moonze

While i was waiting for your response, i decided to use your link and install Firefox. After installing, i tried to import from IE to FF, and it stayed importing for quite some time. After a while, i terminated the import, and a small box flashed, saying the connection was not secure and then it disappeared. I then went to run FF, and this is what i got the last time. I took a screen of it and it is attached. firefox warning.bmp

Sorry i been busy. I have just used the 2ns link and it worked. Ran the Delfix, but when checking the boxes you suggested, the first box was unchecked and greyed out, i wasnt allowed to check it. I did check all the rest.

OK, i got halfway through the clean up process and when trying to Download the Delfix by Explode from you link, i get this: Browser cannot display the webpage for: http://general-changelog-team.fr/en/downloads/finish/20-outils-de-xplode/9-delfix This problem can be caused by a variety of issues, including:Internet connectivity has been lost.The website is temporarily unavailable.The Domain Name Server (DNS) is not reachable.The Domain Name Server (DNS) does not have a listing for the website's domain.There might be a typing error in the address.If this is an HTTPS (secure) address, please check to be sure the SSL and TLS protocols are enabled on your browser. I have tried it several times, closed and open new browsers, still wont open.

Sorry for the repost, when i looked it wasnt showing that i posted those logs. After posting them again, they now showed. Everything seems good, the system boots up alot faster now with all those other programs not loading at start. Do you have a link to a clean install of Mozilla Firefox?

Adware reposted: # AdwCleaner v3.018 - Report created 31/01/2014 at 07:11:17 # Updated 28/01/2014 by Xplode # Operating System : Microsoft Windows XP Service Pack 3 (32 bits) # Username : Mike - TRON33 # Running from : C:\Documents and Settings\Mike\Desktop\AdwCleaner.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v8.0.6001.18702 -\\ Google Chrome v [ File : C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [4702 octets] - [27/01/2014 23:12:42] AdwCleaner[R1].txt - [912 octets] - [30/01/2014 14:44:33] AdwCleaner[R2].txt - [773 octets] - [31/01/2014 07:11:17] AdwCleaner[s0].txt - [4739 octets] - [27/01/2014 23:17:16] ########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [892 octets] ########## Malwarebytes: Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2014.01.30.07 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Mike :: TRON33 [administrator] 1/30/2014 2:47:53 PM mbam-log-2014-01-30 (14-47-53).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 261002 Time elapsed: 24 minute(s), 38 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)

Here is the Adware: # AdwCleaner v3.018 - Report created 30/01/2014 at 14:44:33 # Updated 28/01/2014 by Xplode # Operating System : Microsoft Windows XP Service Pack 3 (32 bits) # Username : Mike - TRON33 # Running from : C:\Documents and Settings\Mike\Desktop\AdwCleaner.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v8.0.6001.18702 -\\ Google Chrome v [ File : C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [4702 octets] - [27/01/2014 23:12:42] AdwCleaner[R1].txt - [714 octets] - [30/01/2014 14:44:33] AdwCleaner[s0].txt - [4739 octets] - [27/01/2014 23:17:16] ########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [833 octets] ########## Here is Malware: Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2014.01.30.07 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Mike :: TRON33 [administrator] 1/30/2014 2:47:53 PM mbam-log-2014-01-30 (14-47-53).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 261002 Time elapsed: 24 minute(s), 38 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)

OK, i think i did something i shouldnt have. I always hear Firefox is a better browser, so i tried to install it. I googled mozilla firefox and all kinds of websites popped up. I looked at one that said it was 2014, so i went to download it. When i clicked on install, it said it was bundled with a bunch of other programs i might find useful. There was no box to uncheck to say i didnt want them. Red flag in my mind popped up. Then looking at the description, there was some funny characters in the middle of a word instead of the letters. 2nd red flag. I didnt install it. I then left and googled it again. This time i looked at the website it was coming from. I found one i thought was secure so i downloaded that one. I clicked on install, and nothing said i was getting other programs with this install. After firefox was installed, i tried to goto Goolge homepage. It wouldnt let me, saying my connection was not secure. Anything i tried to open, it sais the same thing, that my connection was not secure. If i clicked on the i understand the consequences, it then tells me, that something might be tampering with my connection. I uninstalled firefox. System seems to still be running fine, just wanted to let you know what i did.

We can leave them there for now. I will run some programs tonight to see how its working. Have agood nights sleep.

OK rebooted, and the ones that were selected Not to start, didnt. Seems to boot faster and running smooth.

OK, this is the revised Startup.TxT: Yes HKCU:Run ctfmon.exe Microsoft Corporation C:\WINDOWS\system32\ctfmon.exe No HKCU:Run Google Update Google Inc. "C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c No HKCU:Run swg Google Inc. "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" No HKLM:Run Adobe ARM Adobe Systems Incorporated "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" No HKLM:Run APSDaemon Apple Inc. "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" No HKLM:Run CanonMyPrinter CANON INC. C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon No HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe" Yes HKLM:Run mcui_exe McAfee, Inc. "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey No HKLM:Run NeroFilterCheck Nero AG C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe Yes HKLM:Run NvCplDaemon Microsoft Corporation RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup Yes HKLM:Run NvMediaCenter Microsoft Corporation RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit Yes HKLM:Run Nvtmru NVIDIA Corporation "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" No HKLM:Run QuickTime Task Apple Inc. "C:\Program Files\QuickTime\qttask.exe" -atboottime No HKLM:Run RemoteControl Cyberlink Corp. "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" Yes HKLM:Run RTHDCPL Realtek Semiconductor Corp. RTHDCPL.EXE No HKLM:Run SunJavaUpdateSched Oracle Corporation "C:\Program Files\Common Files\Java\Java Update\jusched.exe" No Startup Common Adobe Gamma Loader.lnk Adobe Systems, Inc. C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe Yes Startup User Xfire.lnk Xfire Inc. C:\Program Files\Xfire\Xfire.exe After clicking on the Disable for the ones i dont want starting, is there some sort of save button or apply button that i am supposed to use?

Ooops, sorry. Here is startup.txt: Yes HKCU:Run ctfmon.exe Microsoft Corporation C:\WINDOWS\system32\ctfmon.exe Yes HKCU:Run Google Update Google Inc. "C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c Yes HKCU:Run swg Google Inc. "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" Yes HKLM:Run Adobe ARM Adobe Systems Incorporated "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" Yes HKLM:Run APSDaemon Apple Inc. "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" Yes HKLM:Run CanonMyPrinter CANON INC. C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon Yes HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe" Yes HKLM:Run mcui_exe McAfee, Inc. "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey Yes HKLM:Run NeroFilterCheck Nero AG C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe Yes HKLM:Run NvCplDaemon Microsoft Corporation RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup Yes HKLM:Run NvMediaCenter Microsoft Corporation RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit Yes HKLM:Run Nvtmru NVIDIA Corporation "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" Yes HKLM:Run QuickTime Task Apple Inc. "C:\Program Files\QuickTime\qttask.exe" -atboottime Yes HKLM:Run RemoteControl Cyberlink Corp. "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" Yes HKLM:Run RTHDCPL Realtek Semiconductor Corp. RTHDCPL.EXE Yes HKLM:Run SunJavaUpdateSched Oracle Corporation "C:\Program Files\Common Files\Java\Java Update\jusched.exe" Yes Startup Common Adobe Gamma Loader.lnk Adobe Systems, Inc. C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe Yes Startup User Xfire.lnk Xfire Inc. C:\Program Files\Xfire\Xfire.exe

Here is the Checkup.txt: Results of screen317's Security Check version 0.99.79 Windows XP Service Pack 3 x86 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Disabled! McAfee Anti-Virus and Anti-Spyware Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 CCleaner Java 7 Update 51 Adobe Reader XI ````````Process Check: objlist.exe by Laurent```````` `````````````````System Health check````````````````` Total Fragmentation on Drive C:: 7% ````````````````````End of Log`````````````````````` Here is Startup.txt: Results of screen317's Security Check version 0.99.79 Windows XP Service Pack 3 x86 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Disabled! McAfee Anti-Virus and Anti-Spyware Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 CCleaner Java 7 Update 51 Adobe Reader XI ````````Process Check: objlist.exe by Laurent```````` `````````````````System Health check````````````````` Total Fragmentation on Drive C:: 7% ````````````````````End of Log``````````````````````

Seems to be a whole lot better. Running alot more smooth. I can access websites with no problems. Do you see anything in the startup that doesnt need to be started when the pc is turned on?

Sorry for taking long to respond back, Malwarebytes took a looong time to run. Here is the fixlog.txt: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 27-01-2014 02 Ran by Mike at 2014-01-27 16:37:33 Run:1 Running from C:\Documents and Settings\Mike\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** Start ProxyEnable: Internet Explorer proxy is enabled. ProxyServer: http=127.0.0.1:16110;https=127.0.0.1:16110; C:\Documents and Settings\Mike\Local Settings\temp\ICReinstall_Firefox_Setup[1].exe C:\Documents and Settings\Mike\Local Settings\temp\jre-7u51-windows-i586-iftw.exe End ***************** HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Value deleted successfully. HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully. C:\Documents and Settings\Mike\Local Settings\temp\ICReinstall_Firefox_Setup[1].exe => Moved successfully. C:\Documents and Settings\Mike\Local Settings\temp\jre-7u51-windows-i586-iftw.exe => Moved successfully. ==== End of Fixlog ==== Here is Malwarebytes Log: Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2014.01.27.09 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Mike :: TRON33 [administrator] 1/27/2014 4:44:47 PM mbam-log-2014-01-27 (16-44-47).txt Scan type: Full scan (C:\|E:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 449705 Time elapsed: 3 hour(s), 38 minute(s), 33 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 1 C:\Program Files\Tuguu SL\DownQuick (PUP.Optional.Tuguu.A) -> Quarantined and deleted successfully. Files Detected: 1 C:\Program Files\Flvto Youtube Downloader\adsetup.exe (PUP.Optional.InstallMonetizer.A) -> Quarantined and deleted successfully. (end) And last is AdwCleaner: # AdwCleaner v3.017 - Report created 27/01/2014 at 23:17:16 # Updated 12/01/2014 by Xplode # Operating System : Microsoft Windows XP Service Pack 3 (32 bits) # Username : Mike - TRON33 # Running from : C:\Documents and Settings\Mike\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Documents and Settings\All Users\Application Data\NCH Software Folder Deleted : C:\Program Files\NCH Software Folder Deleted : C:\Program Files\tuguu sl Folder Deleted : C:\Documents and Settings\Mike\Local Settings\Application Data\eSupport.com Folder Deleted : C:\Documents and Settings\Mike\Application Data\NCH Software File Deleted : C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFile3.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFileWMA3.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5E50AE1D-BC76-418B-94C4-EFEAC0CEF80C} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{69E54DE2-C4ED-4BEC-8046-E3F9AC74B4B0} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4219427B-0228-4356-A78B-EB7668D37D07} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}] Key Deleted : HKCU\Software\APN PIP Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\NCH Software Key Deleted : HKCU\Software\AppDataLow\Software\Freecause Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\NCH Software Key Deleted : HKLM\Software\PIP ***** [ Browsers ] ***** -\\ Internet Explorer v8.0.6001.18702 -\\ Google Chrome v [ File : C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ] Deleted : icon_url ************************* AdwCleaner[R0].txt - [4702 octets] - [27/01/2014 23:12:42] AdwCleaner[s0].txt - [4599 octets] - [27/01/2014 23:17:16] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [4659 octets] ##########

Here is the FRST.Txt file: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-01-2014 02 Ran by Mike (administrator) on TRON33 on 27-01-2014 15:29:24 Running from C:\Documents and Settings\Mike\Local Settings\Temporary Internet Files\Content.IE5\ZBSQBZN9 Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US) Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) =================== (IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe (IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe (IObit) C:\Program Files\IObit\Driver Booster\AutoUpdate.exe (IObit) C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Digital Market Research Apps Pty Ltd) C:\Program Files\MR APP\MRAPP.Event.Service.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe (Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcagent.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe (Xfire Inc.) C:\Program Files\Xfire\Xfire.exe (IObit) C:\Program Files\IObit\IObit Malware Fighter\IMF.exe (Apache Software Foundation) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (Apache Software Foundation) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe (McAfee, Inc.) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe (McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe () C:\WINDOWS\system32\PnkBstrA.exe (Digital Market Research Apps Pty Ltd) C:\Program Files\MR APP\MRAPP.Transfer.Service.exe (McAfee, Inc.) C:\Program Files\Common Files\Mcafee\SystemCore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft) C:\Program Files\MR APP\MRAPP.UI.exe (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Farbar) C:\Documents and Settings\Mike\Local Settings\Temporary Internet Files\Content.IE5\ZBSQBZN9\FRST[1].exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [16005120 2006-02-27] (Realtek Semiconductor Corp.) HKLM\...\Run: [RemoteControl] - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [32768 2004-11-02] (Cyberlink Corp.) HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [421888 2011-10-24] (Apple Inc.) HKLM\...\Run: [NeroFilterCheck] - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG) HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2569616 2010-07-25] (CANON INC.) HKLM\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [1278064 2013-03-13] (McAfee, Inc.) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation) HKLM\...\Run: [NvCplDaemon] - C:\WINDOWS\system32\NvCpl.dll [15677728 2013-06-21] (NVIDIA Corporation) HKLM\...\Run: [NvMediaCenter] - C:\WINDOWS\system32\NvMcTray.dll [223008 2013-06-21] (NVIDIA Corporation) HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.) HKLM\...\Run: [iObit Malware Fighter] - C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [1573184 2013-12-13] (IObit) HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-04-09] (Google Inc.) HKCU\...\Run: [Google Update] - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [116648 2012-04-04] (Google Inc.) HKCU\...\Run: [Advanced SystemCare 7] - C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe [2285344 2013-12-18] (IObit) Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Documents and Settings\Mike\Start Menu\Programs\Startup\Xfire.lnk ShortcutTarget: Xfire.lnk -> C:\Program Files\Xfire\Xfire.exe (Xfire Inc.) ==================== Internet (Whitelisted) ==================== ProxyEnable: Internet Explorer proxy is enabled. ProxyServer: http=127.0.0.1:16110;https=127.0.0.1:16110; HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://rd.yahoo.com/customize/sbcydsl/defaults/sb/*http://www.yahoo.com/search/ie.html URLSearchHook: HKCU - Default Value = {CFBFAE00-17A6-11D0-99CB-00C04FD64497} SearchScopes: HKLM - {F6DEA26D-6B54-4791-9B02-ACE45D39F09C} URL = SearchScopes: HKCU - DefaultScope {F6DEA26D-6B54-4791-9B02-ACE45D39F09C} URL = http://www.inboxdollars.com/search/results?ourmark=4&q={searchTerms} SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {4EA46B1B-D008-4CB3-8769-40A8C130D9CC} URL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 SearchScopes: HKCU - {F6DEA26D-6B54-4791-9B02-ACE45D39F09C} URL = http://www.inboxdollars.com/search/results?ourmark=4&q={searchTerms} BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit) BHO: Yahoo! Companion BHO - {13F537F0-AF09-11d6-9029-0002B31F9E59} - C:\Program Files\Yahoo!\Common\ycomp5,0,8,0.dll (Yahoo! Inc.) BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120703132834.dll (McAfee, Inc.) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.) BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5,0,8,0.dll (Yahoo! Inc.) Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKLM - ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit) Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) Toolbar: HKCU - Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5,0,8,0.dll (Yahoo! Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {26CF0ECA-50B9-411D-BA37-86BD6AD53382} http://www.starstable.com/plugin/PXStudioRuntimeAX.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} http://download.yahoo.com/dl/installs/ymail/ymmapi.dll Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.) Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Winsock: Catalog9 01 %SYSTEMROOT%\system32\nvappfilter.dll [131072] (NVIDIA) Winsock: Catalog9 02 %SYSTEMROOT%\system32\nvappfilter.dll [131072] (NVIDIA) Winsock: Catalog9 03 %SYSTEMROOT%\system32\nvappfilter.dll [131072] (NVIDIA) Winsock: Catalog9 19 %SYSTEMROOT%\system32\nvappfilter.dll [131072] (NVIDIA) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Chrome: ======= CHR DefaultSearchKeyword: bing.com CHR DefaultSearchURL: http://www.bing.com/search?FORM=U040DF&PC=U040&dt=080313&q={searchTerms}&src=IE-SearchBox CHR Extension: (YouTube) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-04-04] CHR Extension: (Google Search) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-04] CHR Extension: (SiteAdvisor) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2012-04-06] CHR Extension: (Ads Removal) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod [2013-12-13] CHR Extension: (Amazing Coupons) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mjildcbkilmkddbbpbjljljdmmlfeppl [2013-02-28] CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-01-24] CHR Extension: (Gmail) - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-04-04] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx [2012-07-03] CHR HKLM\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx [2013-10-29] CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\Application\chrome.exe ========================== Services (Whitelisted) ================= R2 AdvancedSystemCareService7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [881440 2013-12-09] (IObit) R2 EventService; C:\Program Files\MR APP\MRAPP.Event.Service.exe [31744 2013-12-17] (Digital Market Research Apps Pty Ltd) R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe [143360 2006-03-30] () R2 ForcewareWebInterface; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [20543 2006-02-06] (Apache Software Foundation) R2 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [341824 2013-11-11] (IObit) R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation) S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit) R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.) R2 mcmscsvc; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.) R2 McNASvc; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.) S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [279048 2012-11-16] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.) R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [203840 2013-02-19] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169320 2013-02-19] (McAfee, Inc.) R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [172416 2013-02-19] (McAfee, Inc.) R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [131131 2006-03-30] (NVIDIA Corporation) R2 nSvcLog; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [65599 2006-03-30] (NVIDIA Corporation) R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76888 2012-05-18] () R2 TransferService; C:\Program Files\MR APP\MRAPP.Transfer.Service.exe [31232 2013-12-17] (Digital Market Research Apps Pty Ltd) ==================== Drivers (Whitelisted) ==================== R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [36864 2013-12-24] (Advanced Micro Devices) R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [60920 2013-02-19] (McAfee, Inc.) R3 FileMonitor; C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [247968 2013-03-23] (IObit) S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [146872 2012-04-20] (McAfee, Inc.) R3 mfeapfk; C:\WINDOWS\System32\drivers\mfeapfk.sys [133416 2013-02-19] (McAfee, Inc.) R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [235264 2013-02-19] (McAfee, Inc.) S3 mfebopk; C:\WINDOWS\System32\drivers\mfebopk.sys [65928 2013-02-19] (McAfee, Inc.) R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [363080 2013-02-19] (McAfee, Inc.) R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [565888 2013-02-19] (McAfee, Inc.) S3 mfendisk; C:\WINDOWS\System32\DRIVERS\mfendisk.sys [84904 2013-02-19] (McAfee, Inc.) R3 mfendiskmp; C:\WINDOWS\System32\DRIVERS\mfendisk.sys [84904 2013-02-19] (McAfee, Inc.) S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [92632 2013-02-19] (McAfee, Inc.) R1 mfetdi2k; C:\WINDOWS\System32\drivers\mfetdi2k.sys [91640 2013-02-19] (McAfee, Inc.) S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2011-09-09] (Printing Communications Assoc., Inc. (PCAUSA)) S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2011-09-09] (Printing Communications Assoc., Inc. (PCAUSA)) R0 nvata; C:\WINDOWS\System32\DRIVERS\nvata.sys [100736 2006-04-24] (NVIDIA Corporation) R0 nvatabus; C:\WINDOWS\system32\Drivers\nvatabus.sys [99840 2006-03-16] (NVIDIA Corporation) R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [54784 2013-10-29] (NVIDIA Corporation) R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [128672 2013-02-24] (NVIDIA Corporation) R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [22016 2013-10-29] (NVIDIA Corporation) S1 NVTCP; C:\WINDOWS\System32\DRIVERS\NVTcp.sys [109568 2006-03-22] (NVIDIA Corporation) R3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys [31776 2013-11-19] (IObit.com) R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [14776 2013-05-22] () R3 UrlFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys [17360 2013-11-19] (IObit.com) S4 IntelIde; No ImagePath U3 mfeavfk01; No ImagePath U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-27 15:29 - 2014-01-27 15:29 - 00000000 ____D C:\FRST 2014-01-27 08:13 - 2014-01-27 08:13 - 00000929 _____ C:\Documents and Settings\Mike\Desktop\Continue Firefox Installation.lnk 2014-01-24 15:35 - 2014-01-24 15:35 - 00000000 ____D C:\Documents and Settings\Mike\Desktop\from camcorder 2014-01-24 11:14 - 2014-01-24 11:14 - 00000866 _____ C:\Documents and Settings\All Users\Desktop\IObit Uninstaller.lnk 2014-01-24 11:11 - 2014-01-24 11:11 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java 2014-01-24 11:11 - 2013-12-18 21:10 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2014-01-24 11:11 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-01-24 11:11 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-01-24 11:11 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2014-01-24 11:11 - 2013-12-18 20:46 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2014-01-24 11:10 - 2014-01-24 11:11 - 00005134 _____ C:\WINDOWS\system32\jupdate-1.7.0_51-b13.log 2014-01-22 16:23 - 2014-01-27 15:13 - 00000157 _____ C:\WINDOWS\wiadebug.log 2014-01-22 16:23 - 2014-01-27 15:13 - 00000049 _____ C:\WINDOWS\wiaservc.log 2014-01-22 16:22 - 2014-01-27 08:50 - 00032586 _____ C:\WINDOWS\SchedLgU.Txt 2014-01-22 16:22 - 2014-01-22 16:22 - 00000000 _____ C:\WINDOWS\Sti_Trace.log 2014-01-15 17:27 - 2014-01-15 17:27 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2914368$ 2014-01-14 15:05 - 2008-04-13 17:12 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpusd.dll 2014-01-14 15:05 - 2001-08-17 22:36 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpusb.dll 2014-01-02 13:07 - 2014-01-02 13:07 - 00001727 _____ C:\Documents and Settings\All Users\Desktop\NCH Software.lnk 2014-01-02 13:07 - 2014-01-02 13:07 - 00000823 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Pixillion Image Converter.lnk 2014-01-02 13:07 - 2014-01-02 13:07 - 00000817 _____ C:\Documents and Settings\All Users\Desktop\Pixillion Image Converter.lnk 2014-01-02 13:07 - 2014-01-02 13:07 - 00000282 _____ C:\WINDOWS\Tasks\PixillionSevenDays.job ==================== One Month Modified Files and Folders ======= 2014-01-27 15:29 - 2014-01-27 15:29 - 00000000 ____D C:\FRST 2014-01-27 15:28 - 2013-02-26 07:50 - 00012736 _____ C:\WINDOWS\system32\nvAppTimestamps 2014-01-27 15:23 - 2012-04-09 18:26 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-01-27 15:23 - 2012-04-04 21:41 - 00000000 _____ C:\WINDOWS\system32\nmp.log 2014-01-27 15:15 - 2012-04-04 20:23 - 01606599 _____ C:\WINDOWS\WindowsUpdate.log 2014-01-27 15:13 - 2014-01-22 16:23 - 00000157 _____ C:\WINDOWS\wiadebug.log 2014-01-27 15:13 - 2014-01-22 16:23 - 00000049 _____ C:\WINDOWS\wiaservc.log 2014-01-27 15:13 - 2005-08-31 07:59 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl 2014-01-27 15:12 - 2013-10-29 08:08 - 00000274 _____ C:\WINDOWS\Tasks\Driver Booster Update.job 2014-01-27 15:12 - 2013-10-29 08:08 - 00000272 _____ C:\WINDOWS\Tasks\Driver Booster Scan.job 2014-01-27 15:12 - 2013-10-29 08:00 - 00000266 _____ C:\WINDOWS\Tasks\ASC7_PerformanceMonitor.job 2014-01-27 15:12 - 2012-04-09 18:26 - 00000878 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-01-27 15:12 - 2012-04-04 20:42 - 00000000 ____D C:\WINDOWS\system32\Lang 2014-01-27 15:12 - 2012-04-04 20:27 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2014-01-27 08:50 - 2014-01-22 16:22 - 00032586 _____ C:\WINDOWS\SchedLgU.Txt 2014-01-27 08:50 - 2013-02-28 22:04 - 00507014 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1960408961-606747145-725345543-1003-0.dat 2014-01-27 08:50 - 2013-02-28 22:04 - 00160782 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat 2014-01-27 08:50 - 2012-04-04 20:28 - 00000178 ___SH C:\Documents and Settings\Mike\ntuser.ini 2014-01-27 08:50 - 2012-04-04 20:28 - 00000000 ____D C:\Documents and Settings\Mike 2014-01-27 08:22 - 2012-04-06 09:22 - 00281872 _____ C:\WINDOWS\system32\PnkBstrB.xtr 2014-01-27 08:22 - 2012-04-05 08:06 - 00281872 _____ C:\WINDOWS\system32\PnkBstrB.exe 2014-01-27 08:22 - 2012-04-05 08:06 - 00139280 _____ C:\WINDOWS\system32\Drivers\PnkBstrK.sys 2014-01-27 08:13 - 2014-01-27 08:13 - 00000929 _____ C:\Documents and Settings\Mike\Desktop\Continue Firefox Installation.lnk 2014-01-27 07:51 - 2012-04-04 21:02 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-606747145-725345543-1003UA.job 2014-01-27 07:32 - 2012-07-04 06:55 - 00000000 ____D C:\Documents and Settings\Mike\Desktop\Unused Desktop Shortcuts 2014-01-27 07:05 - 2012-04-05 08:06 - 00281872 _____ C:\WINDOWS\system32\PnkBstrB.ex0 2014-01-26 08:51 - 2012-04-04 21:02 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-606747145-725345543-1003Core.job 2014-01-24 15:35 - 2014-01-24 15:35 - 00000000 ____D C:\Documents and Settings\Mike\Desktop\from camcorder 2014-01-24 15:33 - 2012-04-12 04:40 - 00000000 ____D C:\Program Files\Xfire 2014-01-24 11:14 - 2014-01-24 11:14 - 00000866 _____ C:\Documents and Settings\All Users\Desktop\IObit Uninstaller.lnk 2014-01-24 11:14 - 2013-10-29 07:53 - 00001846 _____ C:\Documents and Settings\All Users\Desktop\Advanced SystemCare 7.lnk 2014-01-24 11:14 - 2013-10-29 07:53 - 00000000 ____D C:\Documents and Settings\Mike\Application Data\IObit 2014-01-24 11:14 - 2013-10-29 07:53 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Advanced SystemCare 7 2014-01-24 11:11 - 2014-01-24 11:11 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java 2014-01-24 11:11 - 2014-01-24 11:10 - 00005134 _____ C:\WINDOWS\system32\jupdate-1.7.0_51-b13.log 2014-01-24 11:11 - 2013-03-27 17:01 - 00000000 ____D C:\Program Files\Java 2014-01-22 16:22 - 2014-01-22 16:22 - 00000000 _____ C:\WINDOWS\Sti_Trace.log 2014-01-22 10:49 - 2012-04-04 21:53 - 00000000 ____D C:\WINDOWS\Microsoft.NET 2014-01-22 10:45 - 2012-04-04 13:19 - 00613438 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2014-01-20 16:16 - 2012-08-23 16:42 - 00000000 ____D C:\Documents and Settings\Mike\My Documents\Wizard101 2014-01-17 11:55 - 2013-03-12 11:34 - 00002347 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk 2014-01-15 17:31 - 2013-08-08 11:00 - 00000000 ____D C:\WINDOWS\system32\MRT 2014-01-15 17:27 - 2014-01-15 17:27 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2914368$ 2014-01-15 17:27 - 2012-04-04 23:33 - 83425928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-01-02 13:07 - 2014-01-02 13:07 - 00001727 _____ C:\Documents and Settings\All Users\Desktop\NCH Software.lnk 2014-01-02 13:07 - 2014-01-02 13:07 - 00000823 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Pixillion Image Converter.lnk 2014-01-02 13:07 - 2014-01-02 13:07 - 00000817 _____ C:\Documents and Settings\All Users\Desktop\Pixillion Image Converter.lnk 2014-01-02 13:07 - 2014-01-02 13:07 - 00000282 _____ C:\WINDOWS\Tasks\PixillionSevenDays.job 2014-01-02 13:07 - 2013-03-15 11:52 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\NCH Software 2014-01-02 13:07 - 2013-03-15 11:51 - 00000000 ____D C:\Program Files\NCH Software 2014-01-01 09:08 - 2012-04-28 05:46 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\CanonIJPLM Some content of TEMP: ==================== C:\Documents and Settings\Mike\Local Settings\temp\ICReinstall_Firefox_Setup[1].exe C:\Documents and Settings\Mike\Local Settings\temp\jre-7u51-windows-i586-iftw.exe ==================== Bamital & volsnap Check ================= C:\WINDOWS\explorer.exe => MD5 is legit C:\WINDOWS\system32\winlogon.exe => MD5 is legit C:\WINDOWS\system32\svchost.exe => MD5 is legit C:\WINDOWS\system32\services.exe => MD5 is legit C:\WINDOWS\system32\User32.dll => MD5 is legit C:\WINDOWS\system32\userinit.exe => MD5 is legit C:\WINDOWS\system32\rpcss.dll => MD5 is legit C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit ==================== End Of Log ============================ Also the addition.txt is attached. Addition.txt

The past few days my pc has been acting weird. Now today it wont access most common websites. I cant access target, walmart, Facebook, Amazon. But i can access Craigslist and a few other sites. The ones i cant access, the connection times out. My pc takes longer these days to boot up from a cold start. I ran Hijackthis, and clicked on Analyze this, but the page that is supposed to load afterwards, doenst. Can someone help?

Still cant download any files from links.

Roguekiller report: RogueKiller V8.7.2 [Oct 3 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : Jen [Admin rights] Mode : Scan -- Date : 10/11/2013 15:20:52 | ARK || FAK || MBR | ¤¤¤ Bad processes : 1 ¤¤¤ [sUSP PATH] Box Edit.exe -- C:\Documents and Settings\Jen\Local Settings\Application Data\Box\Box Edit\Box Edit.exe [7] -> KILLED [TermProc] ¤¤¤ Registry Entries : 5 ¤¤¤ [RUN][sUSP PATH] HKCU\[...]\Run : Box Edit (C:\Documents and Settings\Jen\Local Settings\Application Data\Box\Box Edit\Box Edit.exe [7]) -> FOUND [RUN][sUSP PATH] HKUS\S-1-5-21-3231988880-2991373305-569363250-1005\[...]\Run : Box Edit (C:\Documents and Settings\Jen\Local Settings\Application Data\Box\Box Edit\Box Edit.exe [7]) -> FOUND [HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com [...] ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standard disk drives) - WDC WD2500KS-00MJB0 +++++ --- User --- [MBR] 1766c875606ccdea83ce60fb0984af0e [bSP] 1d21f9d3d1562230822b5085f9bae42e : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 238464 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_10112013_152052.txt >>

Just like the DDS, i cannot DL Roguekiller. Could you also send that to me, thanks

dds log: DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.25.2 Run by Jen at 14:48:14 on 2013-10-11 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1385 [GMT -7:00] . AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Firewall *Enabled* . ============== Running Processes ================ . C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Canon\MyPrinter\BJMyPrt.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\Jen\Local Settings\Application Data\Box\Box Edit\Box Edit.exe C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe C:\WINDOWS\system32\mfevtps.exe C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\PROGRA~1\Yahoo!\browser\ycommon.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k rpcss C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\svchost.exe -k LocalService . ============== Pseudo HJT Report =============== . uInternet Connection Wizard,ShellNext = iexplore uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\common\companion\installs\cpn\yt.dll BHO: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - <orphaned> BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll BHO: SpywareGuardDLBLOCK.CBrowserHelper: {4A368E80-174F-4872-96B5-0B27DDD11DB2} - c:\program files\spywareguard\dlprotect.dll BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll BHO: Yahoo! IE Services Button: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll BHO: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - <orphaned> BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20120811103557.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files\mcafee\siteadvisor\McIEPlg.dll BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - <orphaned> BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\common\companion\installs\cpn\yt.dll TB: &Google: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\common\companion\installs\cpn\yt.dll TB: &Google: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - <orphaned> EB: {51085E3D-A958-42A2-A6BE-A6A9B0BAF276} - <orphaned> uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [Advanced SystemCare 6] "c:\program files\iobit\advanced systemcare 6\ASCTray.exe" /AutoStart uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [box Edit] c:\documents and settings\jen\local settings\application data\box\box edit\Box Edit.exe mRun: [RTHDCPL] RTHDCPL.EXE mRun: [skyTel] SkyTel.EXE mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe" mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe" mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe" mRun: [intelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon mRun: [CanonSolutionMenuEx] c:\program files\canon\solution menu ex\CNSEMAIN.EXE /logon mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [Nikon Message Center 2] c:\program files\nikon\nikon message center 2\NkMC2.exe -s mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [Nvtmru] "c:\program files\nvidia corporation\nvidia update core\nvtmru.exe" StartupFolder: c:\docume~1\jen\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE StartupFolder: c:\docume~1\jen\startm~1\programs\startup\spywar~1.lnk - c:\program files\spywareguard\sgmain.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.318\SSScheduler.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:323 uPolicies-Explorer: NoDriveAutoRun = dword:67108863 uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDriveAutoRun = dword:67108863 mPolicies-Explorer: NoDriveTypeAutoRun = dword:323 mPolicies-Explorer: NoDrives = dword:0 mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:323 mPolicies-Explorer: NoDriveAutoRun = dword:67108863 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\jen\start menu\programs\imvu\Run IMVU.lnk IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper20073151.dll TCP: NameServer = 192.168.1.254 TCP: Interfaces\{8C9942FE-1678-4B7F-AB44-F31696983E7A} : DHCPNameServer = 192.168.1.254 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\McSnIePl.dll Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: SpywareGuard.Handler - {81559C35-8464-49F7-BB0E-07A383BEF910} - c:\program files\spywareguard\spywareguard.dll mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\30.0.1599.69\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome Hosts: 127.0.0.1 www.spywareinfo.com . ============= SERVICES / DRIVERS =============== . R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-4-24 565888] R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2011-2-24 91640] R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\iobit\advanced systemcare 6\ASCService.exe [2012-11-1 464256] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-8-10 167784] R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-8-10 167784] R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-8-10 167784] R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-8-10 167784] R2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2012-8-10 203840] R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2012-8-10 169320] R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-2-24 172416] R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-2-24 60920] R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2011-2-24 235264] R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-2-24 363080] R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2012-12-19 84904] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [2012-3-27 30312] S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [2011-12-13 16512] S3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-12-4 146872] S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.318\McCHSvc.exe [2013-2-5 235216] S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2011-2-24 65928] S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2012-12-19 84904] S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-2-24 92632] S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-4-24 34248] S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-4-24 40552] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2012-3-27 96488] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2012-3-27 12776] S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2012-3-27 121576] S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2006-2-28 14336] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856] . =============== File Associations =============== . ShellExec: Photoshop.exe: open=c:\program files\adobe\photoshop 7.0\Photoshop.exe . =============== Created Last 30 ================ . 2013-10-11 06:19:44 -------- d-----w- C:\5d25abbf34ba8890c3bf54bf78f5 2013-10-11 05:59:53 60160 -c----w- c:\windows\system32\dllcache\usbaudio.sys 2013-10-08 20:09:01 -------- d-----w- c:\documents and settings\jen\local settings\application data\Bundled software uninstaller 2013-10-02 15:51:28 -------- d-----w- c:\windows\system32\Disney Fairies Screensaver dir 2013-09-12 22:01:52 -------- d--h--w- c:\windows\PIF . ==================== Find3M ==================== . 2013-10-02 15:51:28 197120 ----a-w- c:\windows\system32\Disney Fairies Screensaver.scr 2013-10-01 23:29:35 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-09-23 18:33:58 920064 ----a-w- c:\windows\system32\wininet.dll 2013-09-23 18:33:57 43520 ----a-w- c:\windows\system32\licmgr10.dll 2013-09-23 18:33:57 1469440 ------w- c:\windows\system32\inetcpl.cpl 2013-09-23 18:33:56 18944 ----a-w- c:\windows\system32\corpol.dll 2013-09-23 18:06:48 385024 ----a-w- c:\windows\system32\html.iec 2013-08-31 21:50:52 235352 ----a-w- c:\windows\system32\nvdrsdb0.bin 2013-08-31 21:50:52 1 ----a-w- c:\windows\system32\nvdrssel.bin 2013-08-31 21:50:49 235352 ----a-w- c:\windows\system32\nvdrsdb1.bin 2013-08-29 01:31:44 1878656 ----a-w- c:\windows\system32\win32k.sys 2013-08-18 20:46:09 893728 ----a-w- c:\windows\system32\nvdispgenco3232680.dll 2013-08-18 20:46:09 6324224 ----a-w- c:\windows\system32\nvopencl.dll 2013-08-18 20:46:09 1049376 ----a-w- c:\windows\system32\nvdispco3232680.dll 2013-08-18 19:09:25 54272 ----a-w- c:\windows\system32\nvwddi.dll 2013-08-18 19:09:24 156960 ----a-w- c:\windows\system32\nvsvc32.exe 2013-08-18 19:09:23 209184 ----a-w- c:\windows\system32\nvmctray.dll 2013-08-18 19:09:23 15693088 ----a-w- c:\windows\system32\nvcpl.dll 2013-08-18 19:09:22 144160 ----a-w- c:\windows\system32\nvcolor.exe 2013-08-09 01:56:45 386560 ----a-w- c:\windows\system32\themeui.dll 2013-08-09 00:55:08 144128 ----a-w- c:\windows\system32\drivers\usbport.sys 2013-08-09 00:55:07 32384 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2013-08-09 00:55:06 5376 ----a-w- c:\windows\system32\drivers\usbd.sys 2013-08-08 06:05:59 6017536 ----a-w- c:\windows\system32\mshtml.dll.tmp 2013-08-05 13:30:32 1289728 ----a-w- c:\windows\system32\ole32.dll.tmp 2013-08-05 13:30:32 1289728 ----a-w- c:\windows\system32\ole32.dll 2013-08-03 21:18:38 1543680 ------w- c:\windows\system32\wmvdecod.dll 2013-07-24 21:12:14 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-07-24 21:12:13 867240 ----a-w- c:\windows\system32\npdeployJava1.dll 2013-07-24 21:12:13 144896 ----a-w- c:\windows\system32\javacpl.cpl 2013-07-19 08:18:04 102608 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-07-17 00:58:17 123008 ------w- c:\windows\system32\drivers\usbvideo.sys 2013-07-17 00:58:06 46848 ------w- c:\windows\system32\drivers\irbus.sys . ============= FINISH: 14:49:12.68 =============== attach log: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 9/26/2007 1:46:52 PM System Uptime: 10/11/2013 1:22:02 PM (1 hours ago) . Motherboard: ASUSTeK Computer INC. | | M2A-VM HDMI Processor: AMD Athlon 64 X2 Dual Core Processor 4400+ | Socket AM2 | 2300/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 233 GiB total, 96.004 GiB free. D: is CDROM (CDFS) E: is Removable F: is Removable G: is Removable H: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: 1394 Net Adapter Device ID: V1394\NIC1394\00000000 Manufacturer: Microsoft Name: 1394 Net Adapter #2 PNP Device ID: V1394\NIC1394\00000000 Service: NIC1394 . ==== System Restore Points =================== . RP1: 10/10/2013 11:06:14 PM - System Checkpoint RP2: 10/10/2013 11:11:04 PM - Installed Windows XP KB2862330. RP3: 10/10/2013 11:12:21 PM - Installed Windows XP KB2883150. RP4: 10/10/2013 11:14:17 PM - Installed Windows XP KB2868038. RP5: 10/10/2013 11:18:09 PM - Installed Windows XP KB2862335. RP6: 10/10/2013 11:19:38 PM - Installed Windows XP KB2847311. RP7: 10/11/2013 10:10:18 AM - Software Distribution Service 3.0 . ==== Installed Programs ====================== . A610 A710_A610_A510_Help Adobe AIR Adobe Flash Player 11 ActiveX Adobe Photoshop 7.0 Adobe Reader X (10.1.8) Adobe Shockwave Player 12.0 Advanced SystemCare 6 Advertising Center Apple Application Support AT&T Yahoo! Applications Behind The Chair Catalog - Education 2011 Behind The Chair Catalog - Fall 2011 Behind the Chair Catalog - Summer 2010 Box Edit BufferChm Canon Easy-PhotoPrint EX Canon Easy-WebPrint EX Canon MP Navigator 3.0 Canon MP Navigator EX 4.1 Canon MP160 Canon MP160 User Registration Canon MX410 series MP Drivers Canon MX410 series User Registration Canon My Printer Canon Solution Menu EX Canon Speed Dial Utility Canon Utilities Easy-PhotoPrint Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Localization Chinese Standard Catalyst Control Center Localization Chinese Traditional Catalyst Control Center Localization Czech Catalyst Control Center Localization Danish Catalyst Control Center Localization Dutch Catalyst Control Center Localization Finnish Catalyst Control Center Localization French Catalyst Control Center Localization German Catalyst Control Center Localization Greek Catalyst Control Center Localization Hungarian Catalyst Control Center Localization Italian Catalyst Control Center Localization Japanese Catalyst Control Center Localization Korean Catalyst Control Center Localization Norwegian Catalyst Control Center Localization Polish Catalyst Control Center Localization Portuguese Catalyst Control Center Localization Russian Catalyst Control Center Localization Spanish Catalyst Control Center Localization Swedish Catalyst Control Center Localization Thai Catalyst Control Center Localization Turkish ccc-core-static ccc-utility CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Clone Wars Critical Update for Windows Media Player 11 (KB959772) CustomerResearchQFolder DeviceManagementQFolder Disney Fairies Screensaver Dropbox EA Download Manager eSupportQFolder EVGA Display Driver Eye Candy 4000 FINAL FANTASY XIV - A Realm Reborn (Beta Version) FREE Wild Things Google Chrome Google Toolbar for Internet Explorer Google Update Helper Guild Wars Happy Cloud Client HD-DV decoder Hewlett-Packard ACLM.NET v1.1.0.0 High Definition Audio Driver Package - KB888111 HighMAT Extension to Microsoft Windows XP CD Writing Wizard HiJackThis HijackThis 2.0.2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Format SDK (KB902344) Hotfix for Windows Media Format SDK (KB910998) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB2158563) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB2570791) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB2756822) Hotfix for Windows XP (KB2779562) Hotfix for Windows XP (KB915800-v4) Hotfix for Windows XP (KB932716-v2) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB970653-v3) Hotfix for Windows XP (KB976098-v2) Hotfix for Windows XP (KB979306) Hotfix for Windows XP (KB981793) HP Customer Participation Program 7.0 HP Imaging Device Functions 7.0 HP Photosmart and Deskjet 7.0 Software HP Photosmart Essential HP Product Assistant HP Product Detection HP Solution Center 7.0 HP Update hph_ProductContext hph_readme hph_software hph_software_req HPPhotoSmartExpress HPProductAssistant InstantShareDevicesMFC IrfanView (remove only) Java 7 Update 25 Java Auto Updater Kalydo Player 5.01.00 LightScribe 1.4.136.1 Malwarebytes Anti-Malware version 1.75.0.1300 MarketResearch McAfee Security Scan Plus McAfee SecurityCenter Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2698023) Microsoft .NET Framework 1.1 Security Update (KB2742597) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Base Smart Card Cryptographic Service Provider Package Microsoft Compression Client Pack 1.0 for Windows XP Microsoft IntelliPoint 6.01 Microsoft IntelliType Pro 6.01 Microsoft Internationalized Domain Names Mitigation APIs Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 Microsoft National Language Support Downlevel APIs Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Professional 2007 Microsoft Office Professional 2007 Trial Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs Microsoft Silverlight Microsoft Software Update for Web Folders (English) 12 Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Windows Journal Viewer Microsoft XML Parser Microsoft XNA Framework Redistributable 3.0 MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2721691) MSXML 4.0 SP3 Parser (KB2758694) MSXML 4.0 SP3 Parser (KB973685) Nero 7 Essentials Nero ControlCenter Nero Installer Nero Music2Go Nero Music2Go for NINTENDO DSi Trial Nero Music2Go Help NexusFont 2.5 (ver 2.5.8.1582) Nikon File Uploader 2 Nikon Message Center 2 NVIDIA Control Panel 326.80 NVIDIA Display Control Panel NVIDIA Drivers NVIDIA GeForce Experience 1.6 NVIDIA Graphics Driver 326.80 NVIDIA HD Audio Driver 1.3.26.4 NVIDIA Install Application NVIDIA nView 140.62 NVIDIA nView Desktop Manager NVIDIA PhysX NVIDIA PhysX System Software 9.13.0725 NVIDIA Update 7.2.17 NVIDIA Update Components Paint Shop Pro 7 ESD PanoStandAlone Picasa 3 Picture Control Utility Pirate101 PowerDVD QuickTime REALTEK GbE & FE Ethernet PCI-E NIC Driver Realtek High Definition Audio Driver RemnantKnights SAMSUNG USB Driver for Mobile Phones Screenscapes Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2) Security Update for Microsoft Windows (KB2564958) Security Update for Step By Step Interactive Training (KB898458) Security Update for Windows Internet Explorer 7 (KB938127) Security Update for Windows Internet Explorer 7 (KB942615) Security Update for Windows Internet Explorer 7 (KB944533) Security Update for Windows Internet Explorer 7 (KB950759) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB958215) Security Update for Windows Internet Explorer 7 (KB960714) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 7 (KB963027) Security Update for Windows Internet Explorer 7 (KB969897) Security Update for Windows Internet Explorer 8 (KB2183461) Security Update for Windows Internet Explorer 8 (KB2360131) Security Update for Windows Internet Explorer 8 (KB2416400) Security Update for Windows Internet Explorer 8 (KB2482017) Security Update for Windows Internet Explorer 8 (KB2497640) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2530548) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2559049) Security Update for Windows Internet Explorer 8 (KB2586448) Security Update for Windows Internet Explorer 8 (KB2618444) Security Update for Windows Internet Explorer 8 (KB2647516) Security Update for Windows Internet Explorer 8 (KB2675157) Security Update for Windows Internet Explorer 8 (KB2699988) Security Update for Windows Internet Explorer 8 (KB2722913) Security Update for Windows Internet Explorer 8 (KB2744842) Security Update for Windows Internet Explorer 8 (KB2761465) Security Update for Windows Internet Explorer 8 (KB2792100) Security Update for Windows Internet Explorer 8 (KB2797052) Security Update for Windows Internet Explorer 8 (KB2799329) Security Update for Windows Internet Explorer 8 (KB2809289) Security Update for Windows Internet Explorer 8 (KB2817183) Security Update for Windows Internet Explorer 8 (KB2829530) Security Update for Windows Internet Explorer 8 (KB2838727) Security Update for Windows Internet Explorer 8 (KB2846071) Security Update for Windows Internet Explorer 8 (KB2847204) Security Update for Windows Internet Explorer 8 (KB2862772) Security Update for Windows Internet Explorer 8 (KB2870699) Security Update for Windows Internet Explorer 8 (KB2879017) Security Update for Windows Internet Explorer 8 (KB969897) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB972260) Security Update for Windows Internet Explorer 8 (KB974455) Security Update for Windows Internet Explorer 8 (KB976325) Security Update for Windows Internet Explorer 8 (KB978207) Security Update for Windows Internet Explorer 8 (KB981332) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB2834904-v2) Security Update for Windows Media Player (KB2834904) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows Media Player 9 (KB936782) Security Update for Windows Search 4 - KB963093 Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2160329) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2259922) Security Update for Windows XP (KB2279986) Security Update for Windows XP (KB2286198) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2296199) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2436673) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2476687) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479628) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485376) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2503658) Security Update for Windows XP (KB2503665) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2506223) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2511455) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2536276) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2544893) Security Update for Windows XP (KB2555917) Security Update for Windows XP (KB2562937) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567053) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2621440) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2639417) Security Update for Windows XP (KB2641653) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB2647518) Security Update for Windows XP (KB2653956) Security Update for Windows XP (KB2655992) Security Update for Windows XP (KB2659262) Security Update for Windows XP (KB2660465) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB2676562) Security Update for Windows XP (KB2685939) Security Update for Windows XP (KB2686509) Security Update for Windows XP (KB2691442) Security Update for Windows XP (KB2695962) Security Update for Windows XP (KB2698365) Security Update for Windows XP (KB2705219) Security Update for Windows XP (KB2707511) Security Update for Windows XP (KB2709162) Security Update for Windows XP (KB2712808) Security Update for Windows XP (KB2718523) Security Update for Windows XP (KB2719985) Security Update for Windows XP (KB2723135) Security Update for Windows XP (KB2724197) Security Update for Windows XP (KB2727528) Security Update for Windows XP (KB2731847) Security Update for Windows XP (KB2753842-v2) Security Update for Windows XP (KB2753842) Security Update for Windows XP (KB2757638) Security Update for Windows XP (KB2758857) Security Update for Windows XP (KB2761226) Security Update for Windows XP (KB2770660) Security Update for Windows XP (KB2778344) Security Update for Windows XP (KB2779030) Security Update for Windows XP (KB2780091) Security Update for Windows XP (KB2799494) Security Update for Windows XP (KB2802968) Security Update for Windows XP (KB2807986) Security Update for Windows XP (KB2808735) Security Update for Windows XP (KB2813170) Security Update for Windows XP (KB2813345) Security Update for Windows XP (KB2820197) Security Update for Windows XP (KB2820917) Security Update for Windows XP (KB2829361) Security Update for Windows XP (KB2834886) Security Update for Windows XP (KB2839229) Security Update for Windows XP (KB2845187) Security Update for Windows XP (KB2847311) Security Update for Windows XP (KB2849470) Security Update for Windows XP (KB2850851) Security Update for Windows XP (KB2850869) Security Update for Windows XP (KB2859537) Security Update for Windows XP (KB2862330) Security Update for Windows XP (KB2862335) Security Update for Windows XP (KB2864063) Security Update for Windows XP (KB2868038) Security Update for Windows XP (KB2876217) Security Update for Windows XP (KB2876315) Security Update for Windows XP (KB2883150) Security Update for Windows XP (KB893066) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977165) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978251) Security Update for Windows XP (KB978262) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981852) Security Update for Windows XP (KB981957) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982214) Security Update for Windows XP (KB982665) Security Update for Windows XP (KB982802) Shared C Run-time for x86 SierraHome Print Artist 8.0 Skins SolutionCenter SPORE™ Spybot - Search & Destroy SpywareBlaster 4.4 SpywareGuard v2.2 Status swMSM TERA Toolbox TrayApp TRENDnet TEW-421PC or TEW-423PI Unity Web Player Unload Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft Windows (KB971513) Update for Windows Internet Explorer 8 (KB2598845) Update for Windows Internet Explorer 8 (KB2632503) Update for Windows Internet Explorer 8 (KB971180) Update for Windows Internet Explorer 8 (KB976662) Update for Windows Internet Explorer 8 (KB976749) Update for Windows Internet Explorer 8 (KB980182) Update for Windows Internet Explorer 8 (KB982632) Update for Windows XP (KB2141007) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2492386) Update for Windows XP (KB2541763) Update for Windows XP (KB2607712) Update for Windows XP (KB2616676) Update for Windows XP (KB2641690) Update for Windows XP (KB2661254-v2) Update for Windows XP (KB2718704) Update for Windows XP (KB2736233) Update for Windows XP (KB2749655) Update for Windows XP (KB2808679) Update for Windows XP (KB2863058) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB955839) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) ViewNX 2 WebFldrs XP WebReg Wild Things Pets Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Live ID Sign-in Assistant Windows Management Framework Core Windows Media Format 11 runtime Windows Media Hotfix - KB895181 Windows Media Player 11 Windows XP Service Pack 3 WinX DVD Ripper 5.5.1 Wizard101 Yahoo! Toolbar . ==== Event Viewer Messages From Past Week ======== . 10/8/2013 5:20:46 PM, error: Print [19] - Sharing printer failed + 1722, Printer Microsoft XPS Document Writer share name Printer4. 10/7/2013 8:09:35 AM, error: Print [19] - Sharing printer failed + 1722, Printer HP Photosmart A610 series share name Printer5. 10/5/2013 12:22:08 PM, error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\D. 10/5/2013 10:58:28 AM, error: Service Control Manager [7000] - The npkcrypt service failed to start due to the following error: The system cannot find the path specified. 10/5/2013 10:58:17 AM, error: NIC1394 [5002] - 1394 Net Adapter #2 : Has determined that the adapter is not functioning properly. 10/4/2013 9:09:25 AM, error: Disk [11] - The driver detected a controller error on \Device\Harddisk0\D. 10/4/2013 8:42:33 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the SSDP Discovery Service service to connect. 10/4/2013 8:42:33 AM, error: Service Control Manager [7000] - The SSDP Discovery Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 10/4/2013 7:47:13 AM, error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\D. 10/4/2013 7:29:30 AM, error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\D. 10/11/2013 10:09:45 AM, error: SideBySide [36] - The assembly x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.23084_x-ww_f3f35550 has missing or invalid files; recovery of this assembly failed. 10/11/2013 1:23:12 PM, error: Service Control Manager [7005] - The LoadUserProfile call failed with the following error: The process cannot access the file because it is being used by another process. 10/10/2013 6:43:02 PM, error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\D. . ==== End Of File ===========================

malwarebytes found 17 items. i had them removed. Im having trouble with the dds you want me to run. The link isnt working for me. I click on it, a window opens, then IE blocks it from opening it all the way. I click on the yellow tab to allow the file to download, and nothing happens.

This is my wife's PC. The other day my daughter was on it playing games. Then the pc shutdown and started back up on its own. When rebooting, it said there was some windows files that were corrupt. I used the start with last known configuration option and it booted up. Then it said it needed the XP cd to replace some files that were bad. I inserted it, and it copied over some files. Ever since then, the CPU has been running eratically, from 2% to 100%. Therefore i feel its been infected with something, so in here to ask for help. By the way, shes running XP pro.

Alot better! Some other programs would not show thumbnails before, and now they are. We are using Mcaffee Security Center, have any recommendations on another Security Center to use?

Here is the Eset results: Esetresults.txt

You asked to remove the application Getsavin. When i went to control panel, and clicked on the remove, it said it might have already been removed, click OK, to remove from the list. So i did. Here is the results for Malware: Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.06.23.01 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Mike :: TRON33 [administrator] 6/23/2013 4:05:07 AM mbam-log-2013-06-23 (04-05-07).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 241842 Time elapsed: 10 minute(s), 29 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Here is Roguekiller: RogueKiller V8.6.1 [Jun 19 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : Mike [Admin rights] Mode : Scan -- Date : 06/23/2013 04:24:23 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 3 ¤¤¤ [HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND [HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST3500418AS +++++ --- User --- [MBR] 274abf4202f56e82721d0460acd6960c [bSP] 32983720ae5a1b934daac9c779f105a5 : Empty MBR Code Partition table: 0 - [ACTIVE] EXTEN (0x05) [VISIBLE] Offset (sectors): 1008 | Size: 476939 Mo User = LL1 ... OK! Error reading LL2 MBR! +++++ PhysicalDrive1: ST3500418AS +++++ --- User --- [MBR] 8b7bd9802c7265530a824b78b2c400a0 [bSP] d602d0ad0fb07330c62657bd886a6d8f : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476929 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[0]_S_06232013_042423.txt >>