mememy
-
Posts
34 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by mememy
-
Need help removing "Trojan.agent" virus
mememy replied to mememy's topic in Resolved Malware Removal Logs
Good morning. I'm trying to run the combofix again but it seems to get to the point where it says it's preparing the log report and then stops. It's been 15 minutes at the same point now. Is that normal? -
Need help removing "Trojan.agent" virus
mememy replied to mememy's topic in Resolved Malware Removal Logs
I'm going to turn my anti-virus back on and head to bed. Will try again tomorrow. Thanks for the help tonight. -
Need help removing "Trojan.agent" virus
mememy replied to mememy's topic in Resolved Malware Removal Logs
Sorry this has taken so long but not having much luck with the combofix. It keeps crashing in the middle of the scan or twice now it's gone through and restarted but won't generate a report and I don't know where to look for it. Computer still seems to be running kinda "jerky" -
Need help removing "Trojan.agent" virus
mememy replied to mememy's topic in Resolved Malware Removal Logs
That went ok. here's the report from roguekiller RogueKiller V8.5.2 [Feb 23 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Marie [Admin rights] Mode : Remove -- Date : 03/02/2013 20:47:48 | ARK || FAK || MBR | ¤¤¤ Bad processes : 1 ¤¤¤ [sVCHOST] svchost.exe -- C:\Windows\\svchost.exe [x] -> KILLED [TermProc] ¤¤¤ Registry Entries : 3 ¤¤¤ [TASK][sUSP PATH] Updater21804.exe : C:\Users\Marie\AppData\Local\Updater21804\Updater21804.exe /extensionid=21804 /extensionname="Coupon Companion Plugin" /chromeid=jneaojaoiajhnemidnjhoempalnidbhj [-] -> DELETED [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0) [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: TOSHIBA MK5055GSX ATA Device +++++ --- User --- [MBR] be2e630248731b778a97b8c689349444 [bSP] d234618778308d02095e6e17be3e00e8 : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 12291 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 25173855 | Size: 101 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 25382700 | Size: 464545 Mo User = LL1 ... OK! User != LL2 ... KO! --- LL2 --- [MBR] 4c4223b7457bb66ce20cc90da24671c0 [bSP] d234618778308d02095e6e17be3e00e8 : Windows 7/8 MBR Code Partition table: 1 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 12291 Mo 2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 25173855 | Size: 101 Mo 3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 25382700 | Size: 464545 Mo Finished : << RKreport[2]_D_03022013_02d2047.txt >> RKreport[1]_S_03022013_02d2046.txt ; RKreport[2]_D_03022013_02d2047.txt -
Need help removing "Trojan.agent" virus
mememy replied to mememy's topic in Resolved Malware Removal Logs
After I used the adwcleaner and it rebooted my computer crashed and said something about a "physical dump". I restarted it and did the adwcleaner again and this time it was ok. here's that log # AdwCleaner v2.113 - Logfile created 03/02/2013 at 20:35:41 # Updated 23/02/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Marie - MARIE-PC # Boot Mode : Safe mode with networking # Running from : C:\Users\Marie\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Deleted on reboot : C:\Users\Marie\AppData\Local\Temp\Zynga Folder Deleted : C:\Users\Marie\AppData\Roaming\Mozilla\Firefox\Profiles\3xbjv78h.default\jetpack ***** [Registry] ***** ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16464 [OK] Registry is clean. -\\ Mozilla Firefox v19.0 (en-US) File : C:\Users\Marie\AppData\Roaming\Mozilla\Firefox\Profiles\3xbjv78h.default\prefs.js Deleted : user_pref("extensions.crossriderapp21804.21804.InstallationTime", 1362274478); Deleted : user_pref("extensions.crossriderapp21804.21804.active", true); Deleted : user_pref("extensions.crossriderapp21804.21804.addressbar", ""); Deleted : user_pref("extensions.crossriderapp21804.21804.addressbarenhanced", ""); Deleted : user_pref("extensions.crossriderapp21804.21804.backgroundjs", "\n\n//\n"); Deleted : user_pref("extensions.crossriderapp21804.21804.backgroundver", 32); Deleted : user_pref("extensions.crossriderapp21804.21804.can_run_bg_code", true); Deleted : user_pref("extensions.crossriderapp21804.21804.certdomaininstaller", ""); Deleted : user_pref("extensions.crossriderapp21804.21804.changeprevious", false); Deleted : user_pref("extensions.crossriderapp21804.21804.cookie.InstallationTime.expiration", "Fri Feb 01 2030[...] Deleted : user_pref("extensions.crossriderapp21804.21804.cookie.InstallationTime.value", "1362274478"); Deleted : user_pref("extensions.crossriderapp21804.21804.description", "Coupon Companion"); Deleted : user_pref("extensions.crossriderapp21804.21804.domain", ""); Deleted : user_pref("extensions.crossriderapp21804.21804.enablesearch", false); Deleted : user_pref("extensions.crossriderapp21804.21804.fbremoteurl", ""); Deleted : user_pref("extensions.crossriderapp21804.21804.group", 0); Deleted : user_pref("extensions.crossriderapp21804.21804.homepage", ""); Deleted : user_pref("extensions.crossriderapp21804.21804.iframe", false); Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_appVer.expiration", "Fri Feb 01 [...] Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_appVer.value", "46"); Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_lastVersion.expiration", "Fri Fe[...] Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_lastVersion.value", "1"); Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_meta.expiration", "Fri Feb 01 20[...] Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_meta.value", "%7B%7D"); Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_nextCheck.expiration", "Sun Mar [...] Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_nextCheck.value", "true"); Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_queue.expiration", "Fri Feb 01 2[...] Deleted : user_pref("extensions.crossriderapp21804.21804.internaldb.Resources_queue.value", "%7B%7D"); Deleted : user_pref("extensions.crossriderapp21804.21804.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _[...] Deleted : user_pref("extensions.crossriderapp21804.21804.manifesturl", ""); Deleted : user_pref("extensions.crossriderapp21804.21804.name", "Coupon Companion Plugin"); Deleted : user_pref("extensions.crossriderapp21804.21804.newtab", ""); Deleted : user_pref("extensions.crossriderapp21804.21804.opensearch", ""); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1.code", "appAPI._cr_config={appID:fun[...] Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1.name", "base"); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1.ver", 4); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1000014.code", "Array.prototype.indexO[...] Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1000014.name", "GPL Plugin (Loader)"); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1000014.ver", 15); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1000015.code", "var a=appAPI.db.getLis[...] Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1000015.name", "GPL Background (BG)"); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_1000015.ver", 34); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_13.code", "(function(a){a.selectedText[...] Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_13.name", "CrossriderAppUtils"); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_13.ver", 2); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_14.code", "if(typeof(appAPI)===\"undef[...] Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_14.name", "CrossriderUtils"); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_14.ver", 2); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_16.code", "if((typeof isBackground===\[...] Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_16.name", "FFAppAPIWrapper"); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_16.ver", 5); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_17.code", "if(typeof window!==\"undefi[...] Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_17.name", "jQuery"); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_17.ver", 3); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_21.code", "var CrossriderDebugManager=[...] Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_21.name", "debug"); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_21.ver", 3); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_22.code", "(function(a){appAPI.queueMa[...] Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_22.name", "resources"); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_22.ver", 2); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_28.code", "var CrossriderInitializerPl[...] Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_28.name", "initializer"); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_28.ver", 2); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_4.code", "var jQuery = $jquery_171 = $[...] Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_4.name", "jquery_1_7_1"); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_4.ver", 3); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_47.code", "(function(){appAPI.ready=fu[...] Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_47.name", "resources_background"); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_47.ver", 1); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_64.code", "(function(){var h=\"__CR_EM[...] Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_64.name", "appApiMessage"); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_64.ver", 1); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_72.code", "if(appAPI.__should_activate[...] Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_72.name", "appApiValidation"); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_72.ver", 1); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_78.code", "if(typeof jQuery!==\"undefi[...] Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_78.name", "CrossriderInfo"); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins.plugin_78.ver", 2); Deleted : user_pref("extensions.crossriderapp21804.21804.plugins_lists.plugins_0", "4,14,78,16,64,47,72,100001[...] Deleted : user_pref("extensions.crossriderapp21804.21804.plugins_lists.plugins_1", "17,14,78,13,16,64,4,1,21,2[...] Deleted : user_pref("extensions.crossriderapp21804.21804.plugins_lists.plugins_5", "4,14,78,13,16,64,47,72"); Deleted : user_pref("extensions.crossriderapp21804.21804.pluginsurl", "hxxp://app-static.crossrider.com/plugin[...] Deleted : user_pref("extensions.crossriderapp21804.21804.pluginsversion", 43); Deleted : user_pref("extensions.crossriderapp21804.21804.publisher", "215 Apps"); Deleted : user_pref("extensions.crossriderapp21804.21804.searchstatus", 0); Deleted : user_pref("extensions.crossriderapp21804.21804.setnewtab", false); Deleted : user_pref("extensions.crossriderapp21804.21804.settingsurl", ""); Deleted : user_pref("extensions.crossriderapp21804.21804.thankyou", ""); Deleted : user_pref("extensions.crossriderapp21804.21804.updateinterval", 360); Deleted : user_pref("extensions.crossriderapp21804.21804.ver", 46); Deleted : user_pref("extensions.crossriderapp21804.apps", "21804"); Deleted : user_pref("extensions.crossriderapp21804.bic", "13d00265f70e7ba2e83a3f4e6f109776"); Deleted : user_pref("extensions.crossriderapp21804.cid", 21804); Deleted : user_pref("extensions.crossriderapp21804.firstrun", false); Deleted : user_pref("extensions.crossriderapp21804.hadappinstalled", true); Deleted : user_pref("extensions.crossriderapp21804.installationdate", 1362274478); Deleted : user_pref("extensions.crossriderapp21804.lastcheck", 22704575); Deleted : user_pref("extensions.crossriderapp21804.lastcheckitem", 22704575); Deleted : user_pref("extensions.crossriderapp21804.modetype", "production"); Deleted : user_pref("extensions.crossriderapp21804.reportInstall", true); Deleted : user_pref("extensions.sahtb.searchEngineNameSAH", "Web Search"); Deleted : user_pref("extensions.sahtb.url.merchants.data", "<?xml version=\"1.0\" ?><MerchantSettings><v n=\"3[...] Deleted : user_pref("extensions.sahtb.url.prefs.data", "<ToolbarPrefs>\r\n <XMLVersion Number=\"{bdd09e8b-8dee[...] -\\ Google Chrome v [unable to get version] File : C:\Users\Marie\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[s1].txt - [41726 octets] - [02/03/2013 20:21:53] AdwCleaner[s2].txt - [10821 octets] - [02/03/2013 20:35:41] ########## EOF - C:\AdwCleaner[s2].txt - [10882 octets] ########## working on roguekiller -
Need help removing "Trojan.agent" virus
mememy replied to mememy's topic in Resolved Malware Removal Logs
Ok I just did that. Thanks -
Need help removing "Trojan.agent" virus
mememy replied to mememy's topic in Resolved Malware Removal Logs
Also wanted to ask you about backing up things. I don't know how to do it and more importantly I"m not sure what things need to be backed up. I know I can copy some of my things like pictures but what about system files and such. Do they need to be done as well? -
Need help removing "Trojan.agent" virus
mememy replied to mememy's topic in Resolved Malware Removal Logs
got everything downloaded just fine. Here's what I have. Thanks so much! Results of screen317's Security Check version 0.99.60 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Microsoft Security Essentials Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Spybot - Search & Destroy Malwarebytes Anti-Malware version 1.70.0.1100 Java 6 Update 24 Java version out of Date! Adobe Flash Player 11.6.602.171 Adobe Reader XI Mozilla Firefox (19.0) ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log`````````````````````` DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16464 Run by Marie at 13:01:39 on 2013-03-02 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4026.1964 [GMT -5:00] . AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe C:\Windows\system32\svchost.exe -k HsfXAudioService C:\Windows\system32\lxctcoms.exe C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files (x86)\Lexmark 5400 Series\lxctmon.exe C:\Program Files (x86)\Lexmark 5400 Series\ezprint.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Upromise\dca-ua.exe C:\Program Files (x86)\Upromise\UpromiseTray.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE C:\Windows\system32\igfxsrvc.exe C:\Program Files\D-Link\SharePort Utility\Connect.exe C:\Windows\system32\igfxext.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe C:\Program Files (x86)\Video Web Camera\traybar.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files (x86)\Kodak\MediaImpression\ArcMonitor.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\QuickTime\QTTask.exe C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe C:\Windows\system32\taskhost.exe \\.\globalroot\systemroot\svchost.exe -netsvcs C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.freegamepick.com/start-search.html uSearch Bar = Preserve mStart Page = hxxp://search.coupons.com/ mDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv78&r=273602104525l0314z155a4812v26q BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned> BHO: Coupon Companion Plugin: {11111111-1111-1111-1111-110211181104} - C:\Program Files (x86)\Coupon Companion Plugin\Coupon Companion Plugin.dll BHO: IEPlugin Class: {11222041-111B-46E3-BD29-EFB2449479B1} - C:\Program Files (x86)\ArcSoft\Video Downloader\ArcURLRecord.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll BHO: KarmaWellBrowserExtensionBHO: {833ee35c-91e5-4db8-a23b-2311c0396e79} - C:\Program Files (x86)\KarmaWell Browser Extension\1.0.15\Kango.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: ToolbarBHO Class: {9519AF7E-638D-4933-BAD6-D33D23C79FE5} - C:\Program Files (x86)\ArcSoft\RAW Thumbnail Viewer\EXIFToolBar.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: {e86e69ac-a2ce-415a-967e-70ded47d72e2} - <orphaned> BHO: Upromise TurboSaver: {EDC0F17F-F4B7-47e4-B73E-887FAEB376FA} - C:\Program Files (x86)\Upromise\upromisetoolbar.dll BHO: TBSB07898 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - TB: Upromise TurboSaver: {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files (x86)\Upromise\upromisetoolbar.dll TB: KarmaWell Browser Extension: {714165D9-3155-411E-BC86-93D7E97132FC} - C:\Program Files (x86)\KarmaWell Browser Extension\1.0.15\Kango.dll TB: Coupons.com CouponBar: {8660E5B3-6C41-44DE-8503-98D99BBECD41} - TB: RAW Thumbnail Viewer: {F301665A-12F8-4331-804A-5BCBD379668C} - C:\Program Files (x86)\ArcSoft\RAW Thumbnail Viewer\EXIFToolBar.dll TB: Upromise TurboSaver: {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files (x86)\Upromise\upromisetoolbar.dll TB: KarmaWell Browser Extension: {714165d9-3155-411e-bc86-93d7e97132fc} - C:\Program Files (x86)\KarmaWell Browser Extension\1.0.15\Kango.dll TB: Coupons.com CouponBar: {8660E5B3-6C41-44DE-8503-98D99BBECD41} - uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [setupWizard] D:\SetupWizard.exe reboot uRun: [upromise Update] C:\Program Files (x86)\Upromise\dca-ua.exe uRun: [upromise Tray] C:\Program Files (x86)\Upromise\UpromiseTray.exe uRun: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe mRun: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k mRun: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" mRun: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe" mRun: [Camera Assistant Software] "C:\Program Files (x86)\Video Web Camera\traybar.exe" mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" mRun: [Lexmark 5400 Series] "C:\Program Files (x86)\Lexmark 5400 Series\fm3032.exe" /s mRun: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe" mRun: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe mRun: [ArcSoft MediaImpression Monitor] C:\Program Files (x86)\Kodak\MediaImpression\ArcMonitor.exe mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE StartupFolder: C:\Users\Marie\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE StartupFolder: C:\Users\Marie\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SHAREP~1.LNK - C:\Program Files\D-Link\SharePort Utility\Connect.exe mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {06E58E5E-F8CB-4049-991E-A41C03BD419E} - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - C:\Program Files (x86)\Upromise\upromisetoolbar.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll Trusted Zone: phoenix.edu Trusted Zone: sharebuilder.com DPF: {106E49CF-797A-11D2-81A2-00E02C015623} - hxxp://www.alternatiff.com/install-ie/alttiff.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: NameServer = 192.168.0.1 TCP: Interfaces\{00BC4D36-12D6-4016-8BC0-DB5C01069066} : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{00BC4D36-12D6-4016-8BC0-DB5C01069066}\46C696E6B6 : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{00BC4D36-12D6-4016-8BC0-DB5C01069066}\74C435D245F677E6F66666963656 : DHCPNameServer = 64.223.220.2 209.97.223.176 TCP: Interfaces\{00BC4D36-12D6-4016-8BC0-DB5C01069066}\86F6D656023797374756D6028313 : DHCPNameServer = 192.168.1.1 209.18.47.61 209.18.47.62 TCP: Interfaces\{00BC4D36-12D6-4016-8BC0-DB5C01069066}\C696E6B6379737 : DHCPNameServer = 192.168.1.1 209.18.47.61 209.18.47.62 Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> x64-mDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv78&r=273602104525l0314z155a4812v26q x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: GoodShopToolbar: {e86e69ac-a2ce-415a-967e-70ded47d72e2} - x64-TB: GoodSearchBar: {10834e9a-d475-4a24-ad01-f3f24f71b28e} - x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe x64-Run: [Acer ePower Management] C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [lxctmon.exe] "C:\Program Files (x86)\Lexmark 5400 Series\lxctmon.exe" x64-Run: [EzPrint] "C:\Program Files (x86)\Lexmark 5400 Series\ezprint.exe" x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\822\G2AWinLogon_x64.dll x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Marie\AppData\Roaming\Mozilla\Firefox\Profiles\3xbjv78h.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3272718&SearchSource=3&q={searchTerms}&CUI=UN33391885101244430 FF - prefs.js: browser.startup.homepage - hxxp://www.freegamepick.com/start-search.html FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Marie\AppData\Roaming\Mozilla\Firefox\Profiles\3xbjv78h.default\extensions\2020Player_WEB@2020Technologies.com\plugins\NP_2020Player_WEB.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll FF - ExtSQL: 2013-02-21 23:24; extension21804@extension21804.com; C:\Users\Marie\AppData\Roaming\Mozilla\Firefox\Profiles\3xbjv78h.default\extensions\extension21804@extension21804.com FF - ExtSQL: 2013-03-01 20:05; toolbar@shopathome.com; C:\Users\Marie\AppData\Roaming\Mozilla\Firefox\Profiles\3xbjv78h.default\extensions\toolbar@shopathome.com . ---- FIREFOX POLICIES ---- FF - user.js: yahoo.ytff.general.dontshowhpoffer - true ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320] R1 MpKsl3818f893;MpKsl3818f893;C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0C8A9DFA-7A00-4CEF-AAA1-9CDBDEDB2E08}\MpKsl3818f893.sys [2013-3-2 35664] R2 ePowerSvc;Acer ePower Service;C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe [2009-8-28 844320] R2 Greg_Service;GRegService;C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe [2009-6-4 1150496] R2 HsfXAudioService;HsfXAudioService;C:\Windows\System32\svchost.exe -k HsfXAudioService [2009-7-13 27136] R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2009-8-20 62720] R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-1-26 1153368] R2 sxuptp;SXUPTP Driver;C:\Windows\System32\drivers\sxuptp.sys [2011-7-20 290824] R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2009-8-28 240160] R3 CAXHWAZL;CAXHWAZL;C:\Windows\System32\drivers\CAXHWAZL.sys [2009-8-28 292864] R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2009-8-28 138752] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-8-28 317480] R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-1-13 7675392] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw5v64.sys [2009-8-28 5435904] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 130008] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2009-8-28 222208] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864] S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-7-1 59392] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-3-6 1255736] . =============== Created Last 30 ================ . 2013-03-02 16:37:20 20480 ----a-w- C:\Windows\svchost.exe 2013-03-02 16:36:48 76232 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0C8A9DFA-7A00-4CEF-AAA1-9CDBDEDB2E08}\offreg.dll 2013-03-02 16:36:30 35664 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0C8A9DFA-7A00-4CEF-AAA1-9CDBDEDB2E08}\MpKsl3818f893.sys 2013-03-02 15:21:44 9162192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0C8A9DFA-7A00-4CEF-AAA1-9CDBDEDB2E08}\mpengine.dll 2013-03-02 07:41:14 -------- d-----w- C:\Users\Marie\AppData\Local\{B209CC3D-4777-491D-ABC3-6F6A099E9CC6} 2013-03-01 21:15:02 189440 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\EC74.tmp 2013-03-01 21:15:02 189440 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\EC34.tmp.dat 2013-03-01 19:40:36 -------- d-----w- C:\Users\Marie\AppData\Local\{CE794D4B-28B5-4039-92EE-E8A753338001} 2013-02-28 22:04:00 9162192 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-02-28 08:20:48 -------- d-----w- C:\Users\Marie\AppData\Local\{6B15C7C1-BA8F-4D96-86FB-09ABDE7EE5D0} 2013-02-27 20:20:14 -------- d-----w- C:\Users\Marie\AppData\Local\{FD994626-82C9-4102-B247-1C143EB68415} 2013-02-27 08:02:21 2776576 ----a-w- C:\Windows\System32\msmpeg2vdec.dll 2013-02-27 08:02:21 2284544 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll 2013-02-27 08:02:21 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll 2013-02-27 08:02:20 221184 ----a-w- C:\Windows\System32\UIAnimation.dll 2013-02-27 08:02:00 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll 2013-02-25 20:00:33 -------- d-----w- C:\Users\Marie\AppData\Local\{8E290E67-E44D-4969-AEA6-4329F38AA4B3} 2013-02-23 00:37:25 -------- d-----w- C:\Users\Marie\AppData\Local\{79B8E7FB-A0C7-4197-B454-063E1B7CA4AA} 2013-02-22 04:25:32 -------- d-----w- C:\Program Files (x86)\FreeGamePick.com 2013-02-22 04:25:01 -------- d-----w- C:\Users\Marie\AppData\Local\Coupon Companion Plugin 2013-02-22 04:24:44 -------- d-----w- C:\Users\Marie\AppData\Local\Updater21804 2013-02-22 04:24:29 -------- d-----w- C:\Program Files (x86)\Coupon Companion Plugin 2013-02-21 23:53:23 -------- d-----w- C:\ProgramData\CanonIJ 2013-02-21 23:27:42 -------- d--h--w- C:\ProgramData\CanonIJScan 2013-02-18 19:12:20 -------- d-----w- C:\Users\Marie\AppData\Local\{9CDE807B-3DAD-42A3-AB07-CEFC57AB54D6} 2013-02-15 22:04:52 208448 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll 2013-02-13 15:11:22 -------- d-----w- C:\Users\Marie\AppData\Local\{5819FA97-552E-4A29-98FD-CE1A2A96922E} 2013-02-13 08:04:27 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-13 08:04:27 768000 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll 2013-02-12 20:04:55 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-02-12 20:04:54 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-02-12 20:04:53 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-02-12 20:04:51 3153408 ----a-w- C:\Windows\System32\win32k.sys 2013-02-12 20:04:44 215040 ----a-w- C:\Windows\System32\winsrv.dll 2013-02-12 20:04:43 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2013-02-12 20:04:43 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2013-02-12 20:04:42 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2013-02-12 20:04:42 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2013-02-12 20:04:41 2048 ----a-w- C:\Windows\SysWow64\user.exe 2013-02-12 20:04:38 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-02-12 20:04:37 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2013-02-09 23:31:03 -------- d-----w- C:\Users\Marie\AppData\Roaming\Silverback Games 2013-02-09 23:29:20 -------- d-----w- C:\ProgramData\Meridian93 2013-02-09 23:20:42 -------- d-----w- C:\Users\Marie\AppData\Roaming\Meridian93 2013-02-09 19:43:31 -------- d-----w- C:\Users\Marie\AppData\Local\{B790BAB4-098B-4F0C-AB8C-B3DC7624B206} 2013-02-08 23:44:11 -------- d-----w- C:\Program Files (x86)\Coupons 2013-02-08 23:42:10 -------- d-----w- C:\ProgramData\APN 2013-02-07 18:59:14 -------- d-----w- C:\ProgramData\CanonIJPLM 2013-02-07 18:48:11 -------- d-----w- C:\ProgramData\Canon IJ Network Tool 2013-02-07 18:48:04 316416 ----a-w- C:\Windows\SysWow64\CNC_B1L.dll 2013-02-07 18:48:04 15872 ----a-w- C:\Windows\SysWow64\CNHMCA.dll 2013-02-07 18:48:04 102912 ----a-w- C:\Windows\SysWow64\CNC_B1U.dll 2013-02-07 18:48:01 -------- d--h--w- C:\ProgramData\CanonIJFAX 2013-02-07 18:47:14 -------- d-----w- C:\ProgramData\CanonIJWSpt 2013-02-07 18:47:04 99840 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPPB1.DLL 2013-02-07 18:47:04 30208 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPDB1.DLL 2013-02-07 18:47:04 30208 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\1_CNMPDB1.DLL 2013-02-07 18:46:42 385024 ----a-w- C:\Windows\System32\CNMLMB1.DLL 2013-02-07 18:46:32 302592 ----a-w- C:\Windows\System32\CNCALB1.DLL 2013-02-07 18:46:27 256000 ----a-w- C:\Windows\System32\CNMIUB1.DLL 2013-02-07 18:46:03 39424 ----a-w- C:\Windows\System32\CNMN6UI.DLL 2013-02-07 18:46:03 -------- d-----w- C:\Windows\System32\STRING 2013-02-07 18:46:02 356864 ----a-w- C:\Windows\System32\CNMN6PPM.DLL 2013-02-07 17:58:35 -------- d--h--w- C:\ProgramData\CanonIJETV 2013-02-07 17:57:56 -------- d-----w- C:\Program Files (x86)\Canon 2013-02-04 18:44:01 -------- d-----w- C:\Users\Marie\AppData\Local\{912042C6-BB79-4923-A1AD-8ED97A129FBC} 2013-02-04 01:09:38 -------- d-----w- C:\Users\Marie\AppData\Local\{49FA017E-2D5E-42F7-A9A8-CC3CBD5DFA53} . ==================== Find3M ==================== . 2013-02-27 01:23:20 71024 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-02-27 01:23:20 691568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-01-30 10:53:22 273840 ------w- C:\Windows\System32\MpSigStub.exe 2013-01-20 20:59:04 230320 ----a-w- C:\Windows\System32\drivers\MpFilter.sys 2013-01-20 20:59:04 130008 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys 2013-01-13 21:17:03 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-01-13 21:17:02 2560 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-01-13 21:16:42 10752 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-01-13 21:12:46 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-01-13 21:11:21 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll 2013-01-13 21:11:08 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-01-13 21:11:07 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll 2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-01-13 20:35:31 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-01-13 20:35:31 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-01-13 20:35:18 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-01-13 20:32:07 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-01-13 20:31:48 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-01-13 20:31:41 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-01-13 20:31:40 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-01-13 20:31:00 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll 2013-01-13 20:22:22 1988096 ----a-w- C:\Windows\SysWow64\d3d10warp.dll 2013-01-13 20:20:31 293376 ----a-w- C:\Windows\SysWow64\dxgi.dll 2013-01-13 20:09:00 249856 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll 2013-01-13 20:08:43 220160 ----a-w- C:\Windows\SysWow64\d3d10core.dll 2013-01-13 20:08:35 1504768 ----a-w- C:\Windows\SysWow64\d3d11.dll 2013-01-13 19:59:04 1643520 ----a-w- C:\Windows\System32\DWrite.dll 2013-01-13 19:58:28 1175552 ----a-w- C:\Windows\System32\FntCache.dll 2013-01-13 19:54:01 604160 ----a-w- C:\Windows\SysWow64\d3d10level9.dll 2013-01-13 19:53:58 207872 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll 2013-01-13 19:51:30 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll 2013-01-13 19:49:17 363008 ----a-w- C:\Windows\System32\dxgi.dll 2013-01-13 19:48:47 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll 2013-01-13 19:46:25 1080832 ----a-w- C:\Windows\SysWow64\d3d10.dll 2013-01-13 19:43:21 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll 2013-01-13 19:38:39 333312 ----a-w- C:\Windows\System32\d3d10_1core.dll 2013-01-13 19:38:32 1887232 ----a-w- C:\Windows\System32\d3d11.dll 2013-01-13 19:38:21 296960 ----a-w- C:\Windows\System32\d3d10core.dll 2013-01-13 19:37:57 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll 2013-01-13 19:25:04 245248 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll 2013-01-13 19:24:33 648192 ----a-w- C:\Windows\System32\d3d10level9.dll 2013-01-13 19:20:42 194560 ----a-w- C:\Windows\System32\d3d10_1.dll 2013-01-13 19:20:04 1238528 ----a-w- C:\Windows\System32\d3d10.dll 2013-01-13 19:15:40 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2013-01-13 19:10:36 3928064 ----a-w- C:\Windows\System32\d2d1.dll 2013-01-13 18:34:58 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll 2013-01-13 18:32:43 465920 ----a-w- C:\Windows\System32\WMPhoto.dll 2013-01-13 18:09:52 522752 ----a-w- C:\Windows\System32\XpsGdiConverter.dll 2013-01-13 17:26:42 1158144 ----a-w- C:\Windows\SysWow64\XpsPrint.dll 2013-01-13 17:05:09 1682432 ----a-w- C:\Windows\System32\XpsPrint.dll 2013-01-09 01:19:09 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2013-01-09 01:12:03 1392128 ----a-w- C:\Windows\System32\wininet.dll 2013-01-09 01:11:06 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-01-09 01:07:51 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-01-09 01:07:47 599040 ----a-w- C:\Windows\System32\vbscript.dll 2013-01-09 01:04:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2013-01-08 22:11:21 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-01-08 22:03:20 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-01-08 22:03:12 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2013-01-08 21:59:02 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2013-01-08 21:58:29 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2013-01-08 21:56:23 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll 2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll 2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll 2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2012-12-14 21:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll 2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll 2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll 2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll 2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs 2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs 2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs 2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs 2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs 2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs 2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs 2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs 2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs 2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs 2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs 2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs 2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs 2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs . ============= FINISH: 13:03:12.50 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 2/16/2010 5:56:24 AM System Uptime: 3/2/2013 11:35:59 AM (2 hours ago) . Motherboard: Gateway | | NV78 Processor: Intel® Core2 Duo CPU T6600 @ 2.20GHz | uPGA-478 | 2200/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 454 GiB total, 301.871 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP693: 2/21/2013 4:29:14 PM - Windows Update RP694: 2/24/2013 7:46:43 PM - Windows Update RP695: 2/27/2013 3:00:20 AM - Windows Update RP696: 3/2/2013 10:20:33 AM - Windows Update . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) ABBYY FineReader 6.0 Sprint Abyss: The Wraiths of Eden Collector's Edition Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader XI (11.0.02) Adobe Shockwave Player 11.5 Amazing Adventures Around the World Amazing Adventures The Caribbean Secret Amazing Adventures The Lost Tomb Ancient Jewels v1.0 Apple Application Support Apple Mobile Device Support Apple Software Update ArcSoft MediaImpression ArcSoft MediaImpression for Kodak ArcSoft Panorama Maker 4 ArcSoft Photo Book Screen Saver ArcSoft RAW Thumbnail Viewer ArcSoft Video Downloader AutoUpdate Backup Manager Basic Big Fish Games: Game Manager Bing Rewards Client Installer Bonjour Browntech Image Plugin 2.02 Bubble Match Canon Easy-PhotoPrint EX Canon IJ Network Scanner Selector EX Canon IJ Network Tool Canon MP Navigator EX 5.1 Canon MX430 series MP Drivers Canon MX430 series User Registration Cisco Network Magic Compatibility Pack for the 2007 Office system Coupon Companion Plugin Coupon Printer for Windows Crystal Reports for .NET Framework 2.0 (x86) CyberLink Power2Go CyberLink PowerDVD 8 D3DX10 DivX DivX Player E.P.I.C.: Wishmaster Adventures Express Burn Disc Burning Software Fear For Sale: Mystery of McInroy Manor Gateway Games Gateway InfoCentre Gateway MyBackup Gateway Power Management Gateway Recovery Management Gateway Registration Gateway ScreenSaver Gateway Updater GoToAssist Corporate HDAUDIO Soft Data Fax Modem with SmartCP Hidden Mysteries®: Vampire Secrets honestech VHS to DVD 5.0 Deluxe Identity Card Indeo® software Intel® Graphics Media Accelerator Driver Internet TV for Windows Media Center iTunes Java Auto Updater Java 6 Update 24 Junk Mail filter update KarmaWell Browser Extension Launch Manager Lexmark 5400 Series Malwarebytes Anti-Malware version 1.70.0.1100 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office Live Add-in 1.5 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Professional 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2007 Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft UI Engine Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works Midnight Mysteries: Haunted Houdini Mozilla Firefox 19.0 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Network Magic OpenAL Perfect Attorney Platinum PhotoShow 2 Prism Video Converter Pure Networks Platform Quicken 2011 QuickTime Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Revo Uninstaller 1.89 Savings Bond Wizard Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition SharePort Utility SmartSound Quicktracks Plugin Spirits of Mystery: Amber Maiden Collector's Edition Spybot - Search & Destroy Synaptics Pointing Device Driver The Agency of Anomalies: Cinderstone Orphanage Collector's Edition TWC Customer Controls Ulead DVD DiskRecorder 2.1.1 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2767848) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Update Installer for WildTangent Games App Upromise TurboSaver (remove only) USB2.0 VIDBOX NW03 Video Web Camera Welcome Center WildTangent Games WildTangent Games App Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources . ==== Event Viewer Messages From Past Week ======== . 3/1/2013 4:23:59 PM, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0. . ==== End Of File =========================== -
I'm so new to all this! I got on here to try to find an answer to how to get rid of the virus "Trojan.agent. I saw that others had the same issue so I downloaded the dds file and got the two logs. I then opened an acct and wanted to post but not sure how this all works so I'm giving it a shot in hopes someone can help me please! I will wait to paste the two logs till I get a reply from someone. If anyone can help please let me know what to do next and how to do it. Sorry I'm so inept at this. Thanks in advance for any help you can give!