100,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversmferkdet.sys -- (mferkdet)

DRV:64bit: - [2012/02/22 13:29:46 | 000,075,936 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:WindowsSysNativedriversmfenlfk.sys -- (mfenlfk)

DRV:64bit: - [2012/02/22 13:29:46 | 000,065,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriverscfwids.sys -- (cfwids)

DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversusbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2011/03/28 13:46:40 | 000,146,568 | ---- | M] (Tonec Inc.) [Kernel | Auto | Stopped] -- C:WindowsSysNativedriversidmwfp.sys -- (IDMWFP)

DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversamdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:WindowsSysNativedriversamdxata.sys -- (amdxata)

DRV:64bit: - [2010/12/10 14:24:50 | 000,257,232 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:WindowsSysNativedriversPCTCore64.sys -- (PCTCore)

DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversHpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversTsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010/11/20 05:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriverssdbus.sys -- (sdbus)

DRV:64bit: - [2010/09/20 04:27:12 | 000,066,040 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:WindowsSysNativedriversMOBK755.sys -- (MOBK755Filter)

DRV:64bit: - [2010/07/16 15:53:32 | 000,816,016 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:WindowsSysNativedriverspctEFA64.sys -- (pctEFA)

DRV:64bit: - [2010/06/29 11:35:34 | 000,452,872 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:WindowsSysNativedriverspctDS64.sys -- (pctDS)

DRV:64bit: - [2010/05/24 23:07:56 | 000,253,728 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversRtHDMIVX.sys -- (RTHDMIAzAudService)

DRV:64bit: - [2010/05/18 19:02:48 | 000,164,464 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversjmcr.sys -- (JMCR)

DRV:64bit: - [2010/04/27 07:56:34 | 006,659,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversatikmdag.sys -- (amdkmdag)

DRV:64bit: - [2010/04/27 04:23:08 | 001,103,904 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversrtl8192se.sys -- (rtl8192se)

DRV:64bit: - [2010/04/27 01:17:26 | 000,195,584 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversatikmpag.sys -- (amdkmdap)

DRV:64bit: - [2010/03/10 21:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversSynTP.sys -- (SynTP)

DRV:64bit: - [2010/03/05 20:15:14 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:WindowsSysNativedriverstos_sps64.sys -- (tos_sps64)

DRV:64bit: - [2010/03/05 00:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversRt64win7.sys -- (RTL8167)

DRV:64bit: - [2010/02/17 14:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:Program FilesSUPERAntiSpywaresasdifsv64.sys -- (SASDIFSV)

DRV:64bit: - [2010/02/17 14:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:Program FilesSUPERAntiSpywaresaskutil64.sys -- (SASKUTIL)

DRV:64bit: - [2009/09/21 08:07:26 | 000,071,040 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:WindowsSysNativedriversaksdf.sys -- (aksdf)

DRV:64bit: - [2009/08/20 07:02:06 | 000,130,816 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:WindowsSysNativedriversaksfridge.sys -- (aksfridge)

DRV:64bit: - [2009/07/31 00:02:36 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:WindowsSysNativedriversLPCFilter.sys -- (LPCFilter)

DRV:64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriverstdcmdpst.sys -- (tdcmdpst)

DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:WindowsSysNativedriversTVALZ_O.SYS -- (TVALZ)

DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversamdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriverslsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversstexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversserscan.sys -- (StillCam)

DRV:64bit: - [2009/07/13 20:00:24 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversacpials.sys -- (acpials)

DRV:64bit: - [2009/06/29 19:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:WindowsSysNativedriversThpevm.sys -- (Thpevm)

DRV:64bit: - [2009/06/29 13:25:22 | 000,034,880 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:WindowsSysNativedriversthpdrv.sys -- (Thpdrv)

DRV:64bit: - [2009/06/22 20:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversPGEffect.sys -- (PGEffect)

DRV:64bit: - [2009/06/19 22:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:WindowsSysNativedriversTVALZFL.sys -- (TVALZFL)

DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversevbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversbxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedriversb57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:WindowsSysNativedrivershcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversGEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2009/05/05 13:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:WindowsSysNativedriversAtiPcie.sys -- (AtiPcie)

DRV:64bit: - [2009/03/13 10:55:38 | 000,318,464 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:WindowsSysNativedrivershardlock.sys -- (hardlock)

DRV:64bit: - [2008/03/13 03:46:00 | 000,027,136 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:WindowsSysNativedriversManyCam_x64.sys -- (ManyCam)

DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:WindowsSysWOW64driverswimmount.sys -- (WIMMount)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE:64bit: - HKLM..SearchScopes,DefaultScope = {65731C11-4645-4A39-A31A-B61E121B0AB2}

IE:64bit: - HKLM..SearchScopes{65731C11-4645-4A39-A31A-B61E121B0AB2}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA

IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm

IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

IE - HKLM..SearchScopes,DefaultScope =

 

 

IE - HKU.DEFAULT..SearchScopes,DefaultScope =

IE - HKU.DEFAULTSoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0

 

IE - HKUS-1-5-18..SearchScopes,DefaultScope =

IE - HKUS-1-5-18SoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0

 

 

 

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1000SOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1000SOFTWAREMicrosoftInternet ExplorerMain,SearchDefaultBranded = 1

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1000SOFTWAREMicrosoftInternet ExplorerMain,Start Page =

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1000..URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:Program Files (x86)McAfeeSiteAdvisorMcIEPlg.dll (McAfee, Inc.)

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1000..SearchScopes,DefaultScope =

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1000SoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1000SoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyOverride" = *.local

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1000SoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyServer" =

 

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1003SOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.google.com/ig?brand=TSNA&bmod=TSNA

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1003SOFTWAREMicrosoftInternet ExplorerMain,SearchDefaultBranded = 1

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1003SOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.google.com/ig?brand=TSNA&bmod=TSNA

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1003..URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:Program Files (x86)McAfeeSiteAdvisorMcIEPlg.dll (McAfee, Inc.)

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1003..SearchScopes,DefaultScope =

IE - HKUS-1-5-21-2060765680-1826480785-136355512-1003SoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..browser.search.defaultengine: ""

FF - prefs.js..browser.search.defaultenginename: ""

FF - prefs.js..browser.search.order.1: ""

FF - prefs.js..browser.search.selectedEngine: "Yahoo"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://en.wikipedia.org/wiki/Electromagnetism"

FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1

FF - user.js - File not found

 

FF:64bit: - HKLMSoftwareMozillaPlugins@adobe.com/FlashPlayer: C:windowssystem32MacromedFlashNPSWF64_11_4_402_287.dll File not found

FF:64bit: - HKLMSoftwareMozillaPlugins@mcafee.com/MSC,version=10: c:PROGRA~1mcafeemscNPMCSN~1.DLL ()

FF:64bit: - HKLMSoftwareMozillaPlugins@microsoft.com/GENUINE: disabled File not found

FF - HKLMSoftwareMozillaPlugins@adobe.com/FlashPlayer: C:windowsSysWOW64MacromedFlashNPSWF32_11_4_402_287.dll ()

FF - HKLMSoftwareMozillaPlugins@Apple.com/iTunes,version=: File not found

FF - HKLMSoftwareMozillaPlugins@Apple.com/iTunes,version=1.0: C:Program Files (x86)iTunesMozilla Pluginsnpitunes.dll ()

FF - HKLMSoftwareMozillaPlugins@java.com/DTPlugin,version=10.5.1: C:windowsSysWOW64npDeployJava1.dll (Oracle Corporation)

FF - HKLMSoftwareMozillaPlugins@java.com/JavaPlugin,version=10.5.1: C:Program Files (x86)OracleJavaFX 2.1 Runtimebinplugin2npjp2.dll (Oracle Corporation)

FF - HKLMSoftwareMozillaPlugins@mcafee.com/MSC,version=10: c:progra~2mcafeemscnpmcsn~1.dll ()

FF - HKLMSoftwareMozillaPlugins@mcafee.com/SAFFPlugin: C:Program Files (x86)McAfeeSiteAdvisornpmcffplg32.dll (McAfee, Inc.)

FF - HKLMSoftwareMozillaPlugins@microsoft.com/GENUINE: disabled File not found

FF - HKLMSoftwareMozillaPlugins@Microsoft.com/NpCtrl,version=1.0: c:Program Files (x86)Microsoft Silverlight4.1.10329.0npctrl.dll ( Microsoft Corporation)

FF - HKLMSoftwareMozillaPlugins@microsoft.com/WLPG,version=14.0.8081.0709: C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll (Microsoft Corporation)

FF - HKLMSoftwareMozillaPlugins@spaceinter.com/EZKeytecPlugin: C:Program Files (x86)Space InternationalEasykeytec v2.0npEZKeytecPlugin.dll (Space International, Inc. )

FF - HKLMSoftwareMozillaPlugins@spaceinter.com/EZKeytecPlugins: C:Program Files (x86)Space InternationalEasykeytec v2.0npEZKeytecPlugins.dll (Space International, Inc. )

FF - HKLMSoftwareMozillaPlugins@tools.google.com/Google Update;version=3: C:Program Files (x86)GoogleUpdate1.3.21.123npGoogleUpdate3.dll (Google Inc.)

FF - HKLMSoftwareMozillaPlugins@tools.google.com/Google Update;version=9: C:Program Files (x86)GoogleUpdate1.3.21.123npGoogleUpdate3.dll (Google Inc.)

FF - HKLMSoftwareMozillaPlugins@videolan.org/vlc,version=2.0.2: C:Program Files (x86)VideoLANVLCnpvlc.dll (VideoLAN)

 

FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:Program Files (x86)McAfeeSiteAdvisor [2012/05/13 01:08:45 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:Program Files (x86)Common FilesMcAfeeSystemCore [2012/06/22 01:22:22 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINEsoftwaremozillaMozilla Firefox 14.0.1extensionsComponents: C:Program Files (x86)Mozilla Firefoxcomponents [2012/08/02 11:43:50 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINEsoftwaremozillaMozilla Firefox 14.0.1extensionsPlugins: C:Program Files (x86)Mozilla Firefoxplugins [2012/08/26 00:19:27 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USERsoftwaremozillaFirefoxExtensionsmozilla_cc@internetdownloadmanager.com: C:UsersDrewAppDataRoamingIDMidmmzcc3 [2011/05/10 20:45:16 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USERsoftwaremozillaMozilla Firefox 13.0.1extensionsComponents: C:Program Files (x86)Mozilla Firefoxcomponents [2012/08/02 11:43:50 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USERsoftwaremozillaMozilla Firefox 13.0.1extensionsPlugins: C:Program Files (x86)Mozilla Firefoxplugins [2012/08/26 00:19:27 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USERsoftwaremozillaSeaMonkeyExtensionsmozilla_cc@internetdownloadmanager.com: C:UsersDrewAppDataRoamingIDMidmmzcc3 [2011/05/10 20:45:16 | 000,000,000 | ---D | M]

 

[2011/01/08 16:17:58 | 000,000,000 | ---D | M] (No name found) -- C:UsersDrewAppDataRoamingMozillaExtensions

[2012/07/25 09:16:39 | 000,000,000 | ---D | M] (No name found) -- C:UsersDrewAppDataRoamingMozillaFirefoxProfilesiwy8h5nf.defaultextensions

[2011/07/07 23:25:27 | 000,031,748 | ---- | M] () (No name found) -- C:UsersDrewAppDataRoamingMozillaFirefoxProfilesiwy8h5nf.defaultextensionswebmaster@keep-tube.com.xpi

[2012/07/25 09:16:39 | 000,741,958 | ---- | M] () (No name found) -- C:UsersDrewAppDataRoamingMozillaFirefoxProfilesiwy8h5nf.defaultextensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

[2012/06/28 02:02:08 | 000,000,000 | ---D | M] (No name found) -- C:Program Files (x86)Mozilla Firefoxextensions

[2012/08/23 13:44:44 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:Program Files (x86)Mozilla Firefoxextensions{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

[2012/08/02 11:43:49 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:Program Files (x86)mozilla firefoxcomponentsbrowsercomps.dll

[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:Program Files (x86)mozilla firefoxcomponentsScriptff.dll

[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:Program Files (x86)mozilla firefoxpluginsnpdeployJava1.dll

[2012/06/17 17:31:35 | 000,002,252 | ---- | M] () -- C:Program Files (x86)mozilla firefoxsearchpluginsbing.xml

[2011/10/09 12:01:19 | 000,002,024 | ---- | M] () -- C:Program Files (x86)mozilla firefoxsearchpluginsMcSiteAdvisor.xml

[2012/06/17 17:31:35 | 000,002,040 | ---- | M] () -- C:Program Files (x86)mozilla firefoxsearchpluginstwitter.xml

 

O1 HOSTS File: ([2012/10/15 15:07:13 | 000,000,098 | ---- | M]) - C:WindowsSysNativedriversetcHosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:Program Files (x86)Internet Download ManagerIDMIECC64.dll (Internet Download Manager, Tonec Inc.)

O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:PROGRA~1mcafeemskMSKAPB~1.DLL File not found

O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:Program FilesCommon FilesMcAfeeSystemCoreScriptSn.20120622001946.dll (McAfee, Inc.)

O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll (Skype Technologies S.A.)

O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:Program Files (x86)McAfeeSiteAdvisorx64McIEPlg.dll (McAfee, Inc.)

O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:Program Files (x86)Internet Download ManagerIDMIECC.dll (Internet Download Manager, Tonec Inc.)

O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:Program FilesMcAfeeMSKmskapbho.dll ()

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)OracleJavaFX 2.1 Runtimebinssv.dll (Oracle Corporation)

O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:Program Files (x86)Common FilesMcAfeeSystemCoreScriptSn.20120622001946.dll (McAfee, Inc.)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:Program Files (x86)McAfeeSiteAdvisorMcIEPlg.dll (McAfee, Inc.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)OracleJavaFX 2.1 Runtimebinjp2ssv.dll (Oracle Corporation)

O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:Program Files (x86)TOSHIBATOSHIBA Media Controller Plug-inTOSHIBAMediaControllerIE.dll (<TOSHIBA>)

O3:64bit: - HKLM..Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:Program Files (x86)McAfeeSiteAdvisorx64McIEPlg.dll (McAfee, Inc.)

O3:64bit: - HKLM..Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM..Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:Program Files (x86)McAfeeSiteAdvisorMcIEPlg.dll (McAfee, Inc.)

O4:64bit: - HKLM..Run: [] File not found

O4:64bit: - HKLM..Run: [RtHDVBg] C:Program FilesRealtekAudioHDARAVBg64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..Run: [RtHDVCpl] C:Program FilesRealtekAudioHDARAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..Run: [APSDaemon] C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe (Apple Inc.)

O4 - HKLM..Run: [iSTray] C:Program Files (x86)PC Tools SecuritypctsGui.exe (PC Tools)

O4 - HKLM..Run: [Malwarebytes' Anti-Malware] C:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exe (Malwarebytes Corporation)

O4 - HKLM..Run: [mcui_exe] C:Program FilesMcAfee.comAgentmcagent.exe (McAfee, Inc.)

O4 - HKUS-1-5-19..Run: [sidebar] C:Program Files (x86)Windows SidebarSidebar.exe (Microsoft Corporation)

O4 - HKUS-1-5-20..Run: [sidebar] C:Program Files (x86)Windows SidebarSidebar.exe (Microsoft Corporation)

O4 - HKUS-1-5-21-2060765680-1826480785-136355512-1000..Run: [ComcastAntispyClient] C:Program Files (x86)comcasttbComcastSpywareScanComcastAntispy.exe ()

O4 - HKUS-1-5-21-2060765680-1826480785-136355512-1000..Run: [iDMan] C:Program Files (x86)Internet Download ManagerIDMan.exe (Tonec Inc.)

O4 - HKUS-1-5-21-2060765680-1826480785-136355512-1003..Run: [iDMan] C:Program Files (x86)Internet Download ManagerIDMan.exe (Tonec Inc.)

O4 - HKUS-1-5-21-2060765680-1826480785-136355512-1003..Run: [NortonOnlineBackupReminder] C:Program Files (x86)TOSHIBAToshiba Online BackupActivationTobuActivation.exe (Toshiba)

O4 - Startup: C:UsersProductiveAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupDropbox.lnk = File not found

O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoActiveDesktop = 1

O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoActiveDesktopChanges = 1

O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoControlPanel = 0

O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: ConsentPromptBehaviorAdmin = 5

O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: ConsentPromptBehaviorUser = 3

O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: PromptOnSecureDesktop = 0

O7 - HKUS-1-5-21-2060765680-1826480785-136355512-1000SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: HideSCAHealth = 1

O7 - HKUS-1-5-21-2060765680-1826480785-136355512-1000SOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: LogonHoursAction = 2

O7 - HKUS-1-5-21-2060765680-1826480785-136355512-1000SOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: DontDisplayLogonHoursWarnings = 1

O7 - HKUS-1-5-21-2060765680-1826480785-136355512-1003SOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoDriveTypeAutoRun = 145

O7 - HKUS-1-5-21-2060765680-1826480785-136355512-1003SOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: LogonHoursAction = 2

O7 - HKUS-1-5-21-2060765680-1826480785-136355512-1003SOFTWAREMicrosoftWindowsCurrentVersionpoliciesSystem: DontDisplayLogonHoursWarnings = 1

O8:64bit: - Extra context menu item: Download all links with IDM - C:Program Files (x86)Internet Download ManagerIEGetAll.htm ()

O8:64bit: - Extra context menu item: Download with IDM - C:Program Files (x86)Internet Download ManagerIEExt.htm ()

O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:Program Files (x86)GoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html File not found

O8 - Extra context menu item: Download all links with IDM - C:Program Files (x86)Internet Download ManagerIEGetAll.htm ()

O8 - Extra context menu item: Download with IDM - C:Program Files (x86)Internet Download ManagerIEExt.htm ()

O8 - Extra context menu item: Google Sidewiki... - res://C:Program Files (x86)GoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html File not found

O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:Program Files (x86)Bodog PokerBPGame.exe File not found

O10:64bit: - NameSpace_Catalog5Catalog_Entries64000000000005 [] - C:Program FilesBonjourmdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5Catalog_Entries000000000005 [] - C:Program Files (x86)BonjourmdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.5.1)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.5.1)

O17 - HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1 65.32.5.111 65.32.5.112

O17 - HKLMSystemCCSServicesTcpipParametersInterfaces{A951ABE8-64A9-4875-9794-CBAE631DC447}: DhcpNameServer = 192.168.1.1 65.32.5.111 65.32.5.112

O18:64bit: - ProtocolHandlerdssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:Program Files (x86)McAfeeSiteAdvisorx64McIEPlg.dll (McAfee, Inc.)

O18:64bit: - ProtocolHandlergrooveLocalGWS - No CLSID value found

O18:64bit: - ProtocolHandlerlivecall - No CLSID value found

O18:64bit: - ProtocolHandlerms-help - No CLSID value found

O18:64bit: - ProtocolHandlerms-itss - No CLSID value found

O18:64bit: - ProtocolHandlermsnim - No CLSID value found

O18:64bit: - ProtocolHandlersacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:Program Files (x86)McAfeeSiteAdvisorx64McIEPlg.dll (McAfee, Inc.)

O18:64bit: - ProtocolHandlerskype4com - No CLSID value found

O18:64bit: - ProtocolHandlerskype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll (Skype Technologies S.A.)

O18:64bit: - ProtocolHandlerwlmailhtml - No CLSID value found

O18 - ProtocolHandlerdssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:Program Files (x86)McAfeeSiteAdvisorMcIEPlg.dll (McAfee, Inc.)

O18 - ProtocolHandlersacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:Program Files (x86)McAfeeSiteAdvisorMcIEPlg.dll (McAfee, Inc.)

O18 - ProtocolHandlerskype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program Files (x86)Common FilesSkypeSkype4COM.dll (Skype Technologies)

O18 - ProtocolHandlerskype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.)

O18:64bit: - ProtocolFilterapplication/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:Program FilesMcAfeeMSCMcSnIePl64.dll (McAfee, Inc.)

O18 - ProtocolFilterapplication/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:Program Files (x86)McAfeeMSCMcSnIePl.dll (McAfee, Inc.)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:windowsexplorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:Windowssystem32userinit.exe) - C:WindowsSysNativeuserinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:windowsSysWow64explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:windowsSysWow64userinit.exe (Microsoft Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2003/04/16 05:35:26 | 000,010,134 | R--- | M] () - D:autorun.ico -- [ CDFS ]

O32 - AutoRun File - [2003/04/23 09:52:45 | 000,000,052 | R--- | M] () - D:autorun.inf -- [ CDFS ]

O32 - AutoRun File - [2009/06/12 17:56:58 | 000,000,030 | RH-- | M] () - E:autorun.inf -- [ CDFS ]

O33 - MountPoints2{7aaf447b-1b5a-11e0-8183-88ae1d5a2032}Shell - "" = AutoRun

O33 - MountPoints2{7aaf447b-1b5a-11e0-8183-88ae1d5a2032}ShellAutoRuncommand - "" = E:HPLauncher.exe -- [2009/05/18 13:46:50 | 000,565,248 | R--- | M] ()

O33 - MountPoints2{cbf1125e-1ead-11e0-91d7-806e6f6e6963}Shell - "" = AutoRun

O33 - MountPoints2{cbf1125e-1ead-11e0-91d7-806e6f6e6963}ShellAutoRuncommand - "" = D:InstMenu.exe -- [2004/05/13 11:50:07 | 000,634,880 | R--- | M] ()

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM..comfile [open] -- "%1" %*

O35:64bit: - HKLM..exefile [open] -- "%1" %*

O35 - HKLM..comfile [open] -- "%1" %*

O35 - HKLM..exefile [open] -- "%1" %*

O35 - HKUS-1-5-21-2060765680-1826480785-136355512-1000..exefile [open] -- "%1" %*

O37:64bit: - HKLM...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM...exe [@ = exefile] -- "%1" %*

O37 - HKLM...com [@ = comfile] -- "%1" %*

O37 - HKLM...exe [@ = exefile] -- "%1" %*

O37 - HKUS-1-5-21-2060765680-1826480785-136355512-1000...exe [@ = exefile] -- "%1" %*

O38 - SubSystemsWindows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystemsWindows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystemsWindows: (ServerDll=sxssrv,4)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2012/10/15 15:23:45 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsMcAfee

[2012/10/15 15:06:58 | 000,000,000 | ---D | C] -- C:_OTL

[2012/10/11 14:34:21 | 000,000,000 | -HSD | C] -- C:Config.Msi

[2012/10/10 22:15:44 | 000,000,000 | -HSD | C] -- C:found.003

[2012/10/09 18:34:39 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativentoskrnl.exe

[2012/10/09 18:34:36 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:windowsSysWow64ntkrnlpa.exe

[2012/10/09 18:34:36 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:windowsSysWow64ntoskrnl.exe

[2012/10/09 18:34:01 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativekernel32.dll

[2012/10/09 18:34:01 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativeKernelBase.dll

[2012/10/09 18:34:00 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativeconhost.exe

[2012/10/09 18:34:00 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativewinsrv.dll

[2012/10/09 18:33:57 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativewow64.dll

[2012/10/09 18:33:55 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:windowsSysWow64setup16.exe

[2012/10/09 18:33:53 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativentvdm64.dll

[2012/10/09 18:33:52 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativewow64win.dll

[2012/10/09 18:33:52 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:windowsSysWow64ntvdm64.dll

[2012/10/09 18:33:52 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativewow64cpu.dll

[2012/10/09 18:33:50 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:windowsSysWow64wow32.dll

[2012/10/09 18:33:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-sysinfo-l1-1-0.dll

[2012/10/09 18:33:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-processthreads-l1-1-0.dll

[2012/10/09 18:33:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-synch-l1-1-0.dll

[2012/10/09 18:33:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-misc-l1-1-0.dll

[2012/10/09 18:33:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-localregistry-l1-1-0.dll

[2012/10/09 18:33:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:windowsSysWow64instnm.exe

[2012/10/09 18:33:47 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-string-l1-1-0.dll

[2012/10/09 18:33:46 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-processthreads-l1-1-0.dll

[2012/10/09 18:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-rtlsupport-l1-1-0.dll

[2012/10/09 18:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-profile-l1-1-0.dll

[2012/10/09 18:33:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-profile-l1-1-0.dll

[2012/10/09 18:33:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-processenvironment-l1-1-0.dll

[2012/10/09 18:33:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-namedpipe-l1-1-0.dll

[2012/10/09 18:33:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-memory-l1-1-0.dll

[2012/10/09 18:33:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-memory-l1-1-0.dll

[2012/10/09 18:33:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-libraryloader-l1-1-0.dll

[2012/10/09 18:33:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-interlocked-l1-1-0.dll

[2012/10/09 18:33:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-io-l1-1-0.dll

[2012/10/09 18:33:42 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-file-l1-1-0.dll

[2012/10/09 18:33:42 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-heap-l1-1-0.dll

[2012/10/09 18:33:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-handle-l1-1-0.dll

[2012/10/09 18:33:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-fibers-l1-1-0.dll

[2012/10/09 18:33:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-errorhandling-l1-1-0.dll

[2012/10/09 18:33:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-delayload-l1-1-0.dll

[2012/10/09 18:33:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-delayload-l1-1-0.dll

[2012/10/09 18:33:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-debug-l1-1-0.dll

[2012/10/09 18:33:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-debug-l1-1-0.dll

[2012/10/09 18:33:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-datetime-l1-1-0.dll

[2012/10/09 18:33:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-datetime-l1-1-0.dll

[2012/10/09 18:33:37 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-threadpool-l1-1-0.dll

[2012/10/09 18:33:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-xstate-l1-1-0.dll

[2012/10/09 18:33:35 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-synch-l1-1-0.dll

[2012/10/09 18:33:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-namedpipe-l1-1-0.dll

[2012/10/09 18:33:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-localregistry-l1-1-0.dll

[2012/10/09 18:33:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-heap-l1-1-0.dll

[2012/10/09 18:33:26 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-file-l1-1-0.dll

[2012/10/09 18:33:23 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-security-base-l1-1-0.dll

[2012/10/09 18:33:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-xstate-l1-1-0.dll

[2012/10/09 18:33:22 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-threadpool-l1-1-0.dll

[2012/10/09 18:33:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-util-l1-1-0.dll

[2012/10/09 18:33:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-util-l1-1-0.dll

[2012/10/09 18:33:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-rtlsupport-l1-1-0.dll

[2012/10/09 18:33:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-processenvironment-l1-1-0.dll

[2012/10/09 18:33:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-misc-l1-1-0.dll

[2012/10/09 18:33:21 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-libraryloader-l1-1-0.dll

[2012/10/09 18:33:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-string-l1-1-0.dll

[2012/10/09 18:33:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-io-l1-1-0.dll

[2012/10/09 18:33:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-interlocked-l1-1-0.dll

[2012/10/09 18:33:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-handle-l1-1-0.dll

[2012/10/09 18:33:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-fibers-l1-1-0.dll

[2012/10/09 18:33:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-errorhandling-l1-1-0.dll

[2012/10/09 18:33:19 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-security-base-l1-1-0.dll

[2012/10/09 18:33:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-sysinfo-l1-1-0.dll

[2012/10/09 18:33:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-localization-l1-1-0.dll

[2012/10/09 18:33:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysWow64api-ms-win-core-console-l1-1-0.dll

[2012/10/09 18:33:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-localization-l1-1-0.dll

[2012/10/09 18:33:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:windowsSysNativeapi-ms-win-core-console-l1-1-0.dll

[2012/10/09 18:33:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:windowsSysWow64user.exe

[2012/10/09 18:32:23 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativewintrust.dll

[2012/10/09 18:30:39 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativecrypt32.dll

[2012/10/09 18:30:37 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativecryptnet.dll

[2012/10/04 18:30:51 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:windowsSysWow64gdiplus.dll

[2012/10/04 18:30:17 | 000,000,000 | ---D | C] -- C:UsersDrewAppDataRoamingMicrosoftWindowsStart MenuProgramsASIO4ALL v2

[2012/10/04 18:30:16 | 000,000,000 | ---D | C] -- C:Program Files (x86)ASIO4ALL v2

[2012/10/04 18:30:04 | 000,000,000 | ---D | C] -- C:UsersDrewDocumentsImage-Line

[2012/10/04 18:29:49 | 001,554,944 | ---- | C] (HMS http://hp.vector.co.jp/authors/VA012897/) -- C:windowsSysWow64vorbis.acm

[2012/10/04 18:29:49 | 000,000,000 | ---D | C] -- C:UsersDrewAppDataRoamingMicrosoftWindowsStart MenuProgramsImage-Line

[2012/10/04 18:29:45 | 000,000,000 | ---D | C] -- C:Program Files (x86)Outsim

[2012/10/04 18:25:05 | 000,000,000 | ---D | C] -- C:Program Files (x86)Image-Line

[2012/10/04 17:38:41 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsDigiTech

[2012/10/04 17:38:41 | 000,000,000 | ---D | C] -- C:Program FilesDigiTech

[2012/10/04 17:38:36 | 000,000,000 | -H-D | C] -- C:ProgramData{F11320B2-B532-46FC-8CCD-8CF363BC83C6}

[2012/10/04 17:38:26 | 000,000,000 | ---D | C] -- C:UsersDrewAppDataLocalPackageAware

[2012/09/29 16:25:47 | 000,000,000 | ---D | C] -- C:UsersDrewDownloadsDesktopRK_Quarantine

[2012/09/25 15:12:40 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativeOxpsConverter.exe

[2012/09/25 14:37:09 | 000,000,000 | ---D | C] -- C:Program Files (x86)Space International

[2012/09/24 03:01:04 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:windowsSysNativemshtmled.dll

[2012/09/24 03:01:04 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:windowsSysWow64mshtmled.dll

[2012/09/24 03:01:00 | 000,17

Link to comment
Share on other sites

New OTL continued:

 

========== Files - Modified Within 30 Days ==========

 

[2012/10/15 15:26:57 | 000,016,304 | -H-- | M] () -- C:windowsSysNative7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012/10/15 15:26:57 | 000,016,304 | -H-- | M] () -- C:windowsSysNative7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012/10/15 15:19:35 | 000,000,830 | ---- | M] () -- C:windowstasksAdobe Flash Player Updater.job

[2012/10/15 15:19:14 | 000,000,894 | ---- | M] () -- C:windowstasksGoogleUpdateTaskMachineCore.job

[2012/10/15 15:18:38 | 000,067,584 | --S- | M] () -- C:windowsbootstat.dat

[2012/10/15 15:18:12 | 3016,495,104 | -HS- | M] () -- C:hiberfil.sys

[2012/10/15 15:07:13 | 000,000,098 | ---- | M] () -- C:windowsSysNativedriversetcHosts

[2012/10/15 15:02:01 | 000,000,898 | ---- | M] () -- C:windowstasksGoogleUpdateTaskMachineUA.job

[2012/10/12 22:27:48 | 000,726,444 | ---- | M] () -- C:windowsSysNativePerfStringBackup.INI

[2012/10/12 22:27:48 | 000,624,412 | ---- | M] () -- C:windowsSysNativeperfh009.dat

[2012/10/12 22:27:48 | 000,106,756 | ---- | M] () -- C:windowsSysNativeperfc009.dat

[2012/10/10 22:43:38 | 507,661,051 | ---- | M] () -- C:windowsMEMORY.DMP

[2012/10/09 18:29:32 | 002,162,778 | ---- | M] () -- C:windowsSysNativedriversCat.DB

[2012/10/08 23:19:12 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:windowsSysWow64FlashPlayerApp.exe

[2012/10/08 23:19:12 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:windowsSysWow64FlashPlayerCPLApp.cpl

[2012/10/04 18:30:51 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:windowsSysWow64gdiplus.dll

[2012/10/04 18:30:17 | 000,001,155 | ---- | M] () -- C:UsersDrewDownloadsDesktopASIO4ALL v2 Instruction Manual.lnk

[2012/10/04 18:30:08 | 000,001,163 | ---- | M] () -- C:UsersDrewDownloadsDesktopFL Studio 10.lnk

[10 C:UsersDrewDownloadsDesktop*.tmp files -> C:UsersDrewDownloadsDesktop*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2012/10/04 18:30:17 | 000,001,155 | ---- | C] () -- C:UsersDrewDownloadsDesktopASIO4ALL v2 Instruction Manual.lnk

[2012/10/04 18:30:08 | 000,001,163 | ---- | C] () -- C:UsersDrewDownloadsDesktopFL Studio 10.lnk

[2012/09/19 14:05:34 | 507,661,051 | ---- | C] () -- C:windowsMEMORY.DMP

[2012/04/08 20:08:32 | 000,000,632 | RHS- | C] () -- C:UsersDrewntuser.pol

[2011/06/13 11:18:11 | 000,003,530 | -HS- | C] () -- C:ProgramData7jih1p7j5o648

[2011/06/13 11:18:10 | 000,010,464 | -HS- | C] () -- C:UsersDrewAppDataLocal7jih1p7j5o648

[2011/06/07 04:06:32 | 000,000,056 | -H-- | C] () -- C:ProgramDataezsidmv.dat

[2011/02/20 20:01:47 | 000,000,770 | ---- | C] () -- C:windowsBrpfx04a.ini

[2011/02/20 20:01:47 | 000,000,093 | ---- | C] () -- C:windowsbrpcfx.ini

[2011/02/20 20:01:22 | 000,000,419 | ---- | C] () -- C:windowsBRWMARK.INI

[2011/02/20 19:45:30 | 000,031,767 | ---- | C] () -- C:windowsmaxlink.ini

[2011/01/19 04:04:05 | 000,000,218 | ---- | C] () -- C:UsersDrew.recently-used.xbel

[2011/01/08 17:11:01 | 000,186,880 | ---- | C] () -- C:UsersDrewAppDataLocalDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

 

========== ZeroAccess Check ==========

 

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:windowsassemblyDesktop.ini

 

[HKEY_CURRENT_USERSoftwareClassesclsid{42aedc87-2188-41fd-b9a3-0c966feabec1}InProcServer32] /64

 

[HKEY_CURRENT_USERSoftwareClassesWow6432nodeclsid{42aedc87-2188-41fd-b9a3-0c966feabec1}InProcServer32]

 

[HKEY_CURRENT_USERSoftwareClassesclsid{fbeb8a05-beee-4442-804e-409d6c4515e9}InProcServer32] /64

 

[HKEY_CURRENT_USERSoftwareClassesWow6432nodeclsid{fbeb8a05-beee-4442-804e-409d6c4515e9}InProcServer32]

 

[HKEY_LOCAL_MACHINESoftwareClassesclsid{42aedc87-2188-41fd-b9a3-0c966feabec1}InProcServer32] /64

"" = C:WindowsSysNativeshell32.dll -- [2012/06/09 01:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINESoftwareWow6432NodeClassesclsid{42aedc87-2188-41fd-b9a3-0c966feabec1}InProcServer32]

"" = %SystemRoot%system32shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINESoftwareClassesclsid{5839FCA9-774D-42A1-ACDA-D6A79037F57F}InProcServer32] /64

"" = C:WindowsSysNativewbemfastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINESoftwareWow6432NodeClassesclsid{5839FCA9-774D-42A1-ACDA-D6A79037F57F}InProcServer32]

"" = %systemroot%system32wbemfastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINESoftwareClassesclsid{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}InProcServer32] /64

"" = C:WindowsSysNativewbemwbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINESoftwareWow6432NodeClassesclsid{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}InProcServer32]

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 206 bytes -> C:ProgramDataTEMP:DFC5A2B2

 

< End of report >

 

 

 

Result:

 

MiniToolBox by Farbar Version: 23-07-2012

Ran by Productive (ATTENTION: The logged in user is not administrator) on 15-10-2012 at 15:52:36

Windows 7 Home Premium Service Pack 1 (X64)

Boot Mode: Normal

***************************************************************************

 

========================= Flush DNS: ===================================

 

Windows IP Configuration

 

Successfully flushed the DNS Resolver Cache.

 

========================= IE Proxy Settings: ==============================

 

Proxy is not enabled.

No Proxy Server is set.

 

"Reset IE Proxy Settings": IE Proxy Settings were reset.

 

========================= FF Proxy Settings: ==============================

 

 

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

 

========================= Hosts content: =================================

::1 localhost

 

127.0.0.1 localhost

 

========================= IP Configuration: ================================

 

Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Connected)

Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)

Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)

 

 

# ----------------------------------

# IPv4 Configuration

# ----------------------------------

pushd interface ipv4

 

reset

 

 

popd

# End of IPv4 configuration

 

 

 

Windows IP Configuration

 

Host Name . . . . . . . . . . . . : Drew-PC

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : cfl.rr.com

 

Wireless LAN adapter Wireless Network Connection 2:

 

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter

Physical Address. . . . . . . . . : 1C-65-9D-3C-45-7C

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

 

Wireless LAN adapter Wireless Network Connection:

 

Connection-specific DNS Suffix . : cfl.rr.com

Description . . . . . . . . . . . : Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC

Physical Address. . . . . . . . . : 1C-65-9D-3C-45-7C

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Link-local IPv6 Address . . . . . : fe80::19f2:65de:1ce0:ed12%12(Preferred)

IPv4 Address. . . . . . . . . . . : 192.168.1.104(Preferred)

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Lease Obtained. . . . . . . . . . : Monday, October 15, 2012 3:18:46 PM

Lease Expires . . . . . . . . . . : Tuesday, October 16, 2012 3:18:50 PM

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DHCPv6 IAID . . . . . . . . . . . : 320628125

DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-19-85-F2-88-AE-1D-5A-20-32

DNS Servers . . . . . . . . . . . : 192.168.1.1

65.32.5.111

65.32.5.112

NetBIOS over Tcpip. . . . . . . . : Enabled

 

Ethernet adapter Local Area Connection:

 

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Realtek PCIe FE Family Controller

Physical Address. . . . . . . . . : 88-AE-1D-5A-20-32

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter isatap.hsd1.fl.comcast.net.:

 

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter Local Area Connection* 13:

 

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter isatap.{EB2E4F6A-052B-43C8-9692-91E6AF9CD0EF}:

 

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Server: UnKnown

Address: 192.168.1.1

 

Name: google.com

Addresses: 2607:f8b0:4008:803::1005

173.194.37.99

173.194.37.100

173.194.37.101

173.194.37.102

173.194.37.103

173.194.37.104

173.194.37.105

173.194.37.110

173.194.37.96

173.194.37.97

173.194.37.98

 

 

Pinging google.com [173.194.37.98] with 32 bytes of data:

Reply from 173.194.37.98: bytes=32 time=24ms TTL=51

Reply from 173.194.37.98: bytes=32 time=23ms TTL=51

 

Ping statistics for 173.194.37.98:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 23ms, Maximum = 24ms, Average = 23ms

Server: UnKnown

Address: 192.168.1.1

 

Name: yahoo.com

Addresses: 98.139.183.24

72.30.38.140

98.138.253.109

 

 

Pinging yahoo.com [98.138.253.109] with 32 bytes of data:

Reply from 98.138.253.109: bytes=32 time=95ms TTL=47

Reply from 98.138.253.109: bytes=32 time=165ms TTL=47

 

Ping statistics for 98.138.253.109:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 95ms, Maximum = 165ms, Average = 130ms

Server: UnKnown

Address: 192.168.1.1

 

Name: bleepingcomputer.com

Address: 208.43.87.2

 

 

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.

 

Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

 

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================

Interface List

14...1c 65 9d 3c 45 7c ......Microsoft Virtual WiFi Miniport Adapter

12...1c 65 9d 3c 45 7c ......Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC

10...88 ae 1d 5a 20 32 ......Realtek PCIe FE Family Controller

1...........................Software Loopback Interface 1

20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3

17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface

19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5

===========================================================================

 

IPv4 Route Table

===========================================================================

Active Routes:

Network Destination Netmask Gateway Interface Metric

0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.104 25

127.0.0.0 255.0.0.0 On-link 127.0.0.1 306

127.0.0.1 255.255.255.255 On-link 127.0.0.1 306

127.255.255.255 255.255.255.255 On-link 127.0.0.1 306

192.168.1.0 255.255.255.0 On-link 192.168.1.104 281

192.168.1.104 255.255.255.255 On-link 192.168.1.104 281

192.168.1.255 255.255.255.255 On-link 192.168.1.104 281

224.0.0.0 240.0.0.0 On-link 127.0.0.1 306

224.0.0.0 240.0.0.0 On-link 192.168.1.104 281

255.255.255.255 255.255.255.255 On-link 127.0.0.1 306

255.255.255.255 255.255.255.255 On-link 192.168.1.104 281

===========================================================================

Persistent Routes:

None

 

IPv6 Route Table

===========================================================================

Active Routes:

If Metric Network Destination Gateway

1 306 ::1/128 On-link

12 281 fe80::/64 On-link

12 281 fe80::19f2:65de:1ce0:ed12/128

On-link

1 306 ff00::/8 On-link

12 281 ff00::/8 On-link

===========================================================================

Persistent Routes:

None

 

========================= Event log errors: ================================

 

Could not start eventlog service, could not read events.

 

System error 5 has occurred.

 

Access is denied.

 

 

=========================== Installed Programs ============================

 

Update for Microsoft Office 2007 (KB2508958)

µTorrent (Version: 2.2.0)

Adobe Flash Player 10 ActiveX (Version: 10.0.45.2)

Adobe Flash Player 11 Plugin (Version: 11.4.402.287)

Adobe Reader 9.3 (Version: 9.3.0)

Amazon Kindle

Anki

Apple Application Support (Version: 2.1.7)

Apple Mobile Device Support (Version: 5.1.1.4)

Apple Software Update (Version: 2.1.3.127)

ASIO4ALL (Version: 2.10)

ATI Catalyst Install Manager (Version: 3.0.769.0)

Bejeweled 2 Deluxe (Version: 2.2.0.82)

Bonjour (Version: 3.0.0.10)

calibre (Version: 0.8.68)

Catalyst Control Center - Branding (Version: 1.00.0000)

Catalyst Control Center Core Implementation (Version: 2010.0426.2136.36953)

Catalyst Control Center Graphics Full Existing (Version: 2010.0426.2136.36953)

Catalyst Control Center Graphics Full New (Version: 2010.0426.2136.36953)

Catalyst Control Center Graphics Light (Version: 2010.0426.2136.36953)

Catalyst Control Center Graphics Previews Common (Version: 2010.0426.2136.36953)

Catalyst Control Center Graphics Previews Vista (Version: 2010.0426.2136.36953)

Catalyst Control Center InstallProxy (Version: 2010.0426.2136.36953)

Catalyst Control Center Localization All (Version: 2010.0426.2136.36953)

ccc-core-static (Version: 2010.0426.2136.36953)

ccc-utility64 (Version: 2010.0426.2136.36953)

CCC Help Chinese Standard (Version: 2010.0426.2135.36953)

CCC Help Chinese Traditional (Version: 2010.0426.2135.36953)

CCC Help Czech (Version: 2010.0426.2135.36953)

CCC Help Danish (Version: 2010.0426.2135.36953)

CCC Help Dutch (Version: 2010.0426.2135.36953)

CCC Help English (Version: 2010.0426.2135.36953)

CCC Help Finnish (Version: 2010.0426.2135.36953)

CCC Help French (Version: 2010.0426.2135.36953)

CCC Help German (Version: 2010.0426.2135.36953)

CCC Help Greek (Version: 2010.0426.2135.36953)

CCC Help Hungarian (Version: 2010.0426.2135.36953)

CCC Help Italian (Version: 2010.0426.2135.36953)

CCC Help Japanese (Version: 2010.0426.2135.36953)

CCC Help Korean (Version: 2010.0426.2135.36953)

CCC Help Norwegian (Version: 2010.0426.2135.36953)

CCC Help Polish (Version: 2010.0426.2135.36953)

CCC Help Portuguese (Version: 2010.0426.2135.36953)

CCC Help Russian (Version: 2010.0426.2135.36953)

CCC Help Spanish (Version: 2010.0426.2135.36953)

CCC Help Swedish (Version: 2010.0426.2135.36953)

CCC Help Thai (Version: 2010.0426.2135.36953)

CCC Help Turkish (Version: 2010.0426.2135.36953)

Chuzzle Deluxe (Version: 2.2.0.82)

Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)

DigiTech GNX4 Drivers (Version: 2.1.0)

Dropbox (Version: 1.4.12)

EasyKeytec (Å°º¸µå º¸¾È ÇÁ·Î±×·¥)

Escape Rosecliff Island (Version: 2.2.0.82)

EZdrummer (Version: 1.0)

EZXDfh (Version: 1.0)

FATE - The Traitor Soul (Version: 2.2.0.82)

FL Studio 10

Google Update Helper (Version: 1.3.21.123)

Guitar Pro 5.2

IL Download Manager

Internet Download Manager

iTunes (Version: 10.6.1.7)

Java Auto Updater (Version: 2.1.6.0)

Java 6 Update 26 (Version: 6.0.260)

Java 7 Update 5 (Version: 7.0.50)

JavaFX 2.1.1 (Version: 2.1.1)

Jewel Quest 3 (Version: 2.2.0.82)

JMicron Flash Media Controller Driver (Version: 1.0.44.1)

Junk Mail filter update (Version: 14.0.8089.726)

Label@Once 1.0 (Version: 1.0)

Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)

ManyCam 2.6.60 (remove only) (Version: 2.6.60)

McAfee Internet Security (Version: 11.0.678)

McAfee Online Backup (Version: 1.16.6.1)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft Application Error Reporting (Version: 12.0.6015.5000)

Microsoft Choice Guard (Version: 2.0.48.0)

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)

Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)

Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)

Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)

Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)

Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)

Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Office Suite Activation Assistant (Version: 2.9)

Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)

Microsoft Silverlight (Version: 4.1.10329.0)

Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Works (Version: 9.7.0621)

Mobipocket Creator 4.2 (Version: 4.2.41)

Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)

Mozilla Maintenance Service (Version: 14.0.1)

MSVCRT (Version: 14.0.1468.721)

MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)

MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)

Native Instruments Guitar Rig 3 (Version: 3.2.1.004)

Native Instruments Service Center

Native Instruments Service Center (Version: 2.0.6.001)

Penguins! (Version: 2.2.0.82)

PlayReady PC Runtime amd64 (Version: 1.3.0)

Polar Bowler (Version: 2.2.0.82)

Pro Tracks Plus 2.2

Quickbooks Financial Center (Version: 2.02)

QuickTime (Version: 7.69.80.9)

Realtek Ethernet Controller Driver For Windows 7 (Version: 7.17.304.2010)

Realtek HDMI Audio Driver for ATI (Version: 6.0.1.6121)

Realtek High Definition Audio Driver (Version: 6.0.1.6121)

Realtek WLAN Driver (Version: 2.00.0013)

ScanSoft PaperPort 11 (Version: 11.2.0000)

Skype Click to Call (Version: 6.2.10687)

Skype Launcher (Version: 2.01)

Skype™ 5.10 (Version: 5.10.116)

SONAR 8.0 Producer Edition (Version: 17.0)

SONAR 8.5 Producer x64 (Version: 18.0)

Spyware Doctor 8.0 (Version: 8.0)

SUPERAntiSpyware (Version: 4.39.1002)

Synaptics Pointing Device Driver (Version: 15.0.8.1)

Tassman DXi SE 2.0

TOSHIBA Application Installer (Version: 9.0.1.1)

TOSHIBA Assist (Version: 3.00.11)

TOSHIBA Bulletin Board (Version: 1.6.08.64)

TOSHIBA Disc Creator (Version: 2.1.0.2 for x64)

TOSHIBA DVD PLAYER (Version: 3.01.2.08-A)

TOSHIBA eco Utility (Version: 1.2.11.64)

TOSHIBA Face Recognition (Version: 3.1.3.64)

TOSHIBA Flash Cards Support Utility (Version: 1.63.0.6C)

TOSHIBA Hardware Setup (Version: 1.63.0.26C)

TOSHIBA HDD Protection (Version: 2.2.0.4)

TOSHIBA HDD/SSD Alert (Version: 3.1.64.6)

TOSHIBA Media Controller (Version: 1.0.80.7.64)

TOSHIBA Media Controller Plug-in (Version: 1.0.5.10)

Toshiba Online Backup (Version: 1.2.0.38)

TOSHIBA PC Health Monitor (Version: 1.6.1.64)

TOSHIBA Quality Application (Version: 1.0.3)

TOSHIBA Recovery Media Creator (Version: 2.1.0.4 for x64)

TOSHIBA ReelTime (Version: 1.6.06.64)

TOSHIBA Service Station (Version: 2.1.40)

TOSHIBA Sleep Utility (Version: 1.4.1.2)

TOSHIBA Supervisor Password (Version: 1.63.0.9C)

TOSHIBA Value Added Package (Version: 1.3.11.64)

TOSHIBA Web Camera Application (Version: 1.1.1.15)

ToshibaRegistration (Version: 1.0.4)

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Utility Common Driver (Version: 1.0.52.1C)

Virtual Families (Version: 2.2.0.82)

Virtual Villagers - The Secret City (Version: 2.2.0.82)

VLC media player 2.0.2 (Version: 2.0.2)

VLC Setup Helper

VLC Streamer 1.28

WildTangent Games (Version: 1.0.0.80)

WildTangent ORB Game Console

Window Washer

Windows Live Call (Version: 14.0.8064.0206)

Windows Live Communications Platform (Version: 14.0.8064.206)

Windows Live Essentials (Version: 14.0.8089.0726)

Windows Live Essentials (Version: 14.0.8089.726)

Windows Live Mail (Version: 14.0.8089.0726)

Windows Live Messenger (Version: 14.0.8089.0726)

Windows Live Movie Maker (Version: 14.0.8091.0730)

Windows Live Photo Gallery (Version: 14.0.8081.709)

Windows Live Sign-in Assistant (Version: 5.000.818.5)

Windows Live Sync (Version: 14.0.8089.726)

Windows Live Upload Tool (Version: 14.0.8014.1029)

Windows Live Writer (Version: 14.0.8089.0726)

Windows Media Player Firefox Plugin (Version: 1.0.0.8)

WinRAR 4.01 (32-bit) (Version: 4.01.0)

WinZip 15.0 (Version: 15.0.9302)

Zuma's Revenge (Version: 2.2.0.82)

 

========================= Memory info: ===================================

 

Percentage of memory in use: 40%

Total physical RAM: 3835.67 MB

Available physical RAM: 2300.52 MB

Total Pagefile: 7669.54 MB

Available Pagefile: 5616.54 MB

Total Virtual: 4095.88 MB

Available Virtual: 3966.82 MB

 

========================= Partitions: =====================================

 

1 Drive c: (TI105859W0G) (Fixed) (Total:454.19 GB) (Free:69.6 GB) NTFS

2 Drive d: (XEdit) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS

4 Drive f: (HP SimpleSave) (Fixed) (Total:1862.36 GB) (Free:46.92 GB) NTFS

 

========================= Users: ========================================

 

User accounts for DREW-PC

 

Administrator Drew Guest

Productive

 

========================= Minidump Files ==================================

 

No minidump file found

 

 

**** End of log ****

Link to comment
Share on other sites

That's looking better.

 

Download and run AdwCleaner

 

Download AdwCleaner from here and save it to your desktop.

  • run AdwCleaner and select Delete
  • when it has finished it will ask to reboot - allow the reboot
  • on reboot a log will be produced; please attach the content of the log to your next reply
Can you tell me how your computer is running now.

 

Thanks

 

Satchfan

Link to comment
Share on other sites

Here's the ADW log. I haven't had any problems for about a week so I think I might be good, thanks so much for the help!!

 

# AdwCleaner v2.005 - Logfile created 10/20/2012 at 11:03:46

# Updated 14/10/2012 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Drew - DREW-PC

# Boot Mode : Normal

# Running from : C:UsersProductiveDesktopadwcleaner(1).exe

# Option [search]

 

 

***** [services] *****

 

 

***** [Files / Folders] *****

 

Folder Found : C:UsersProductiveAppDataLocalTempboost_interprocess

 

***** [Registry] *****

 

 

***** [internet Browsers] *****

 

- Internet Explorer v9.0.8112.16421

 

[OK] Registry is clean.

 

- Mozilla Firefox v14.0.1 (en-US)

 

Profile name : default

File : C:UsersDrewAppDataRoamingMozillaFirefoxProfilesiwy8h5nf.defaultprefs.js

 

[OK] File is clean.

 

Profile name : default

File : C:UsersProductiveAppDataRoamingMozillaFirefoxProfilesr21o09e1.defaultprefs.js

 

[OK] File is clean.

 

*************************

 

AdwCleaner[R4].txt - [2185 octets] - [20/10/2012 10:49:27]

AdwCleaner[R5].txt - [978 octets] - [20/10/2012 11:03:46]

AdwCleaner[s1].txt - [2277 octets] - [20/10/2012 10:49:52]

AdwCleaner[R1].txt - [2555 octets] - [27/09/2012 14:37:10]

AdwCleaner[R2].txt - [2615 octets] - [27/09/2012 14:39:33]

AdwCleaner[R3].txt - [2125 octets] - [18/10/2012 21:38:22]

 

########## EOF - AdwCleaner[R5].txt - [1277 octets] ##########

Link to comment
Share on other sites

Sorry for the delay but I didn't receive notification of your reply.

 

Good news that you have had no problems; your computer appears to be clean.

 

Now that you’re free from malware, as long as your computer seems to be running well, please follow these simple steps to tidy up you computer and decrease the likelihood of getting infected again:

 

Uninstall OTL

  • double-click OTL.exe
  • click the CleanUp! button.
  • select Yes when the Begin cleanup Process? prompt appears.
  • if you are prompted to reboot during the cleanup, select Yes.
  • the tool will delete itself once it finishes, if not delete it by yourself.
NOTE: If you receive a warning from your firewall or other security programs regarding OTL attempting to contact the internet, please allow it to do so.

 

===================================================

 

Uninstall AdwCleaner

 

 

 

 

Posted Image

 

===================================================

 

Recommended programs

 

MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer, meaning it will be difficult to infect yourself in the future.

 

===================================================

 

Update and run Malwarebytes. This really is an excellent program that you should update and run on a regular basis, probably weekly.

 

===================================================

 

It’s important to keep programs up to date so that malware doesn't exploit any old security flaws.

 

FileHippo Update Checker is an extremely helpful program that will tell you which of your programs need to be updated.

 

===================================================

 

I also recommend that you read the following:

 

How to prevent malware by miekiemoes

 

Safe computing

 

Satchfan

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

×
×
  • Create New...