Dora2013

It is now running smoothly and a lot faster. Thank you so much for your help

and here is the security log Results of screen317's Security Check version 0.99.63 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Norton 360 WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Java 7 Update 17 Java version out of Date! Adobe Reader 10.1.6 Adobe Reader out of Date! Google Chrome 26.0.1410.64 ````````Process Check: objlist.exe by Laurent```````` Norton ccSvcHst.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 6% ````````````````````End of Log``````````````````````

o so i have done the sart up lite thanks and also the otl with the above commands, log is here, i will do the security check now and post them next All processes killed ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IntelTBRunOnce not found. Registry value HKEY_USERS\S-1-5-21-2778816384-1052430406-1639427989-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully. C:\Users\Dora n Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk moved successfully. C:\Users\Dora n Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk moved successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully. File Protocol\Handler\livecall - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully. File Protocol\Handler\msnim - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully. File Protocol\Handler\skype4com - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully. File Protocol\Handler\wlmailhtml - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully. File Protocol\Handler\wlpg - No CLSID value found not found. 64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. ========== COMMANDS ========== [EMPTYJAVA] User: All Users User: Default User: Default User User: Dora n Tony ->Java cache emptied: 1321840 bytes User: Mcx1-MAWFAMILY User: Public User: UpdatusUser Total Java Files Cleaned = 1.00 mb [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 56504 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Dora n Tony ->Temp folder emptied: 1380156 bytes ->Temporary Internet Files folder emptied: 3449861 bytes ->Java cache emptied: 0 bytes ->Google Chrome cache emptied: 163868052 bytes ->Apple Safari cache emptied: 2287616 bytes ->Flash cache emptied: 15488376 bytes User: Mcx1-MAWFAMILY ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: Public ->Temp folder emptied: 0 bytes User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 6548 bytes %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 8399027 bytes %systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 761 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42304810 bytes RecycleBin emptied: 37636 bytes Total Files Cleaned = 226.00 mb [EMPTYFLASH] User: All Users User: Default ->Flash cache emptied: 0 bytes User: Default User ->Flash cache emptied: 0 bytes User: Dora n Tony ->Flash cache emptied: 0 bytes User: Mcx1-MAWFAMILY User: Public User: UpdatusUser Total Flash Files Cleaned = 0.00 mb OTL by OldTimer - Version 3.2.69.0 log created on 05052013_131404 Files\Folders moved on Reboot... C:\Users\Dora n Tony\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Users\Dora n Tony\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully. File move failed. C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot. PendingFileRenameOperations files... Registry entries deleted on Reboot...

and the second log file thanks OTL logfile created on: 5/5/2013 10:10:22 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dora n Tony\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 5.92 Gb Total Physical Memory | 3.51 Gb Available Physical Memory | 59.25% Memory free 11.83 Gb Paging File | 9.05 Gb Available in Paging File | 76.46% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 581.42 Gb Total Space | 431.95 Gb Free Space | 74.29% Space Free | Partition Type: NTFS Computer Name: MAWFAMILY | User Name: Dora n Tony | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/05/05 10:09:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dora n Tony\Downloads\OTL (1).exe PRC - [2013/05/03 11:10:24 | 000,216,968 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2013/03/27 16:18:02 | 001,098,072 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe PRC - [2013/03/27 16:17:42 | 000,185,688 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe PRC - [2013/01/26 08:08:30 | 004,480,768 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Dora n Tony\AppData\Local\Akamai\netsession_win.exe PRC - [2012/12/24 04:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccsvchst.exe PRC - [2012/12/18 07:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012/10/08 11:42:54 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012/07/03 09:04:58 | 000,507,312 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe PRC - [2012/06/11 14:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE PRC - [2012/02/23 10:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe PRC - [2011/10/01 06:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2011/10/01 06:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2011/09/06 18:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe PRC - [2011/08/18 16:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe PRC - [2011/08/18 16:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe PRC - [2011/08/01 18:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe PRC - [2011/05/30 08:29:22 | 001,719,144 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe PRC - [2011/05/30 08:29:20 | 002,055,816 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe PRC - [2011/03/09 09:41:08 | 001,066,896 | ---- | M] () -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe PRC - [2011/01/24 21:34:06 | 000,991,296 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe PRC - [2011/01/24 21:34:04 | 001,298,496 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe PRC - [2011/01/24 21:33:30 | 000,901,184 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe PRC - [2011/01/24 21:33:24 | 000,979,008 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe PRC - [2010/12/21 00:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe PRC - [2010/12/21 00:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe PRC - [2010/07/28 12:30:06 | 000,194,600 | ---- | M] (Ericsson AB) -- C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe ========== Modules (No Company Name) ========== MOD - [2013/02/14 09:34:15 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll MOD - [2013/02/14 09:21:38 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\0783e0b01fd91c2c42abe0cb3e5d0c19\System.Windows.Forms.ni.dll MOD - [2013/01/12 04:38:35 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\25cfdeaf091f16f3f3a7123a91a179ab\System.Xml.Linq.ni.dll MOD - [2013/01/12 04:37:50 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll MOD - [2013/01/12 04:31:17 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll MOD - [2013/01/12 04:30:55 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll MOD - [2013/01/12 04:30:40 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll MOD - [2013/01/12 04:30:38 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll MOD - [2013/01/12 04:30:30 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll MOD - [2013/01/12 04:30:26 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll MOD - [2013/01/12 04:30:23 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll MOD - [2013/01/12 04:30:22 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll MOD - [2013/01/12 04:30:18 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll MOD - [2013/01/12 04:15:59 | 001,140,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\e84f6e595493d43446c332bef53037d7\System.ServiceModel.Discovery.ni.dll MOD - [2013/01/12 04:15:59 | 000,369,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\493c3275f10762281d4cba1fce042026\System.ServiceModel.Routing.ni.dll MOD - [2013/01/12 04:15:58 | 001,393,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\4c99785b1ee9b7ae74d95c94b6226ab8\System.ServiceModel.Activities.ni.dll MOD - [2013/01/12 04:15:58 | 000,082,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\2a65b75d42df6a08174b979cd74d5753\System.ServiceModel.Channels.ni.dll MOD - [2013/01/12 04:15:56 | 018,123,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\37b9c72e90e8ff7625728e74b2cf344e\System.ServiceModel.ni.dll MOD - [2013/01/12 04:15:38 | 001,079,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\1a6d3252398f388e79db217aca0ff1fb\System.IdentityModel.ni.dll MOD - [2013/01/12 04:14:30 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\ef9efe2d77dcdf2569f1966318793046\System.Runtime.DurableInstancing.ni.dll MOD - [2013/01/12 04:14:29 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\18f1732ae7f2dfa7ff07829f87f3bbd4\System.Runtime.Serialization.ni.dll MOD - [2013/01/12 04:14:29 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\3a93e820db28ae77a6bc36dfdf5bbeb9\SMDiagnostics.ni.dll MOD - [2013/01/12 04:14:27 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\efc821b12c0d47a8af5fd2fbb8409c01\System.Xml.Linq.ni.dll MOD - [2013/01/12 04:14:26 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\2297aa4cb17f43a679db50ea05b2b811\System.Xaml.ni.dll MOD - [2013/01/12 04:08:11 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\c627e9b7f10b01db43645284e601f255\PresentationFramework.ni.dll MOD - [2013/01/12 04:08:01 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\6e5a88684e45c45cddf654a902b9c789\PresentationCore.ni.dll MOD - [2013/01/12 04:07:55 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\5434074a2458956c9a421cf3a8aab676\System.Core.ni.dll MOD - [2013/01/12 04:07:54 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\353fd535963fff2f9086c2f655a47ace\System.Xml.ni.dll MOD - [2013/01/12 04:07:52 | 003,883,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\54fef0787e00fc172cf386ba94bb7f10\WindowsBase.ni.dll MOD - [2013/01/12 04:07:52 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\293b5e60e01e652ae1bf4096bc6e9f9e\System.Drawing.ni.dll MOD - [2013/01/12 04:07:51 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7600fa0122191abced58b5e98303dfb3\System.Configuration.ni.dll MOD - [2013/01/12 04:07:51 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\9471a54aa2b06e04f33b3e5dc9dc412a\PresentationFramework.Aero.ni.dll MOD - [2013/01/12 04:07:49 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\73507c607e4c46f5e04122de0cc5f3fd\System.ni.dll MOD - [2013/01/12 04:07:44 | 014,417,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3ef97e67e8d2c09fd2495ed952e1afbc\mscorlib.ni.dll MOD - [2012/05/30 15:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\wincfi39.dll MOD - [2011/08/18 16:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe MOD - [2011/06/24 20:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011/06/24 20:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011/05/30 08:29:22 | 001,719,144 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe MOD - [2011/05/30 08:29:20 | 002,055,816 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe MOD - [2011/05/30 08:25:32 | 007,938,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\QtGui4.dll MOD - [2011/05/30 08:25:32 | 002,225,664 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\QtCore4.dll MOD - [2010/02/12 12:53:46 | 000,058,880 | R--- | M] () -- C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\MBMDebug.dll ========== Services (SafeList) ========== SRV:64bit: - [2011/03/09 09:10:40 | 000,288,768 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService) SRV:64bit: - [2010/12/17 20:41:32 | 001,515,792 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV:64bit: - [2010/12/17 20:28:46 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV:64bit: - [2010/12/17 20:26:50 | 000,836,880 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV:64bit: - [2010/11/29 21:00:56 | 000,149,504 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV:64bit: - [2010/09/23 00:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2009/11/17 16:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters) SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2013/04/17 21:30:36 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/04/08 10:36:56 | 000,032,808 | ---- | M] (Just Develop It) [Auto | Running] -- C:\Program Files (x86)\MyPC Backup\BackupStack.exe -- (BackupStack) SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2013/03/27 16:17:42 | 000,185,688 | ---- | M] (Garmin Ltd or its subsidiaries) [Auto | Running] -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe -- (Garmin Core Update Service) SRV - [2013/03/25 15:23:09 | 004,561,152 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll -- (Akamai) SRV - [2013/02/28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/12/24 04:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe -- (N360) SRV - [2012/12/18 07:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/10/08 11:42:54 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012/06/11 14:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate) SRV - [2012/06/11 14:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc) SRV - [2011/10/01 06:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011/10/01 06:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011/08/18 16:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService) SRV - [2011/03/09 09:41:10 | 000,491,920 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC) SRV - [2011/03/09 09:41:08 | 001,066,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME) SRV - [2011/01/24 21:34:06 | 000,991,296 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service) SRV - [2011/01/24 21:34:04 | 001,298,496 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service) SRV - [2011/01/24 21:33:30 | 000,901,184 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor) SRV - [2010/12/21 00:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010/12/21 00:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010/10/12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService) SRV - [2010/09/04 07:15:22 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12) SRV - [2010/09/04 07:14:26 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM) SRV - [2010/03/18 11:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013/04/24 20:28:08 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6) DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2013/02/06 08:42:10 | 000,203,544 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:64bit: - [2013/02/06 08:42:08 | 000,102,936 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:64bit: - [2013/01/31 04:18:18 | 000,432,800 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symnets.sys -- (SymNetS) DRV:64bit: - [2013/01/31 04:18:06 | 001,139,800 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symefa64.sys -- (SymEFA) DRV:64bit: - [2013/01/29 02:45:19 | 000,796,248 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\1403010.016\srtsp64.sys -- (SRTSP) DRV:64bit: - [2013/01/29 02:45:19 | 000,036,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1403010.016\srtspx64.sys -- (SRTSPX) DRV:64bit: - [2013/01/22 03:15:33 | 000,493,656 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symds64.sys -- (SymDS) DRV:64bit: - [2012/12/27 18:28:46 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent) DRV:64bit: - [2012/11/16 03:22:01 | 000,224,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1403010.016\ironx64.sys -- (SymIRON) DRV:64bit: - [2012/11/16 03:18:04 | 000,168,096 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1403010.016\ccsetx64.sys -- (ccSet_N360) DRV:64bit: - [2012/10/08 11:42:36 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:64bit: - [2012/10/08 11:42:14 | 000,284,008 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nvkflt.sys -- (nvkflt) DRV:64bit: - [2012/09/28 11:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012/04/18 10:05:16 | 000,019,304 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb) DRV:64bit: - [2012/03/26 22:45:14 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss) DRV:64bit: - [2012/03/08 16:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011/10/27 02:25:52 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm) DRV:64bit: - [2011/10/27 02:25:52 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) DRV:64bit: - [2011/10/27 02:25:52 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl) DRV:64bit: - [2011/10/27 02:25:42 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm) DRV:64bit: - [2011/10/27 02:25:42 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) DRV:64bit: - [2011/10/27 02:25:42 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb) DRV:64bit: - [2011/10/27 02:25:42 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) DRV:64bit: - [2011/10/01 06:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2011/10/01 06:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2011/10/01 06:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2011/10/01 06:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011/01/24 08:24:52 | 000,058,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux) DRV:64bit: - [2011/01/24 08:24:50 | 000,053,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmaud.sys -- (btmaudio) DRV:64bit: - [2011/01/24 08:22:48 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex) DRV:64bit: - [2011/01/24 07:56:06 | 000,274,944 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf) DRV:64bit: - [2011/01/13 02:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010/12/22 10:08:48 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) DRV:64bit: - [2010/12/20 07:44:42 | 000,020,552 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dgderdrv.sys -- (dgderdrv) DRV:64bit: - [2010/12/20 07:42:04 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk) DRV:64bit: - [2010/12/17 18:06:32 | 001,404,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2010/12/15 18:02:04 | 000,174,168 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR) DRV:64bit: - [2010/12/13 18:34:14 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler) DRV:64bit: - [2010/12/12 15:18:36 | 000,121,960 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB) DRV:64bit: - [2010/11/29 21:00:04 | 000,016,120 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:64bit: - [2010/11/29 14:23:18 | 012,252,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010/11/19 19:34:26 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2010/11/19 19:34:26 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2010/11/12 13:40:50 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2010/10/20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2010/10/15 17:28:18 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2010/08/20 19:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn) DRV:64bit: - [2010/08/12 16:51:30 | 000,175,168 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt) DRV:64bit: - [2010/07/31 00:36:38 | 000,025,072 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0) DRV:64bit: - [2010/07/13 03:38:06 | 000,029,288 | ---- | M] (Quanta Computer) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qicflt.sys -- (qicflt) DRV:64bit: - [2010/03/19 09:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2010/02/27 08:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2008/05/06 14:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM) DRV:64bit: - [2006/11/01 18:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV - [2013/04/13 00:53:05 | 001,390,680 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130412.001\BHDrvx64.sys -- (BHDrvx64) DRV - [2013/01/16 16:02:57 | 002,087,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130504.007\ex64.sys -- (NAVEX15) DRV - [2013/01/16 16:02:57 | 000,126,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130504.007\eng64.sys -- (NAVENG) DRV - [2012/12/26 18:16:32 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130503.001\IDSviA64.sys -- (IDSVia64) DRV - [2012/08/22 18:51:05 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) DRV - [2012/08/22 18:51:05 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2010/12/20 07:42:04 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk) DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0FAE7382-38B5-4B8F-8170-7508B6C443D6}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{35e9438f-19d4-4516-b2ac-59ba9241de4d}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=9Nxdm038YYqa&ptb=7020143A-AADB-49BC-B947-E3F8B3EB4506&ind=2011100702&ptnrS=9Nxdm038YYqa&si=89660&n=77def61e&psa=&st=sb&searchfor={searchTerms} IE - HKLM\..\SearchScopes\{75B05CFA-007E-0BFC-A0BB-450906507DF5}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10002&barid={4B60C20D-B269-11E1-8E1D-BD92C4DE101E} IE - HKLM\..\SearchScopes\{9a3b19bb-9b55-4dd7-b8a2-fb2bad65cc3b}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=Z9xdm068YYqa&ptb=980F191F-D6FC-4978-A133-734C23BCA364&psa=&ind=2011100705&ptnrS=Z9xdm068YYqa&si=&st=sb&n=77def621&searchfor={searchTerms} IE - HKLM\..\SearchScopes\{C156A50D-D3F0-452D-B056-33E662389FEE}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2778816384-1052430406-1639427989-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default.aspx?c=ae&l=ar&s=gen IE - HKU\S-1-5-21-2778816384-1052430406-1639427989-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2778816384-1052430406-1639427989-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2778816384-1052430406-1639427989-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.uk.msn.com/ IE - HKU\S-1-5-21-2778816384-1052430406-1639427989-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB IE - HKU\S-1-5-21-2778816384-1052430406-1639427989-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8F 83 C0 87 20 49 CE 01 [binary data] IE - HKU\S-1-5-21-2778816384-1052430406-1639427989-1002\..\SearchScopes,Backup.Old.DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} IE - HKU\S-1-5-21-2778816384-1052430406-1639427989-1002\..\SearchScopes,DefaultScope = {0FAE7382-38B5-4B8F-8170-7508B6C443D6} IE - HKU\S-1-5-21-2778816384-1052430406-1639427989-1002\..\SearchScopes\{01FC34EA-A919-40C1-9794-DBCA0014DB7D}: "URL" = http://www.google.com/search?q={searchTerms}'>http://www.google.com/search?q={searchTerms} IE - HKU\S-1-5-21-2778816384-1052430406-1639427989-1002\..\SearchScopes\{145671D5-9229-44FC-B1A7-9C78A7839B79}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=F3A6C623-6468-472E-9791-A983C21B078E&apn_sauid=498B17BB-96AC-4090-B699-7B2E9145B2F5 IE - HKU\S-1-5-21-2778816384-1052430406-1639427989-1002\..\SearchScopes\{35e9438f-19d4-4516-b2ac-59ba9241de4d}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=9Nxdm038YYqa&ptb=7020143A-AADB-49BC-B947-E3F8B3EB4506&ind=2011100702&ptnrS=9Nxdm038YYqa&si=89660&n=77def61e&psa=&st=sb&searchfor={searchTerms} IE - HKU\S-1-5-21-2778816384-1052430406-1639427989-1002\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = http://start.iplay.com/searchresults.aspx?o=chrome&q={searchTerms} IE - HKU\S-1-5-21-2778816384-1052430406-1639427989-1002\..\SearchScopes\{75B05CFA-007E-0BFC-A0BB-450906507DF5}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10002&barid={4B60C20D-B269-11E1-8E1D-BD92C4DE101E} IE - HKU\S-1-5-21-2778816384-1052430406-1639427989-1002\..\SearchScopes\{9a3b19bb-9b55-4dd7-b8a2-fb2bad65cc3b}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=Z9xdm068YYqa&ptb=980F191F-D6FC-4978-A133-734C23BCA364&psa=&ind=2011100705&ptnrS=Z9xdm068YYqa&si=&st=sb&n=77def621&searchfor={searchTerms} IE - HKU\S-1-5-21-2778816384-1052430406-1639427989-1002\..\SearchScopes\{B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF}: "URL" = http://www.amazon.co.uk/gp/bit/amazonserp/ref=bit_bds-p23_serp_ie_uk_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_7cba60bf435149239e64947da9c035a1_39_1006_20130419_GB_ie_ds_&query={searchTerms} IE - HKU\S-1-5-21-2778816384-1052430406-1639427989-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2778816384-1052430406-1639427989-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local> ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media ) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Users\Dora n Tony\AppData\Local\Roblox\Versions\version-12f64e18967d4a22\\NPRobloxProxy.dll () FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Dora n Tony\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Dora n Tony\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Dora n Tony\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Dora n Tony\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dora n Tony\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dora n Tony\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Dora n Tony\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ [2013/05/05 10:06:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\quickprint@hp.com: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011/01/26 15:27:28 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\ [2012/12/27 18:33:18 | 000,000,000 | ---D | M] [2012/01/05 15:52:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dora n Tony\AppData\Roaming\Mozilla\Firefox\extensions [2012/01/05 15:52:08 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\Dora n Tony\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - homepage: http://www.google.com/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\gcswf32.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Dora n Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Fun Web Products Plugin Stub (Enabled) = C:\Program Files (x86)\FunWebProducts\Installr\1.bin\NPFunWeb.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files (x86)\MyOwnSuperhero\bar\1.bin\NPv3Stub.dll CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files (x86)\MyScrapNook_12\bar\1.bin\NP12Stub.dll CHR - plugin: My Web Search Plugin Stub (Enabled) = C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMyWebS.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Unity Player (Enabled) = C:\Users\Dora n Tony\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\Users\Dora n Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google Search = C:\Users\Dora n Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Skype Click to Call = C:\Users\Dora n Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.6.0.11664_0\ CHR - Extension: Norton Identity Protection = C:\Users\Dora n Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.3.3.19_0\ CHR - Extension: Gmail = C:\Users\Dora n Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ CHR - Extension: YouTube = C:\Users\Dora n Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google Search = C:\Users\Dora n Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Skype Click to Call = C:\Users\Dora n Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.6.0.11664_0\ CHR - Extension: Norton Identity Protection = C:\Users\Dora n Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.3.3.19_0\ CHR - Extension: Gmail = C:\Users\Dora n Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2013/05/05 00:36:04 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coieplg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ips\ipsbho.dll (Symantec Corporation) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coieplg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-2778816384-1052430406-1639427989-1002\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coieplg.dll (Symantec Corporation) O4:64bit: - HKLM..\Run: [bTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation) O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe () O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKU\S-1-5-21-2778816384-1052430406-1639427989-1000..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2778816384-1052430406-1639427989-1000..\Run: [WirelessManager] C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe (Ericsson AB) O4 - HKU\S-1-5-21-2778816384-1052430406-1639427989-1002..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung) O4 - HKU\S-1-5-21-2778816384-1052430406-1639427989-1002..\Run: [Akamai NetSession Interface] C:\Users\Dora n Tony\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKU\S-1-5-21-2778816384-1052430406-1639427989-1002..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries) O4 - HKU\S-1-5-21-2778816384-1052430406-1639427989-1002..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.) O4 - HKU\S-1-5-21-2778816384-1052430406-1639427989-1002..\Run: [WirelessManager] C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe (Ericsson AB) O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell) O4 - HKU\S-1-5-21-2778816384-1052430406-1639427989-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Dora n Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk = File not found O4 - Startup: C:\Users\Dora n Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk = File not found O4 - Startup: C:\Users\Dora n Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2778816384-1052430406-1639427989-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2778816384-1052430406-1639427989-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2778816384-1052430406-1639427989-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2778816384-1052430406-1639427989-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard) O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-2778816384-1052430406-1639427989-1002\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-2778816384-1052430406-1639427989-1002\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-2778816384-1052430406-1639427989-1002\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-2778816384-1052430406-1639427989-1002\..Trusted Domains: sony.com ([]* in Trusted sites) O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} Reg Error: Key error. (GameTap Player) O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E92D631D-654C-4F7C-BDDF-5F57B2E3BD2E}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/05/05 01:23:39 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump [2013/05/05 00:45:36 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013/05/05 00:38:27 | 000,000,000 | ---D | C] -- C:\Windows\temp [2013/05/04 23:50:39 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013/05/04 23:50:39 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013/05/04 23:50:39 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013/05/04 23:42:44 | 000,000,000 | ---D | C] -- C:\Qoobox [2013/05/04 23:42:20 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013/05/04 23:40:28 | 005,065,726 | R--- | C] (Swearware) -- C:\Users\Dora n Tony\Desktop\ComboFix.exe [2013/05/04 22:48:20 | 000,000,000 | ---D | C] -- C:\Users\Dora n Tony\AppData\Local\WinZip [2013/05/04 22:47:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip [2013/05/04 22:46:51 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip [2013/05/04 22:46:50 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip [2013/05/04 22:44:05 | 000,368,856 | ---- | C] (WinZip Computing) -- C:\Users\Dora n Tony\Desktop\WinZip170.exe [2013/05/04 22:36:00 | 000,000,000 | ---D | C] -- C:\Users\Dora n Tony\Desktop\New folder [2013/05/04 19:56:49 | 000,000,000 | ---D | C] -- C:\Users\Dora n Tony\AppData\Local\{1F2F3DC6-2E66-463E-8EC2-45F49E516EE9} [2013/05/04 16:29:32 | 000,000,000 | ---D | C] -- C:\Users\Dora n Tony\Desktop\RK_Quarantine [2013/05/03 23:26:23 | 000,000,000 | ---D | C] -- C:\Users\Dora n Tony\AppData\Local\NPE [2013/05/03 21:31:13 | 000,000,000 | ---D | C] -- C:\Users\Dora n Tony\AppData\Roaming\Malwarebytes [2013/05/03 21:31:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013/05/03 21:31:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013/05/03 21:31:08 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013/05/03 21:31:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013/05/03 21:24:32 | 000,000,000 | ---D | C] -- C:\Users\Dora n Tony\AppData\Roaming\Foresight Software [2013/05/03 21:24:32 | 000,000,000 | ---D | C] -- C:\Users\Dora n Tony\AppData\Roaming\DriverCure [2013/05/03 21:24:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Foresight Software [2013/05/03 21:24:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foresight Software [2013/05/01 21:41:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2013/04/24 20:28:08 | 000,042,184 | ---- | C] (Anchorfree Inc.) -- C:\Windows\SysNative\drivers\taphss6.sys [2013/04/24 20:18:34 | 000,046,792 | ---- | C] (AnchorFree Inc.) -- C:\Windows\SysNative\drivers\hssdrv6.sys [2013/04/19 14:34:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Systweak [2013/04/19 14:34:01 | 000,000,000 | ---D | C] -- C:\Users\Dora n Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup [2013/04/19 14:34:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup [2013/04/19 14:33:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amazon [2013/04/19 14:32:36 | 000,000,000 | ---D | C] -- C:\Users\Dora n Tony\AppData\Local\Programs [2013/04/19 14:32:32 | 000,000,000 | ---D | C] -- C:\Users\Dora n Tony\AppData\Roaming\Systweak [2013/04/19 14:32:30 | 000,020,312 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\SysNative\roboot64.exe [2013/04/06 11:55:49 | 000,000,000 | ---D | C] -- C:\Users\Dora n Tony\Documents\Dor's Garmin [2013/04/06 11:44:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache [2013/04/05 21:38:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garmin GPS Plugin [2013/04/05 21:38:49 | 000,000,000 | ---D | C] -- C:\Program Files\Garmin GPS Plugin [2011/12/25 11:54:11 | 000,689,552 | ---- | C] (MindSpark) -- C:\Program Files (x86)\j2Uninstall SoccerInferno.dll [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/05/05 10:10:25 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/05/05 10:10:25 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/05/05 10:09:14 | 000,727,398 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/05/05 10:09:14 | 000,629,326 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/05/05 10:09:14 | 000,111,220 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/05/05 10:03:44 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/05/05 10:03:33 | 000,001,960 | ---- | M] () -- C:\Users\Dora n Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3050A J611 series.lnk [2013/05/05 10:02:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/05/05 10:02:33 | 469,372,927 | -HS- | M] () -- C:\hiberfil.sys [2013/05/05 01:15:01 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2778816384-1052430406-1639427989-1002UA.job [2013/05/05 01:15:01 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/05/05 01:01:00 | 000,000,268 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Messager.job [2013/05/05 00:36:04 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013/05/05 00:33:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/05/05 00:23:14 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2778816384-1052430406-1639427989-1002UA.job [2013/05/04 23:40:43 | 005,065,726 | R--- | M] (Swearware) -- C:\Users\Dora n Tony\Desktop\ComboFix.exe [2013/05/04 22:48:05 | 012,917,756 | ---- | M] () -- C:\Users\Dora n Tony\Desktop\mbar-1.05.0.1001.zip [2013/05/04 22:47:01 | 000,002,283 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk [2013/05/04 22:44:05 | 000,368,856 | ---- | M] (WinZip Computing) -- C:\Users\Dora n Tony\Desktop\WinZip170.exe [2013/05/04 17:12:06 | 000,628,743 | ---- | M] () -- C:\Users\Dora n Tony\Desktop\adwcleaner.exe [2013/05/04 16:51:17 | 000,791,040 | ---- | M] () -- C:\Users\Dora n Tony\Desktop\RogueKillerX64 (1).exe [2013/05/04 15:34:54 | 000,002,285 | ---- | M] () -- C:\Users\Dora n Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2013/05/04 15:34:54 | 000,002,261 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013/05/04 15:05:50 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2778816384-1052430406-1639427989-1002Core.job [2013/05/04 14:52:19 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2778816384-1052430406-1639427989-1002Core.job [2013/05/03 23:26:31 | 002,456,939 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\Cat.DB [2013/05/03 23:15:38 | 000,000,454 | ---- | M] () -- C:\Windows\tasks\PC Helper 360.job [2013/05/03 21:31:09 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013/05/02 10:33:00 | 000,002,360 | ---- | M] () -- C:\{B5F016AD-A30A-4BD4-B909-2B6AA87EC50D} [2013/05/01 03:04:48 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2013/05/01 03:04:48 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2013/04/24 20:28:08 | 000,042,184 | ---- | M] (Anchorfree Inc.) -- C:\Windows\SysNative\drivers\taphss6.sys [2013/04/24 20:18:34 | 000,046,792 | ---- | M] (AnchorFree Inc.) -- C:\Windows\SysNative\drivers\hssdrv6.sys [2013/04/19 14:34:22 | 000,001,207 | ---- | M] () -- C:\Users\Public\Desktop\Advanced System Protector.lnk [2013/04/19 14:34:01 | 000,001,103 | ---- | M] () -- C:\Users\Dora n Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk [2013/04/19 14:34:01 | 000,001,093 | ---- | M] () -- C:\Users\Dora n Tony\Desktop\MyPC Backup.lnk [2013/04/17 21:25:56 | 000,014,818 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1403010.016\VT20130115.021 [2013/04/13 14:07:47 | 000,323,104 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013/04/06 11:44:42 | 000,001,890 | ---- | M] () -- C:\Users\Public\Desktop\Garmin Express.lnk [2013/04/06 10:59:32 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/05/04 23:50:39 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013/05/04 23:50:39 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013/05/04 23:50:39 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013/05/04 23:50:39 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013/05/04 23:50:39 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013/05/04 22:48:05 | 012,917,756 | ---- | C] () -- C:\Users\Dora n Tony\Desktop\mbar-1.05.0.1001.zip [2013/05/04 22:47:00 | 000,002,283 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk [2013/05/04 17:12:05 | 000,628,743 | ---- | C] () -- C:\Users\Dora n Tony\Desktop\adwcleaner.exe [2013/05/04 17:03:36 | 000,161,728 | ---- | C] () -- C:\Program Files (x86)\12res.dll [2013/05/04 16:51:17 | 000,791,040 | ---- | C] () -- C:\Users\Dora n Tony\Desktop\RogueKillerX64 (1).exe [2013/05/03 21:31:09 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013/05/03 21:24:23 | 000,000,454 | ---- | C] () -- C:\Windows\tasks\PC Helper 360.job [2013/05/02 10:32:57 | 000,002,360 | ---- | C] () -- C:\{B5F016AD-A30A-4BD4-B909-2B6AA87EC50D} [2013/05/01 03:04:48 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2013/05/01 03:04:48 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2013/04/19 14:34:22 | 000,001,207 | ---- | C] () -- C:\Users\Public\Desktop\Advanced System Protector.lnk [2013/04/19 14:34:20 | 000,016,896 | ---- | C] () -- C:\Windows\SysNative\sasnative64.exe [2013/04/19 14:34:01 | 000,001,103 | ---- | C] () -- C:\Users\Dora n Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk [2013/04/19 14:34:01 | 000,001,093 | ---- | C] () -- C:\Users\Dora n Tony\Desktop\MyPC Backup.lnk [2013/04/06 11:44:42 | 000,001,890 | ---- | C] () -- C:\Users\Public\Desktop\Garmin Express.lnk [2012/09/12 18:41:05 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini [2012/05/22 15:58:57 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\cd.dat [2012/05/07 17:21:35 | 000,226,125 | ---- | C] () -- C:\Users\Dora n Tony\SCAN9207_000.pdf [2012/04/12 12:26:33 | 000,000,107 | ---- | C] () -- C:\Windows\ka.ini [2011/12/25 11:54:11 | 000,161,728 | ---- | C] () -- C:\Program Files (x86)\j2res.dll [2011/10/28 09:20:50 | 000,735,610 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/08/19 16:27:38 | 000,009,216 | ---- | C] () -- C:\Users\Dora n Tony\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/08/14 15:02:20 | 000,000,000 | ---- | C] () -- C:\Users\Dora n Tony\AppData\Local\{F9AEF232-F450-4BC9-A09E-84515B37E49F} [2011/07/08 12:42:15 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2011/07/08 12:16:42 | 000,000,000 | ---- | C] () -- C:\Users\Dora n Tony\AppData\Local\rx_image32.Cache [2011/07/02 18:35:00 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011/06/07 09:13:38 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2011/06/07 09:13:38 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2011/06/07 09:13:38 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2011/06/07 09:13:38 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2011/06/07 09:13:38 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe ========== ZeroAccess Check ========== [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2011/11/13 06:56:50 | 000,000,000 | ---D | M] -- C:\Users\Dora n Tony\AppData\Roaming\Awem [2012/07/27 12:04:18 | 000,000,000 | ---D | M] -- C:\Users\Dora n Tony\AppData\Roaming\Azureus [2012/09/04 21:25:51 | 000,000,000 | ---D | M] -- C:\Users\Dora n Tony\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1 [2011/09/30 06:12:49 | 000,000,000 | ---D | M] -- C:\Users\Dora n Tony\AppData\Roaming\Boomzap [2012/09/01 13:40:03 | 000,000,000 | ---D | M] -- C:\Users\Dora n Tony\AppData\Roaming\com.w3i.plyt [2013/05/03 21:24:32 | 000,000,000 | ---D | M] -- C:\Users\Dora n Tony\AppData\Roaming\DriverCure [2011/10/15 07:37:34 | 000,000,000 | ---D | M] -- C:\Users\Dora n Tony\AppData\Roaming\EleFun Games [2011/12/10 12:25:43 | 000,000,000 | ---D | M] -- C:\Users\Dora n Tony\AppData\Roaming\EscapeFromParadise2 [2011/07/02 16:48:37 | 000,000,000 | ---D | M] -- C:\Users\Dora n Tony\AppData\Roaming\Fingertapps [2013/05/03 21:24:32 | 000,000,000 | ---D | M] -- C:\Users\Dora n Tony\AppData\Roaming\Foresight Software [2012/01/08 09:37:48 | 000,000,000 | ---D | M] -- C:\Users\Dora n Tony\AppData\Roaming\FreeArc [2013/04/06 11:45:08 | 000,000,000 | ---D | M] -- C:\Users\Dora n Tony\AppData\Roaming\Garmin [2012/06/01 09:16:32 | 000,000,000 | ---D | M] -- C:\Users\Dora n Tony\AppData\Roaming\Kaneva [2011/12/18 07:18:30 | 000,000,000 | ---D | M] -- C:\Users\Dora n Tony\AppData\Roaming\Kuma Games [2011/12/26 11:24:07 | 000,000,000 | ---D | M] -- C:\Users\Dora n Tony\AppData\Roaming\LolClient [2011/08/13 14:11:17 | 000,000,000 | ---D | M] -- C:\Users\Dora n Tony\AppData\Roaming\Participatory Culture Foundation [2011/07/05 16:23:15 | 000,000,000 | ---D | M] -- C:\Users\Dora n Tony\AppData\Roaming\PCDr [2011/08/31 13:10:25 | 000,000,000 | ---D | M] -- C:\Users\Dora n Tony\AppData\Roaming\PCF-VLC [2011/11/18 08:41:49 | 000,000,000 | ---D | M] -- C:\Users\Dora n Tony\AppData\Roaming\Registry Mechanic [2013/05/05 01:23:40 | 000,000,000 | ---D | M] -- C:\Users\Dora n Tony\AppData\Roaming\Samsung [2013/05/05 00:56:15 | 000,000,000 | ---D | M] -- C:\Users\Dora n Tony\AppData\Roaming\SoftGrid Client [2013/04/26 17:58:01 | 000,000,000 | ---D | M] -- C:\Users\Dora n Tony\AppData\Roaming\Systweak [2012/02/03 14:39:36 | 000,000,000 | ---D | M] -- C:\Users\Dora n Tony\AppData\Roaming\Temp [2011/10/28 09:21:23 | 000,000,000 | ---D | M] -- C:\Users\Dora n Tony\AppData\Roaming\TP [2011/09/30 11:53:23 | 000,000,000 | ---D | M] -- C:\Users\Dora n Tony\AppData\Roaming\Twilight Games [2011/07/02 18:01:48 | 000,000,000 | ---D | M] -- C:\Users\Dora n Tony\AppData\Roaming\WirelessManager [2011/12/25 11:55:20 | 000,000,000 | ---D | M] -- C:\Users\Dora n Tony\AppData\Roaming\Wondershare ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:6EE8565A @Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:16F4BC64 @Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:D1B5B4F1 @Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:94F67F32 < End of report >

Hi Mr C good Morning to you please find the reports of the old timer test OTL Extras logfile created on: 5/5/2013 10:10:22 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dora n Tony\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 5.92 Gb Total Physical Memory | 3.51 Gb Available Physical Memory | 59.25% Memory free 11.83 Gb Paging File | 9.05 Gb Available in Paging File | 76.46% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 581.42 Gb Total Space | 431.95 Gb Free Space | 74.29% Space Free | Partition Type: NTFS Computer Name: MAWFAMILY | User Name: Dora n Tony | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_USERS\S-1-5-21-2778816384-1052430406-1639427989-1002\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{026E6E9B-9B82-4182-9D10-57423CEDC533}" = lport=2869 | protocol=6 | dir=in | app=system | "{0B05189C-9842-4503-BDB9-74EB2B3BB851}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{0B7620CA-2877-4FA2-9906-48019AC07764}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{0D4E04F7-2E34-4CC8-8010-82CEAA2C635F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{0FB3004C-4B71-45DC-A505-8F1878798A8D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{137A48F9-483B-4F5C-A94A-F5C24A76347E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{17C7DCC1-DADA-4660-84A1-630B73EC4CA3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{19401BFE-F362-41AD-97D2-87E916D40BFD}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{1EE7E7DE-1119-41BD-A1A3-E64B06A74EB1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{236CB419-3C78-4FFF-8973-3835F458ADF1}" = lport=10243 | protocol=6 | dir=in | app=system | "{268ED101-8A65-41F9-9889-625C66E63799}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{2EA5F75B-E6C5-47A9-8000-25FCD464C1B2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{3218E3B6-C132-4418-B229-708FE87D5DE1}" = rport=138 | protocol=17 | dir=out | app=system | "{38F2E87D-0581-406A-8C5B-41ACC655DADE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{3C03F5F6-C4F6-4ADF-87A8-9CB3C144ACDA}" = lport=2869 | protocol=6 | dir=in | app=system | "{3C08930D-A7E5-4888-AADC-3C3AFCDCDDC4}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{3F4FA10C-83C8-4EBA-9992-23F74F85048D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{416A36F3-20ED-4170-ACE6-ADB2A7ECBCA6}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{417B9543-47E8-43F1-808B-C773D886F431}" = rport=137 | protocol=17 | dir=out | app=system | "{42ED8DFE-53B8-481C-A5BE-FCA9870B036E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{4393064D-870B-4471-A55B-5560363EFAA8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{43F7F4BA-D837-40EB-A226-5CA84183FA29}" = lport=137 | protocol=17 | dir=in | app=system | "{5235E532-29A4-4180-BED9-BA5F20ACB49A}" = lport=138 | protocol=17 | dir=in | app=system | "{617958E2-69A0-4ABB-AC3B-748219BC5B1D}" = lport=10244 | protocol=6 | dir=in | app=system | "{6362186F-16E9-42FE-9D1F-F9879FC9A940}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe | "{703A9E69-8126-4BC9-AA6C-3A5EA0D81B3D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{70AE3B58-D084-4D18-AA6D-13775A2CA4B3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{72E3A585-BE01-435A-AD75-D5FE92CB4D4D}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe | "{773B2782-64B9-4B04-ACB5-4A58CA5776C8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{81B4641E-3CF2-482E-8468-B27A7821FD8B}" = lport=139 | protocol=6 | dir=in | app=system | "{835B75E7-B37F-4C74-82B0-5F35CE019E58}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{880A8DD6-9759-4AE4-A54B-FECC5475EEBD}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe | "{8C5186BE-F406-40D5-AA77-8E8941F8EDF4}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{8D123C78-2827-4BAE-B129-1CC1ADBE068D}" = rport=10243 | protocol=6 | dir=out | app=system | "{96E929FA-8834-4E9D-B188-BF37C397ECBD}" = lport=2869 | protocol=6 | dir=in | app=system | "{977DC520-A976-4EA8-9FE4-8CC722671B66}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{9B1B9147-B536-4212-A519-D62274744704}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe | "{9D46294F-B6DF-49DB-A6F9-F52692D49126}" = lport=445 | protocol=6 | dir=in | app=system | "{9E7B4F15-8698-4B32-9A42-53A5EACBDBD3}" = lport=3390 | protocol=6 | dir=in | app=system | "{ADA9F9D0-BFA7-4E5E-B5B6-C7DAE113CBB6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{BD1B47CD-735E-4766-94CD-470272D134A5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{BEEE428D-180C-4F99-86F2-903297C56675}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C02FCCBE-F801-43BA-A8F4-8E2A34B23FBB}" = rport=139 | protocol=6 | dir=out | app=system | "{C4AB0ED2-275F-4DF9-8CD7-980939AEE3AD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{CE712167-E6D8-4EAF-80BC-DCEFBED5594F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{D23B364A-6331-4E24-B640-7BF245794C48}" = lport=10244 | protocol=6 | dir=in | app=system | "{D7534B99-D076-4AA3-9A32-3359FA1C43C7}" = lport=3390 | protocol=6 | dir=in | app=system | "{DCECFD4C-35AF-4B61-98E8-1A76692E1855}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{F402613D-8B6E-458F-8A47-9889746B33BC}" = rport=445 | protocol=6 | dir=out | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{004B8C87-F1BD-4AEA-AC0E-86816EF7EF22}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe | "{006D8F09-18FA-4474-A741-2EC4704319F6}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{07374886-8110-44FC-9BD0-539E01F46F93}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{0B066F72-94B9-4E65-898C-EC5A87D4E258}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{10DFBE7C-A1DB-4E40-9E02-1CD606D5D2DF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{118D5FE1-7C5F-47F8-9115-712B1EF176B9}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe | "{1D6153F9-6057-4298-9A7A-79ADDF0841CD}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{20494D20-EFB3-4EA9-BD60-4177078BA6B2}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe | "{25742144-1EA4-420C-80F0-7737632C2498}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe | "{28E472CB-2707-4FA5-899B-949F135241D4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{2C68E90D-4CA7-4F8E-8138-5970C8A5A6AC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{2E63113F-ECCB-479D-B9B0-3136A6A0A6CD}" = protocol=6 | dir=out | app=system | "{2FD173AE-EF1A-4E65-99B3-D592D5F9FCFD}" = dir=in | app=c:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe | "{361A98F3-B236-43C7-BA4E-1E78ECD00147}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{392F73A0-A868-4D33-BE9E-F861219E8811}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{3CFFCD87-A0E7-4641-888B-8B9797DA9C58}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{40047A0C-78BA-4171-B638-EAAAC0953FCF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{4783A22E-B040-4F6C-AB3D-AF097936F679}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{47E7CA4C-3819-44A5-BA32-029819F829A3}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe | "{48EBBEB8-D3C3-4AE6-894B-930D4FD3778F}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe | "{4BB7C8F4-BED1-4EBF-B5DE-81FE5F814A66}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe | "{4D1D2B7D-D093-41D0-BBD6-76BE76E4EF71}" = protocol=17 | dir=in | app=c:\users\dora n tony\appdata\local\akamai\netsession_win.exe | "{556062EA-B5F4-4C36-9A2C-9ECB337F44E6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{56267B58-6659-4F58-8EE9-C1859950AE77}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{5CF1BC7A-498F-468C-BA9C-2A0CFFC47950}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{5FCF7B4A-4924-4061-BE2F-98A13FD28992}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{5FF09FC5-A483-4983-A79F-6ABFC46FDDF4}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe | "{61CAC0D0-2FEC-4AD4-8594-6ECE6D4C1127}" = protocol=17 | dir=in | app=c:\program files (x86)\tango\tango.exe | "{6981C266-AD31-4514-A304-A8F6612AFD3A}" = dir=in | app=c:\users\dora n tony\appdata\local\facebook\video\skype\facebookvideocalling.exe | "{751F9F0E-66ED-4C47-8205-BC14A3FAD54B}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe | "{789BFC28-C551-4A63-A595-2F7D86A6B968}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{79FF6130-6E23-4D0F-9455-6ED7873B880A}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{7ECCB4EE-0F9F-4E51-BC5B-078B53D1D6FA}" = dir=in | app=c:\program files\hp\hp deskjet 3050a j611 series\bin\devicesetup.exe | "{8104410D-59F3-403E-AFC2-F41B61B32AA7}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe | "{848FF40B-475F-47B1-9433-C5E5BB073EA0}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{8672175C-6F41-45CD-A5F9-1F086CE7EC3F}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe | "{86968FC1-066A-4D3A-B781-1E7E4DA2AEC7}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{8AB56E5C-259E-4C17-81F0-E0730517BBBE}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe | "{8DCE229E-6E4D-4135-A349-DD9A2D315099}" = protocol=17 | dir=in | app=c:\program files (x86)\kuma games beta\kuma2.exe | "{8E98D4E2-679D-44AE-8ED2-3B1A15213D6F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{95779781-9316-46E1-86BA-6C0AA27786E5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{9B5F152E-5D03-4FF7-B0E0-0C9DF4ED2DA6}" = protocol=17 | dir=in | app=c:\users\dora n tony\appdata\local\microsoft\windows\temporary internet files\content.ie5\z068uhjh\freejack_downloader.exe | "{9BFDA702-82FB-448C-97DF-DB8041899885}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe | "{9DC3ECD5-4335-47D9-AA03-E1265940CB39}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{9E4589DC-C3F8-4CED-848F-8BE1341D0F08}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{A04A6322-4AC4-46A4-A945-B4C99EF66B0E}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe | "{A4F7842B-FA73-428B-9DDF-33CA87EDE914}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe | "{A81913B5-AD75-4D6E-A4B2-434CDC718C8C}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{A9EC8BE4-C072-4CE1-8233-936DB4103CD2}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | "{AEDC4867-55B2-4410-9FCE-65667EE3538F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{B02AE070-61D3-44CA-98BB-C06BAB2F3105}" = protocol=17 | dir=in | app=c:\program files (x86)\kuma games beta\kuma.exe | "{B0D4D5E0-1EE5-4A7C-9ECA-663C32D9B060}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe | "{B8BFF7B1-2596-4F6F-96E7-798F365B0255}" = protocol=6 | dir=in | app=c:\program files (x86)\kuma games beta\kuma2.exe | "{B96E5DE0-ECED-49A0-BF8F-2819ED56C842}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{BB04F5A0-EE84-4361-AABA-2F0FE9261625}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{BBBC9FB9-9728-4988-B913-2D05CD7EC910}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe | "{BCC3B63D-4D7E-49BA-BCE6-753AFA93341C}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{C2389FD1-999B-4A3F-8A97-6AE12845E303}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C2D19CA1-8370-4F87-9B51-3039FA827AC6}" = protocol=6 | dir=in | app=c:\users\dora n tony\appdata\local\microsoft\windows\temporary internet files\content.ie5\z068uhjh\freejack_downloader.exe | "{C300282D-A069-4AA2-B522-2F46A84F478E}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe | "{C3F63D30-D78F-4A34-B7A0-1E647A9C2862}" = protocol=6 | dir=in | app=c:\users\dora n tony\appdata\local\akamai\netsession_win.exe | "{C40FB175-DFFC-4EB6-AEF2-36FF8DBCD1A5}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{C5AF6AB8-C284-4381-884C-864BB3FFE9A5}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{C8C32095-C8CD-419A-BB82-657234A51C99}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{CCE48719-371D-440D-8F88-88D25F4E73E3}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{CD93CA68-CD75-4730-B91B-2FB2932CC084}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{D034864F-7623-494D-B56C-FAFD2BF41D09}" = protocol=6 | dir=in | app=c:\program files (x86)\kuma games beta\kuma.exe | "{D32A0995-3F24-4B08-AE4F-E0A8DBA15C53}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{D4F04840-D60D-470B-BFCD-AA2A5D040C2A}" = protocol=6 | dir=in | app=c:\program files (x86)\tango\tango.exe | "{DBD41DE5-A543-449F-A290-3C57B3E8BAD0}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{DD8F7E48-AC01-48AE-BEA2-3B133F9D9275}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe | "{EB15DE9C-01AF-4807-93A3-DC98592E9515}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe | "{ED3648BD-25A8-4E1F-9F6F-06A2EB59736A}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe | "{F2F87AC8-3C62-4ECD-BCEE-854EC2996F33}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{F8738B2C-F06E-43D8-AF96-91BFC31BAEA0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{F9CED354-2C8C-4B73-A41F-E523DA9CB39A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{F9E68CC4-2149-4B36-B7D4-01B9DF3E90B1}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | "TCP Query User{2793F987-7566-4475-8B4F-FBC2FEBC3396}C:\users\dora n tony\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\dora n tony\appdata\local\akamai\netsession_win.exe | "TCP Query User{420906A4-06DA-4B9A-A19F-2BB74C79FE9C}C:\program files (x86)\tango\tango.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tango\tango.exe | "UDP Query User{382EF311-0496-4B9D-B08E-43750E882781}C:\users\dora n tony\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\dora n tony\appdata\local\akamai\netsession_win.exe | "UDP Query User{E58055FE-92BF-4918-ADCC-133285520F2F}C:\program files (x86)\tango\tango.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tango\tango.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector "{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety "{07179D37-D5FE-4373-90D9-A25B992EFB3E}" = WD SmartWare "{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety "{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{237D687E-9E50-4A30-B810-262764CC491B}" = Garmin Communicator Plugin x64 "{26A24AE4-039D-4CA4-87B4-2F86416023FF}" = Java 6 Update 23 (64-bit) "{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}" = Intel® PROSet/Wireless WiFi Software "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}" = MobileMe Control Panel "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{710D4D91-1924-4A6B-8659-9CDE02DC7207}" = HP Deskjet 3050A J611 series Product Improvement Study "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8B485965-8EFE-464A-842F-CF8F18C3DFD7}" = iCloud "{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer "{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 306.97 "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.1.13.1 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Intel® Turbo Boost Technology Monitor 2.0 "{C7B40C35-85AE-4303-9EEA-1A1EA779664D}" = Intel® PROSet/Wireless Software for Bluetooth® Technology "{CD95F661-A5C4-44F5-A6AA-ECDD91C240D9}" = WinZip 17.0 "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{FB555BCF-9202-4886-9203-88C9A210D727}" = HP Deskjet 3050A J611 series Basic Device Software "98157A226B40B173301B0F53C8E98C47805D5152" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) "Dell Support Center" = Dell Support Center "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "MyPC Backup" = MyPC Backup "ProInst" = Intel PROSet Wireless "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00FE2935-FB56-4410-AB5F-D6E70C1771D2}" = Garmin WebUpdater "{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup "{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{22613FA5-4D3B-4EE5-8E4A-39EBE649324E}" = Garmin BaseCamp "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{23EEC842-57ED-4055-A056-9D4185DFB1AA}" = Dell Mobile Broadband Manager "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver "{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17 "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger "{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App "{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{39901B4C-E954-4471-ADAB-E786AEE326D1}" = Dell Stage "{3A3532ED-A121-4297-AA4F-70B60E4BD631}" = Playalot Games "{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}" = Garmin USB Drivers "{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3 "{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{647BB978-2876-487B-9B0E-FDB73F0EA4A2}" = Garmin Communicator Plugin "{65135558-F1AE-4B9B-8C0B-180730ACA261}" = Garmin Express "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3 "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter "{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games) "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide "{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}" = HP Update "{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11 "{876AB032-B2A4-41FF-AF87-DBC78454C1B0}" = Garmin Update Service "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{93765DFA-8A67-41FB-9FC0-B12341CA65F3}" = Elevated Installer "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{9569E6BC-326A-432F-97AB-35263A327BF1}" = Roxio Burn "{97DDCAB8-B770-4089-A10F-67568069D78A}" = HP Deskjet 3050A J611 series Help "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175 "{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A8B88634-7F90-402F-B66A-86429755F6A5}" = eBay "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}" = Wizard101 "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.6) MUI "{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime "{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime "{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}" = Garmin MapSource "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287 "{C233BCC3-29C4-49C0-B955-0A94509FC4FC}" = Garmin Express Tray "{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari "{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D6A0DD73-6EF2-9A8D-6F60-4F338F922B37}" = BBC iPlayer Desktop "{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage "{e47a5c85-88a2-47d2-b380-fc2e763c2e6d}" = Garmin Express "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{E7A8BC75-50A9-32F2-8DFB-C499D21881B7}" = Google Talk Plugin "{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter "{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1D737AB-71A7-4D25-BB94-79DB090D6FF9}" = Dell MusicStage "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1" = Advanced System Protector "8461-7759-5462-8226" = Vuze "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "Advanced Audio FX Engine" = Advanced Audio FX Engine "AirRivals_is1" = AirRivals "BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1" = BBC iPlayer Desktop "Champions Online" = Champions Online "Cisco Connect" = Cisco Connect "Dell Webcam Central" = Dell Webcam Central "FreeArc" = FreeArc 0.666 "Google Chrome" = Google Chrome "HP Photo Creations" = HP Photo Creations "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage "JumpStart World Presents Pet Playground" = JumpStart World Presents Pet Playground "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300 "N360" = Norton 360 "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Office14.Click2Run" = Microsoft Office Click-to-Run 2010 "OpenAL" = OpenAL "UnityWebPlayer" = Unity Web Player "WD Link" = WD Link "WildTangent hp Master Uninstall" = HP Games "WinLiveSuite" = Windows Live Essentials "WTA-18bff437-27c2-4492-874d-2be9aebd39e7" = Escape from Paradise 2 - A Kingdoms Quest ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2778816384-1052430406-1639427989-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "f031ef6ac137efc5" = Dell Driver Download Manager ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2778816384-1052430406-1639427989-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{373B1718-8CC5-4567-8EE2-9033AD08A680}" = ROBLOX Player for Dora n Tony "Akamai" = Akamai NetSession Interface "f031ef6ac137efc5" = Dell Driver Download Manager "MyFreeCodec" = MyFreeCodec "SOE-DC Universe Online Live" = DC Universe Online Live "UnityWebPlayer" = Unity Web Player ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 1/18/2013 4:28:34 AM | Computer Name = MawFamily | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 1/18/2013 4:28:34 AM | Computer Name = MawFamily | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 158154 Error - 1/18/2013 4:28:34 AM | Computer Name = MawFamily | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 158154 Error - 1/18/2013 4:28:35 AM | Computer Name = MawFamily | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 1/18/2013 4:28:35 AM | Computer Name = MawFamily | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 159199 Error - 1/18/2013 4:28:35 AM | Computer Name = MawFamily | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 159199 Error - 1/18/2013 4:28:36 AM | Computer Name = MawFamily | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 1/18/2013 4:28:36 AM | Computer Name = MawFamily | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 160228 Error - 1/18/2013 4:28:36 AM | Computer Name = MawFamily | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 160228 Error - 1/18/2013 4:28:37 AM | Computer Name = MawFamily | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second [ Dell Events ] Error - 9/1/2011 12:30:34 AM | Computer Name = MawFamily | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. Error - 9/1/2011 1:19:33 AM | Computer Name = MawFamily | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. Error - 9/1/2011 1:19:33 AM | Computer Name = MawFamily | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. Error - 9/4/2011 1:55:02 AM | Computer Name = MawFamily | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. Error - 9/4/2011 1:55:02 AM | Computer Name = MawFamily | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. Error - 9/4/2011 3:18:42 AM | Computer Name = MawFamily | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. Error - 9/4/2011 3:18:42 AM | Computer Name = MawFamily | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. Error - 9/8/2011 9:34:38 AM | Computer Name = MawFamily | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. Error - 9/8/2011 9:34:38 AM | Computer Name = MawFamily | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. Error - 9/10/2011 2:54:38 AM | Computer Name = MawFamily | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. [ Media Center Events ] Error - 9/16/2011 9:49:47 AM | Computer Name = MawFamily | Source = MCUpdate | ID = 0 Description = 15:49:43 - Error connecting to the internet. 15:49:43 - Unable to contact server.. Error - 12/7/2011 10:27:36 AM | Computer Name = MawFamily | Source = MCUpdate | ID = 0 Description = 17:27:35 - Failed to retrieve Directory (Error: Unable to connect to the remote server) Error - 12/7/2011 10:28:39 AM | Computer Name = MawFamily | Source = MCUpdate | ID = 0 Description = 17:28:18 - Failed to retrieve MCESpotlight (Error: Unable to connect to the remote server) Error - 12/7/2011 10:29:24 AM | Computer Name = MawFamily | Source = MCUpdate | ID = 0 Description = 17:29:00 - Failed to retrieve MCEClientUX (Error: Unable to connect to the remote server) Error - 12/7/2011 10:29:49 AM | Computer Name = MawFamily | Source = MCUpdate | ID = 0 Description = 17:29:45 - Failed to retrieve Broadband (Error: Unable to connect to the remote server) Error - 12/7/2011 11:30:34 AM | Computer Name = MawFamily | Source = MCUpdate | ID = 0 Description = 18:30:34 - Failed to retrieve Directory (Error: Unable to connect to the remote server) Error - 12/7/2011 11:31:39 AM | Computer Name = MawFamily | Source = MCUpdate | ID = 0 Description = 18:31:18 - Failed to retrieve MCESpotlight (Error: Unable to connect to the remote server) Error - 12/7/2011 11:32:24 AM | Computer Name = MawFamily | Source = MCUpdate | ID = 0 Description = 18:32:03 - Failed to retrieve MCEClientUX (Error: Unable to connect to the remote server) Error - 12/7/2011 11:32:46 AM | Computer Name = MawFamily | Source = MCUpdate | ID = 0 Description = 18:32:45 - Failed to retrieve Broadband (Error: Unable to connect to the remote server) Error - 2/8/2012 12:49:22 PM | Computer Name = MawFamily | Source = MCUpdate | ID = 0 Description = 19:49:22 - Error connecting to the internet. 19:49:22 - Unable to contact server.. [ System Events ] Error - 5/4/2013 6:42:34 PM | Computer Name = MawFamily | Source = Service Control Manager | ID = 7034 Description = The Bluetooth OBEX Service service terminated unexpectedly. It has done this 1 time(s). Error - 5/4/2013 6:42:35 PM | Computer Name = MawFamily | Source = Service Control Manager | ID = 7034 Description = The Bluetooth Media Service service terminated unexpectedly. It has done this 1 time(s). Error - 5/4/2013 6:49:20 PM | Computer Name = MawFamily | Source = Service Control Manager | ID = 7031 Description = The Akamai NetSession Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service. Error - 5/4/2013 6:53:28 PM | Computer Name = MawFamily | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Bluetooth Device Monitor service. Error - 5/4/2013 7:27:30 PM | Computer Name = MawFamily | Source = Service Control Manager | ID = 7030 Description = The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error - 5/4/2013 7:35:33 PM | Computer Name = MawFamily | Source = Application Popup | ID = 1060 Description = \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error - 5/4/2013 7:36:07 PM | Computer Name = MawFamily | Source = Service Control Manager | ID = 7030 Description = The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error - 5/4/2013 7:59:21 PM | Computer Name = MawFamily | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service. Error - 5/4/2013 7:59:51 PM | Computer Name = MawFamily | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service. Error - 5/5/2013 5:04:05 AM | Computer Name = MawFamily | Source = Service Control Manager | ID = 7011 Description = A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service. < End of report >

yes it is late here also, i will do this first thing and reply back, thank you again for such wonderful help, goodnight

it just re started but took some time to load up (longer than normal) is this normal? things once loaded seem ok now

hi please see results also the browers has changed again in chrome it shows an amazon and ie ist.msn, the logs ComboFix 13-05-04.01 - Dora n Tony 04/05/2013 23:52:55.1.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.6058.3453 [GMT 1:00] Running from: c:\users\Dora n Tony\Desktop\ComboFix.exe AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\GuffinsEI c:\program files (x86)\MyScrapNook_12EI c:\program files (x86)\MyScrapNook_12EI\Installr\1.bin\12EIPlug.dll c:\program files (x86)\MyScrapNook_12EI\Installr\1.bin\12EZSETP.dll c:\program files (x86)\MyScrapNook_12EI\Installr\1.bin\NP12EISb.dll c:\programdata\Roaming c:\users\Public\AlexaNSISPlugin.4884.dll c:\windows\SysWow64\muzapp.exe c:\windows\SysWow64\System32\MASetupCleaner.exe c:\windows\SysWow64\System32\muzapp.exe c:\windows\wininit.ini . . ((((((((((((((((((((((((( Files Created from 2013-04-04 to 2013-05-04 ))))))))))))))))))))))))))))))) . . 2013-05-04 21:48 . 2013-05-04 21:48 -------- d-----w- c:\users\Dora n Tony\AppData\Local\WinZip 2013-05-04 21:46 . 2013-05-04 21:47 -------- d-----w- c:\programdata\WinZip 2013-05-04 21:46 . 2013-05-04 21:46 -------- d-----w- c:\program files\WinZip 2013-05-04 16:03 . 2011-10-07 06:13 161728 ----a-w- c:\program files (x86)\12res.dll 2013-05-03 22:26 . 2013-05-03 22:36 -------- d-----w- c:\users\Dora n Tony\AppData\Local\NPE 2013-05-03 20:31 . 2013-05-03 20:31 -------- d-----w- c:\users\Dora n Tony\AppData\Roaming\Malwarebytes 2013-05-03 20:31 . 2013-05-03 20:31 -------- d-----w- c:\programdata\Malwarebytes 2013-05-03 20:31 . 2013-05-03 20:31 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2013-05-03 20:31 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-05-03 20:24 . 2013-05-03 20:24 -------- d-----w- c:\users\Dora n Tony\AppData\Roaming\Foresight Software 2013-05-03 20:24 . 2013-05-03 20:24 -------- d-----w- c:\users\Dora n Tony\AppData\Roaming\DriverCure 2013-05-03 20:24 . 2013-05-03 20:28 -------- d-----w- c:\programdata\Foresight Software 2013-05-03 20:24 . 2013-05-03 20:24 -------- d-----w- c:\program files (x86)\Foresight Software 2013-05-01 20:41 . 2013-05-01 20:41 -------- d-----w- c:\program files (x86)\Common Files\Skype 2013-04-24 19:28 . 2013-04-24 19:28 42184 ----a-w- c:\windows\system32\drivers\taphss6.sys 2013-04-24 19:18 . 2013-04-24 19:18 46792 ----a-w- c:\windows\system32\drivers\hssdrv6.sys 2013-04-24 15:01 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys 2013-04-19 13:34 . 2013-04-19 13:34 -------- d-----w- c:\programdata\Systweak 2013-04-19 13:34 . 2013-01-10 14:01 16896 ----a-w- c:\windows\system32\sasnative64.exe 2013-04-19 13:34 . 2013-04-25 15:20 -------- d-----w- c:\program files (x86)\MyPC Backup 2013-04-19 13:33 . 2013-05-04 14:38 -------- d-----w- c:\program files (x86)\Amazon 2013-04-19 13:32 . 2013-04-19 13:32 -------- d-----w- c:\users\Dora n Tony\AppData\Local\Programs 2013-04-19 13:32 . 2013-04-26 16:58 -------- d-----w- c:\users\Dora n Tony\AppData\Roaming\Systweak 2013-04-19 13:32 . 2013-02-28 15:27 20312 ----a-w- c:\windows\system32\roboot64.exe 2013-04-16 14:40 . 2013-04-17 20:25 -------- d-----w- c:\windows\system32\drivers\N360x64\1403010.016 2013-04-10 08:53 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys 2013-04-10 08:47 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys 2013-04-10 08:47 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-04-10 08:47 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll 2013-04-10 08:47 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2013-04-10 08:47 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2013-04-10 08:47 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll 2013-04-10 08:47 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe 2013-04-06 10:44 . 2013-04-06 10:44 -------- d-----w- c:\programdata\Package Cache 2013-04-05 20:38 . 2013-04-05 20:38 -------- d-----w- c:\program files (x86)\Garmin GPS Plugin 2013-04-05 20:38 . 2013-04-05 20:38 -------- d-----w- c:\program files\Garmin GPS Plugin 2013-04-05 19:27 . 2012-08-24 18:13 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2013-04-05 19:27 . 2012-08-24 18:09 458712 ----a-w- c:\windows\system32\drivers\cng.sys 2013-04-05 19:27 . 2012-08-24 18:05 340992 ----a-w- c:\windows\system32\schannel.dll 2013-04-05 19:27 . 2012-08-24 18:03 1448448 ----a-w- c:\windows\system32\lsasrv.dll 2013-04-05 19:27 . 2012-08-24 16:57 247808 ----a-w- c:\windows\SysWow64\schannel.dll 2013-04-05 19:27 . 2012-08-24 16:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll 2013-04-05 19:27 . 2012-08-24 16:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll 2013-04-05 19:27 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll 2013-04-05 19:27 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-04-17 20:30 . 2012-04-13 05:18 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-04-17 20:30 . 2011-07-11 13:22 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-04-13 13:02 . 2011-07-05 15:28 72702784 ----a-w- c:\windows\system32\MRT.exe 2013-04-03 17:01 . 2013-04-03 17:01 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-04-03 17:01 . 2012-10-23 09:31 861088 ----a-w- c:\windows\SysWow64\npdeployJava1.dll 2013-04-03 17:01 . 2011-04-03 08:45 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll 2013-02-12 05:45 . 2013-03-13 14:45 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2013-02-12 05:45 . 2013-03-13 14:45 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2013-02-12 05:45 . 2013-03-13 14:45 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll 2013-02-12 05:45 . 2013-03-13 14:45 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll 2013-02-12 04:48 . 2013-03-13 14:45 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll 2013-02-12 04:48 . 2013-03-13 14:45 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll 2013-02-12 04:12 . 2013-03-20 21:09 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys 2013-02-06 07:42 . 2013-02-06 07:42 203544 ----a-w- c:\windows\system32\drivers\ssudmdm.sys 2013-02-06 07:42 . 2013-02-06 07:42 102936 ----a-w- c:\windows\system32\drivers\ssudbus.sys 2011-12-18 17:07 . 2011-12-25 10:54 689552 ----a-w- c:\program files (x86)\j2Uninstall SoccerInferno.dll 2011-12-18 17:07 . 2011-12-25 10:54 161728 ----a-w- c:\program files (x86)\j2res.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WirelessManager"="c:\program files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe" [2010-07-28 194600] "Akamai NetSession Interface"="c:\users\Dora n Tony\AppData\Local\Akamai\netsession_win.exe" [2013-01-26 4480768] "MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-02-28 18642024] "GarminExpressTrayApp"="c:\program files (x86)\Garmin\Express Tray\ExpressTray.exe" [2013-03-27 1098072] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-03-24 49208] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-10-17 559616] "Z1"="c:\users\Dora n Tony\Desktop\New folder\mbar.exe" [2013-03-23 1398856] . c:\users\Dora n Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ IMVU.lnk - c:\users\Dora n Tony\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe [N/A] MobileGo Service.lnk - c:\program files (x86)\Wondershare\MobileGo\MobileGoService.exe [N/A] Monitor Ink Alerts - HP Deskjet 3050A J611 series.lnk - c:\windows\system32\RunDll32.exe [2009-7-14 45568] MyPC Backup.lnk - c:\program files (x86)\MyPC Backup\MyPC Backup.exe [2013-4-8 1913896] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2011-3-9 4236288] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616] R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-01-24 991296] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-09-04 219632] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384] R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-10-27 36328] R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-01-24 1298496] R3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys [2011-01-24 53008] R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2013-02-06 102936] R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2010-12-20 20552] R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976] R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2010-12-15 174168] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240] R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\DRIVERS\nvstusb.sys [2010-12-12 121960] R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2010-07-30 25072] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456] R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-09-04 1116656] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-10-27 157672] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-10-27 16872] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-10-27 177640] R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2013-02-06 203544] R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys [2013-04-24 42184] R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-12-20 16392] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-07-05 1255736] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464] R3 X6va008;X6va008;c:\users\DORANT~1\AppData\Local\Temp\0083335.tmp [x] R3 X6va009;X6va009;c:\windows\SysWOW64\Drivers\X6va009 [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856] S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [2010-08-20 21616] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1403010.016\SYMDS64.SYS [2013-01-22 493656] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1403010.016\SYMEFA64.SYS [2013-01-31 1139800] S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130412.001\BHDrvx64.sys [2013-04-12 1390680] S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\1403010.016\ccSetx64.sys [2012-11-16 168096] S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130503.001\IDSvia64.sys [2012-12-26 513184] S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys [2012-10-08 284008] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1403010.016\Ironx64.SYS [2012-11-16 224416] S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1403010.016\SYMNETS.SYS [2013-01-31 432800] S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-17 98208] S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136] S2 BackupStack;Computer Backup (MyPC Backup);c:\program files (x86)\MyPC Backup\BackupStack.exe [2013-04-08 32808] S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-01-24 901184] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 Garmin Core Update Service;Garmin Core Update Service;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-03-27 185688] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe [2012-12-24 144520] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-20 2656280] S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2011-03-09 288768] S2 WDFME;WD File Management Engine;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [2011-03-09 1066896] S2 WDSC;WD File Management Shadow Engine;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [2011-03-09 491920] S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [2010-12-13 27760] S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208] S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-01-24 58128] S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-01-24 274944] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2010-08-12 175168] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-22 138912] S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-01-24 59904] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-11-19 80384] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-11-19 181248] S3 qicflt;upper Device Filter Driver;c:\windows\system32\DRIVERS\qicflt.sys [2010-07-13 29288] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-05-04 14:34 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2013-05-04 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 20:30] . 2013-05-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2778816384-1052430406-1639427989-1002Core.job - c:\users\Dora n Tony\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-02-21 09:18] . 2013-05-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2778816384-1052430406-1639427989-1002UA.job - c:\users\Dora n Tony\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-02-21 09:18] . 2013-05-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-02 19:45] . 2013-05-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-02 19:45] . 2013-05-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2778816384-1052430406-1639427989-1002Core.job - c:\users\Dora n Tony\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-21 13:22] . 2013-05-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2778816384-1052430406-1639427989-1002UA.job - c:\users\Dora n Tony\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-21 13:22] . 2013-05-04 c:\windows\Tasks\HP Photo Creations Messager.job - c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11] . 2013-05-03 c:\windows\Tasks\PC Helper 360.job - c:\program files (x86)\Foresight Software\PC Helper 360\pch360.exe [2013-01-15 21:40] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-19 167960] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-19 391704] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-19 417304] "BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-01-24 10355200] "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960] "DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2011-05-30 2055816] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-02-18 6611048] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-01-18 2188904] . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService FontCache . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local> Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: DhcpNameServer = 192.168.1.1 DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} - hxxp://archives.gametap.com/static/cab_headless/GameTapWebPlayer.cab . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Wow6432Node-HKCU-Run-Nero MediaHome 4 - c:\program files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start Toolbar-Locked - (no file) WebBrowser-{90B49673-5506-483E-B92B-CA0265BD9CA8} - (no file) AddRemove-00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1 - c:\program files (x86)\Advanced System Protector\unins000.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360] "ImagePath"="\"c:\program files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\20.3.1.22\diMaster.dll\" /prefetch:1" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai] "ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0] "ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va008] "ImagePath"="\??\c:\users\DORANT~1\AppData\Local\Temp\0083335.tmp" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va009] "ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va009" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip] "SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2013-05-05 00:38:25 ComboFix-quarantined-files.txt 2013-05-04 23:38 . Pre-Run: 464,034,934,784 bytes free Post-Run: 463,713,820,672 bytes free . - - End Of File - - D3A3ACB85C8157C852C8497897887D9B

Apologies doing a few things at once, I did not have the winzip to extract the mbar, I have run the scan and no threats found, it takes a while to load from switch on and also the browser is now bing, when it was google earlier today, does this mean anything, thanks Malwarebytes Anti-Rootkit BETA 1.05.0.1001 www.malwarebytes.org Database version: v2013.03.22.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16540 Dora n Tony :: MAWFAMILY [administrator] 04/05/2013 23:02:17 mbar-log-2013-05-04 (23-02-17).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 30355 Time elapsed: 10 minute(s), 29 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)

hello I cant moved them out of the zip folder am I just being daft!

hi I have re run adware cleaner whilst making the kids tea # AdwCleaner v2.300 - Logfile created 05/04/2013 at 20:02:18 # Updated 28/04/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Dora n Tony - MAWFAMILY # Boot Mode : Normal # Running from : C:\Users\Dora n Tony\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Folder Deleted : C:\Users\Dora n Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok Folder Deleted : C:\Users\Dora n Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn ***** [Registry] ***** ***** [internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16537 [OK] Registry is clean. -\\ Google Chrome v26.0.1410.64 File : C:\Users\Dora n Tony\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [19770 octets] - [04/05/2013 17:13:37] AdwCleaner[R2].txt - [19831 octets] - [04/05/2013 19:51:08] AdwCleaner[R3].txt - [19951 octets] - [04/05/2013 19:51:58] AdwCleaner[R4].txt - [1362 octets] - [04/05/2013 20:00:33] AdwCleaner[R5].txt - [1422 octets] - [04/05/2013 20:02:06] AdwCleaner[s1].txt - [331 octets] - [04/05/2013 19:51:23] AdwCleaner[s2].txt - [20084 octets] - [04/05/2013 19:52:37] AdwCleaner[s3].txt - [1357 octets] - [04/05/2013 20:02:18] ########## EOF - C:\AdwCleaner[s3].txt - [1417 octets] ##########

# AdwCleaner v2.300 - Logfile created 05/04/2013 at 17:13:37 # Updated 28/04/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Dora n Tony - MAWFAMILY # Boot Mode : Normal # Running from : C:\Users\Dora n Tony\Desktop\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** File Found : C:\user.js File Found : C:\Users\Dora n Tony\AppData\Local\funmoods-speeddial.crx File Found : C:\Users\Dora n Tony\Desktop\Continue SweetIM Installation.lnk File Found : C:\Users\Dora n Tony\Desktop\Search The Web.url File Found : C:\Users\Dora n Tony\Desktop\sweetpcfix.url File Found : C:\Users\Public\Desktop\eBay.lnk Folder Found : C:\Program Files (x86)\Advanced System Protector Folder Found : C:\Program Files (x86)\Common Files\Software Update Utility Folder Found : C:\Program Files (x86)\Conduit Folder Found : C:\Program Files (x86)\Free Offers from Freeze.com Folder Found : C:\Program Files (x86)\GameTap Web Player Folder Found : C:\Program Files (x86)\Guffins Folder Found : C:\Program Files (x86)\MyScrapNook_12 Folder Found : C:\Program Files (x86)\PriceGong Folder Found : C:\Program Files (x86)\Retrogamer_4w Folder Found : C:\Program Files (x86)\RobotBoom_60 Folder Found : C:\ProgramData\Ask Folder Found : C:\ProgramData\Babylon Folder Found : C:\ProgramData\GameTap Web Player Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong Folder Found : C:\ProgramData\Tarma Installer Folder Found : C:\ProgramData\Trymedia Folder Found : C:\Users\Dora n Tony\AppData\Local\Babylon Folder Found : C:\Users\Dora n Tony\AppData\Local\Conduit Folder Found : C:\Users\Dora n Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok Folder Found : C:\Users\Dora n Tony\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn Folder Found : C:\Users\Dora n Tony\AppData\Local\TempDir Folder Found : C:\Users\Dora n Tony\AppData\LocalLow\Conduit Folder Found : C:\Users\Dora n Tony\AppData\LocalLow\FunWebProducts Folder Found : C:\Users\Dora n Tony\AppData\LocalLow\MyScrapNook_12 Folder Found : C:\Users\Dora n Tony\AppData\LocalLow\PriceGong Folder Found : C:\Users\Dora n Tony\AppData\Roaming\Babylon ***** [Registry] ***** Key Found : HKCU\Software\Alexa Internet Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Found : HKCU\Software\AppDataLow\Software\PriceGong Key Found : HKCU\Software\AppDataLow\Software\RobotBoom_60 Key Found : HKCU\Software\AppDataLow\Software\SmartBar Key Found : HKCU\Software\Conduit Key Found : HKCU\Software\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki Key Found : HKCU\Software\InstallCore Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4D7B-9389-0F166788785A} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3E720452-B472-4954-B7AA-33069EB53906} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{70809736-9F62-444C-9F72-A198B4E61B86} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8013018C-73F4-4642-B2D1-9D83C2AAFBC2} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A13CC898-9CA9-4578-9629-B328422FF014} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA9C49E7-6E64-4B6C-8EB6-4837174BF9E5} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F8F03266-DEC7-4F5C-A6D3-D88533EE9070} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Found : HKCU\Software\Softonic Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BD172BA-3F40-4303-BCA1-0484B5BA2A7B} Key Found : HKLM\Software\Babylon Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Found : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1} Key Found : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692} Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Found : HKLM\SOFTWARE\Classes\AppID\dnu.EXE Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1 Key Found : HKLM\SOFTWARE\Classes\dnUpdate Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1 Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1 Key Found : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1 Key Found : HKLM\Software\Classes\Installer\Features\90C64EA18BA25EE488BF80DCF07F2FFD Key Found : HKLM\Software\Classes\Installer\Products\90C64EA18BA25EE488BF80DCF07F2FFD Key Found : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO Key Found : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO.1 Key Found : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl Key Found : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl.1 Key Found : HKLM\SOFTWARE\Classes\Prod.cap Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2786678 Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{1D4DB7D0-6EC9-47A3-BD87-1E41684E07BB} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967} Key Found : HKLM\Software\Conduit Key Found : HKLM\Software\Freeze.com Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96} Key Found : HKLM\SOFTWARE\MozillaPlugins\@funwebproducts.com/Plugin Key Found : HKLM\Software\RobotBoom_60 Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90} Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136} Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BD172BA-3F40-4303-BCA1-0484B5BA2A7B} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86C0E2A3-1EDA-4F01-A43D-80DA8642813C}_is1 Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility Key Found : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Found : HKLM\SOFTWARE\Classes\Interface\{01947140-417F-46B6-8751-A3A2B8345E1A} Key Found : HKLM\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} Key Found : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA} Key Found : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191} Key Found : HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Found : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390} Key Found : HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Found : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728} Key Found : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991} Key Found : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1} Key Found : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1} Key Found : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A} Key Found : HKLM\SOFTWARE\Classes\Interface\{28725C03-CBA1-4CF7-ACBE-586DC13286A0} Key Found : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672} Key Found : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762} Key Found : HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} Key Found : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC} Key Found : HKLM\SOFTWARE\Classes\Interface\{2FCFC6FD-409C-43AD-88C4-1F7610125B87} Key Found : HKLM\SOFTWARE\Classes\Interface\{32B59440-5A17-4522-AA27-8F84B9A64AEB} Key Found : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1} Key Found : HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} Key Found : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82} Key Found : HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906} Key Found : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906} Key Found : HKLM\SOFTWARE\Classes\Interface\{49F7D468-4A60-4A40-A1E9-0C54D45631EE} Key Found : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9} Key Found : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8} Key Found : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED} Key Found : HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} Key Found : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C} Key Found : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5} Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Found : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} Key Found : HKLM\SOFTWARE\Classes\Interface\{70AE3EE8-05D3-4DAF-8A0B-2530394FD8CB} Key Found : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} Key Found : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF} Key Found : HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} Key Found : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9} Key Found : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9} Key Found : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9} Key Found : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D} Key Found : HKLM\SOFTWARE\Classes\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302} Key Found : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2} Key Found : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8} Key Found : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69} Key Found : HKLM\SOFTWARE\Classes\Interface\{A0EB21B6-5D9B-4B0D-BB11-00F2245F1271} Key Found : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC} Key Found : HKLM\SOFTWARE\Classes\Interface\{A7C43421-AB2B-4373-AADD-F4B7AE15FDBE} Key Found : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D} Key Found : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036} Key Found : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD} Key Found : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} Key Found : HKLM\SOFTWARE\Classes\Interface\{D22421A9-9464-4365-AE9B-D4AD70B99924} Key Found : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1} Key Found : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347} Key Found : HKLM\SOFTWARE\Classes\Interface\{D9581658-20F7-405B-B487-5CC26902E218} Key Found : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477} Key Found : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} Key Found : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F} Key Found : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90} Key Found : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612} Key Found : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612} Key Found : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8} Key Found : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136} Key Found : HKLM\SOFTWARE\Classes\Interface\{F81A9A20-F851-46A7-AD69-C2780DBC377C} Key Found : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978} Key Found : HKLM\SOFTWARE\Classes\Interface\{FF777BF5-D424-4519-A61E-2B5BB204894D} Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Found : HKLM\SOFTWARE\Tarma Installer Key Found : HKU\S-1-5-21-2778816384-1052430406-1639427989-1002\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Found : HKU\S-1-5-21-2778816384-1052430406-1639427989-1002\Software\Microsoft\Internet Explorer\SearchScopes\{9BD172BA-3F40-4303-BCA1-0484B5BA2A7B} Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] Value Found : HKCU\Software\Mozilla\Firefox\Extensions [{8a9386b4-e958-4c4c-adf4-8f26db3e4829}] ***** [internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16537 [HKCU\Software\Microsoft\Internet Explorer\Main - Backup.Old.Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={4B60C20D-B269-11E1-8E1D-BD92C4DE101E} -\\ Google Chrome v26.0.1410.64 File : C:\Users\Dora n Tony\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [19793 octets] - [04/05/2013 17:13:37] ########## EOF - C:\AdwCleaner[R1].txt - [19854 octets] ##########

RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Dora n Tony [Admin rights] Mode : Scan -- Date : 05/04/2013 16:52:46 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 15 ¤¤¤ [services][ROGUE ST] HKLM\[...]\ControlSet001\Services\X6va008 (C:\Users\Dora n Tony\AppData\Local\Temp\0083335.tmp) [x] -> FOUND [services][ROGUE ST] HKLM\[...]\ControlSet002\Services\X6va008 (C:\Users\Dora n Tony\AppData\Local\Temp\0083335.tmp) [x] -> FOUND [TASK][PREVRUN] SymInstallStub.job : C:\Users\Dora n Tony\AppData\Local\Temp\Adobe\Shockwave 11\SymInstallStub.exe /partnerid=adobe /productlist=rm /staging=false /delay=0 /lang=English /debug /desktopshortcut=1 /startmenushortcut=1 /task [x] -> FOUND [TASK][PREVRUN] GoogleUpdateTaskUserS-1-5-21-2778816384-1052430406-1639427989-1002UA.job : C:\Users\Dora n Tony\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler [x] -> FOUND [TASK][PREVRUN] GoogleUpdateTaskUserS-1-5-21-2778816384-1052430406-1639427989-1002Core.job : C:\Users\Dora n Tony\AppData\Local\Google\Update\GoogleUpdate.exe /c [x] -> FOUND [TASK][PREVRUN] FacebookUpdateTaskUserS-1-5-21-2778816384-1052430406-1639427989-1002UA.job : C:\Users\Dora n Tony\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler [x] -> FOUND [TASK][PREVRUN] FacebookUpdateTaskUserS-1-5-21-2778816384-1052430406-1639427989-1002Core.job : C:\Users\Dora n Tony\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver [x] -> FOUND [TASK][PREVRUN] FacebookUpdateTaskUserS-1-5-21-2778816384-1052430406-1639427989-1002Core : C:\Users\Dora n Tony\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver [x] -> FOUND [TASK][PREVRUN] FacebookUpdateTaskUserS-1-5-21-2778816384-1052430406-1639427989-1002UA : C:\Users\Dora n Tony\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler [x] -> FOUND [TASK][PREVRUN] GoogleUpdateTaskUserS-1-5-21-2778816384-1052430406-1639427989-1002Core : C:\Users\Dora n Tony\AppData\Local\Google\Update\GoogleUpdate.exe /c [x] -> FOUND [TASK][PREVRUN] GoogleUpdateTaskUserS-1-5-21-2778816384-1052430406-1639427989-1002UA : C:\Users\Dora n Tony\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler [x] -> FOUND [TASK][PREVRUN] SymInstallStub : C:\Users\Dora n Tony\AppData\Local\Temp\Adobe\Shockwave 11\SymInstallStub.exe /partnerid=adobe /productlist=rm /staging=false /delay=0 /lang=English /debug /desktopshortcut=1 /startmenushortcut=1 /task [x] -> FOUND [sTARTUP][PREVRUN] IMVU.lnk @Dora n Tony : C:\Users\Dora n Tony\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe [x] -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: TOSHIBA MK6461GSY +++++ --- User --- [MBR] 979705b77092b10a27a5231dd6d6d32e [bSP] dea9defa67a18cc486b8c709b2ee22f0 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 101 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 208845 | Size: 15000 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30928845 | Size: 595377 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_05042013_02d1652.txt >> RKreport[1]_S_05042013_02d1652.txt

hello there, thank you for your help, I hope I have this right . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 02/07/2011 15:28:50 System Uptime: 04/05/2013 04:35:10 (11 hours ago) . Motherboard: Dell Inc. | | 0NJT03 Processor: Intel® Core i7-2630QM CPU @ 2.00GHz | CPU | 780/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 581 GiB total, 433.303 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: Description: Bluetooth Peripheral Device Device ID: BTHENUM\{00001132-0000-1000-8000-00805F9B34FB}_VID&0001000F_PID&0000\8&CD9ECF4&0&0CDFA417F39D_C00000000 Manufacturer: Name: Bluetooth Peripheral Device PNP Device ID: BTHENUM\{00001132-0000-1000-8000-00805F9B34FB}_VID&0001000F_PID&0000\8&CD9ECF4&0&0CDFA417F39D_C00000000 Service: . ==== System Restore Points =================== . RP156: 13/04/2013 14:01:08 - Windows Update RP157: 13/04/2013 14:30:04 - Device Driver Package Install: Anchorfree HSS VPN Adapter Network adapters RP158: 19/04/2013 14:35:59 - RegClean Pro Fri, Apr 19, 13 14:35 RP159: 25/04/2013 08:06:49 - Windows Update RP160: 01/05/2013 03:00:22 - Windows Update RP161: 03/05/2013 23:26:10 - Device Driver Package Install: Anchorfree HSS VPN Adapter Network adapters . ==== Installed Programs ====================== . AccelerometerP11 Adobe AIR Adobe Flash Player 11 ActiveX Adobe Reader X (10.1.6) MUI Adobe Shockwave Player 11.6 Advanced Audio FX Engine Advanced System Protector AirRivals Akamai NetSession Interface Apple Application Support Apple Mobile Device Support Apple Software Update Ask Toolbar Ask Toolbar Updater µTorrent Babylon toolbar on IE BBC iPlayer Desktop Bing Bar Bonjour Champions Online Cisco Connect D3DX10 DC Universe Online Live Dell DataSafe Local Backup Dell DataSafe Local Backup - Support Software Dell Driver Download Manager Dell Edoc Viewer Dell Getting Started Guide Dell Mobile Broadband Manager Dell MusicStage Dell PhotoStage Dell Stage Dell Support Center Dell VideoStage Dell Webcam Central DirectX 9 Runtime Download Updater (AOL Inc.) eBay Elevated Installer Escape from Paradise 2 - A Kingdoms Quest Facebook Video Calling 1.2.0.287 FreeArc 0.666 GameTap Web Player Garmin BaseCamp Garmin Communicator Plugin Garmin Communicator Plugin x64 Garmin Express Garmin Express Tray Garmin MapSource Garmin Update Service Garmin USB Drivers Garmin WebUpdater Google Chrome Google Earth Google Talk Plugin Google Toolbar for Internet Explorer Google Update Helper Guffins Toolbar Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) Hotspot Shield 2.93 HP Deskjet 3050A J611 series Basic Device Software HP Deskjet 3050A J611 series Help HP Deskjet 3050A J611 series Product Improvement Study HP Games HP Photo Creations HP Update iCloud Intel PROSet Wireless Intel® Control Center Intel® Management Engine Components Intel® Processor Graphics Intel® PROSet/Wireless Software for Bluetooth® Technology Intel® PROSet/Wireless WiFi Software Intel® Turbo Boost Technology Monitor 2.0 iTunes Java 7 Update 17 Java Auto Updater Java 6 Update 23 (64-bit) JMicron Flash Media Controller Driver JumpStart World Presents Pet Playground Junk Mail filter update Malwarebytes Anti-Malware version 1.75.0.1300 Mesh Runtime Messenger Companion Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Starter 2010 - English Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable - KB2467175 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 MobileMe Control Panel MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) My Scrap Nook MyFreeCodec MyOwnSuperhero MyPC Backup Norton 360 NVIDIA 3D Vision Driver 306.97 NVIDIA Control Panel 306.97 NVIDIA Graphics Driver 306.97 NVIDIA HD Audio Driver 1.1.13.1 NVIDIA Install Application NVIDIA Optimus 1.10.8 NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.10.8 NVIDIA Update Components OpenAL Pando Media Booster PhotoShowExpress Playalot Games PriceGong 2.6.7 Quickset64 QuickTime RBVirtualFolder64Inst Realtek High Definition Audio Driver Retrogamer toolbar ROBLOX Player for Dora n Tony Robot Boom Toolbar Roxio Activation Module Roxio BackOnTrack Roxio Burn Roxio Creator Starter Roxio Express Labeler 3 Roxio File Backup Safari Samsung Kies SAMSUNG USB Driver for Mobile Phones Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Skype Click to Call Skype™ 6.3 Sonic CinePlayer Decoder Pack SweetIM for Messenger 3.6 SweetPacks Toolbar for Internet Explorer 4.6 swMSM Synaptics Pointing Device Driver Unity Web Player Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update Installer for WildTangent Games App Update Manager for SweetPacks 1.0 uTorrentBar Toolbar Vuze WD Link WD SmartWare WildTangent Games App (HP Games) Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Wizard101 Yontoo 1.10.02 . ==== Event Viewer Messages From Past Week ======== . 04/05/2013 14:52:13, Error: Service Control Manager [7031] - The Hotspot Shield Routing Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. 04/05/2013 13:44:12, Error: Service Control Manager [7031] - The Hotspot Shield Routing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. 03/05/2013 23:26:50, Error: Service Control Manager [7034] - The Hotspot Shield Routing Service service terminated unexpectedly. It has done this 1 time(s). 03/05/2013 23:26:45, Error: Service Control Manager [7030] - The Hotspot Shield Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 03/05/2013 21:20:18, Error: Service Control Manager [7031] - The Hotspot Shield Routing Service service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. 01/05/2013 13:52:53, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect. 01/05/2013 13:52:53, Error: Service Control Manager [7000] - The Computer Backup (MyPC Backup) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 01/05/2013 12:42:43, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service. . ==== End Of File ===========================

Hi there I have been referred to you by a friend as I think I have a virus thingy when I go to open a browser it keeps sayng runn dll issue I am not sure what to do hope you can help thanks DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.17.2 Run by Dora n Tony at 15:40:51 on 2013-05-04 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.6058.2825 [GMT 1:00] . AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe C:\Windows\SysWOW64\svchost.exe -k Akamai C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\MyPC Backup\BackupStack.exe C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe C:\Windows\system32\taskhost.exe C:\PROGRA~2\Guffins\bar\1.bin\u4barsvc.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\PROGRA~2\MYOWNS~2\bar\1.bin\v3barsvc.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\PROGRA~2\MYSCRA~2\bar\1.bin\12barsvc.exe C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\PROGRA~2\RETROG~2\bar\1.bin\4wbarsvc.exe C:\PROGRA~2\ROBOTB~2\bar\1.bin\60barsvc.exe C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\System32\rundll32.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe C:\Users\Dora n Tony\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe C:\Users\Dora n Tony\AppData\Local\Akamai\netsession_win.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe C:\Program Files (x86)\Guffins\bar\1.bin\u4brmon.exe C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Windows\system32\RunDll32.exe C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe C:\Program Files (x86)\RobotBoom_60\bar\1.bin\60brmon.exe C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\4wbrmon.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\PROGRA~2\MYOWNS~2\bar\1.bin\v3brmon.exe C:\PROGRA~2\MYSCRA~2\bar\1.bin\12brmon.exe C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\consent.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.co.uk/ uDefault_Page_URL = hxxp://www1.euro.dell.com/content/default.aspx?c=ae&l=ar&s=gen uURLSearchHooks: <No Name>: {b3b5c47e-61f7-4d81-af06-461fc86686ce} - C:\Program Files (x86)\MyScrapNook_12\bar\1.bin\12SrcAs.dll uURLSearchHooks: <No Name>: {52085b5a-528a-4cd1-80ec-257376be568b} - C:\Program Files (x86)\MyOwnSuperhero\bar\1.bin\v3SrcAs.dll uURLSearchHooks: <No Name>: {4cff1016-c2e2-4fdd-9c67-e32200c25ff9} - C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\4wSrcAs.dll uURLSearchHooks: <No Name>: {e5432fba-1139-40d2-9607-7f4294470559} - C:\Program Files (x86)\RobotBoom_60\bar\1.bin\60SrcAs.dll uURLSearchHooks: <No Name>: {c3d3840c-12ea-4461-a61d-190555fecc82} - C:\Program Files (x86)\Guffins\bar\1.bin\u4SrcAs.dll mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll mWinlogon: Userinit = userinit.exe, BHO: Toolbar BHO: {0214754e-4e7d-4589-829d-e2523e6a3085} - C:\Program Files (x86)\MyScrapNook_12\bar\1.bin\12bar.dll BHO: Toolbar BHO: {03123bb6-a811-407e-b323-66cf0be510b1} - C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\4wbar.dll BHO: Shopping Assistant Plugin: {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.6.7\PriceGongIE.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll BHO: Search Assistant BHO: {5112dcb0-d908-49da-828c-e0d48064eb78} - C:\Program Files (x86)\MyOwnSuperhero\bar\1.bin\v3SrcAs.dll BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coieplg.dll BHO: Toolbar BHO: {655ac5d4-373b-4b87-b88d-ed9d0db4d5c6} - C:\Program Files (x86)\MyOwnSuperhero\bar\1.bin\v3bar.dll BHO: Search Assistant BHO: {65f159fb-5f5e-46f4-b45d-ccfa236d2073} - C:\Program Files (x86)\MyScrapNook_12\bar\1.bin\12SrcAs.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ips\ipsbho.dll BHO: Search Assistant BHO: {702bc894-bcc3-4eed-b144-68f8e6084cd4} - C:\Program Files (x86)\RobotBoom_60\bar\1.bin\60SrcAs.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Toolbar BHO: {a916eefe-6a17-4d7d-a131-2738b260bb55} - C:\Program Files (x86)\Guffins\bar\1.bin\u4bar.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll BHO: Toolbar BHO: {c12d1a32-d0ce-4073-8386-fe9489455898} - C:\Program Files (x86)\RobotBoom_60\bar\1.bin\60bar.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll BHO: Search Assistant BHO: {d6a34acb-76fa-4a14-88ea-5d54797a2028} - C:\Program Files (x86)\Guffins\bar\1.bin\u4SrcAs.dll BHO: Search Assistant BHO: {d757dbfc-1494-4647-a8b3-abd654988dd8} - C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\4wSrcAs.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: SweetPacks Browser Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll TB: My Scrap Nook: {FE6F06FB-0FC0-4499-828F-EE48088F504F} - C:\Program Files (x86)\MyScrapNook_12\bar\1.bin\12bar.dll TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coieplg.dll TB: uTorrentBar Toolbar: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll TB: MyOwnSuperhero: {DF09F053-47D9-4CA2-8152-7969D4DEA940} - C:\Program Files (x86)\MyOwnSuperhero\bar\1.bin\v3bar.dll TB: Guffins: {DE2FDF7C-2637-4BA3-B427-3FCE2D331DB5} - C:\Program Files (x86)\Guffins\bar\1.bin\u4bar.dll TB: Robot Boom: {BB3F7563-E9A4-43BC-9A7C-94A642DD1FFA} - C:\Program Files (x86)\RobotBoom_60\bar\1.bin\60bar.dll TB: Retrogamer: {3392CFEC-56F8-41EE-BDB4-4E301EFD2C93} - C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\4wbar.dll TB: My Scrap Nook: {fe6f06fb-0fc0-4499-828f-ee48088f504f} - C:\Program Files (x86)\MyScrapNook_12\bar\1.bin\12bar.dll TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll TB: MyOwnSuperhero: {df09f053-47d9-4ca2-8152-7969d4dea940} - C:\Program Files (x86)\MyOwnSuperhero\bar\1.bin\v3bar.dll TB: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll TB: Guffins: {de2fdf7c-2637-4ba3-b427-3fce2d331db5} - C:\Program Files (x86)\Guffins\bar\1.bin\u4bar.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - TB: Robot Boom: {bb3f7563-e9a4-43bc-9a7c-94a642dd1ffa} - C:\Program Files (x86)\RobotBoom_60\bar\1.bin\60bar.dll TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\coieplg.dll TB: Retrogamer: {3392cfec-56f8-41ee-bdb4-4e301efd2c93} - C:\Program Files (x86)\Retrogamer_4w\bar\1.bin\4wbar.dll uRun: [WirelessManager] "C:\Program Files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe" uRun: [Nero MediaHome 4] "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN uRun: [Akamai NetSession Interface] "C:\Users\Dora n Tony\AppData\Local\Akamai\netsession_win.exe" uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe uRun: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe uRun: [Google Update] "C:\Users\Dora n Tony\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun uRun: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" mRun: [Guffins Browser Plugin Loader] C:\PROGRA~2\Guffins\bar\1.bin\u4brmon.exe mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe mRun: [RobotBoom_60 Browser Plugin Loader] C:\PROGRA~2\ROBOTB~2\bar\1.bin\60brmon.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Retrogamer Search Scope Monitor] "C:\PROGRA~2\RETROG~2\bar\1.bin\4wsrchmn.exe" /m=2 /w /h mRun: [Retrogamer_4w Browser Plugin Loader] C:\PROGRA~2\RETROG~2\bar\1.bin\4wbrmon.exe mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" StartupFolder: C:\Users\DORANT~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\IMVU.lnk - C:\Users\Dora n Tony\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe StartupFolder: C:\Users\DORANT~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MOBILE~1.LNK - C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe StartupFolder: C:\Users\DORANT~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Windows\System32\RunDll32.exe StartupFolder: C:\Users\DORANT~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MYPCBA~1.LNK - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDDMST~1.LNK - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab TCP: NameServer = 192.168.0.1 TCP: Interfaces\{E92D631D-654C-4F7C-BDDF-5F57B2E3BD2E} : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{E92D631D-654C-4F7C-BDDF-5F57B2E3BD2E}\24573796E65637373456E6475627 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{E92D631D-654C-4F7C-BDDF-5F57B2E3BD2E}\34963736F60353537353 : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{E92D631D-654C-4F7C-BDDF-5F57B2E3BD2E}\6796277696E6D65646961683431313935353 : DHCPNameServer = 194.168.4.100 194.168.8.100 TCP: Interfaces\{E92D631D-654C-4F7C-BDDF-5F57B2E3BD2E}\758696475644F676 : DHCPNameServer = 192.168.1.254 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll x64-BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [bTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe x64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab x64-DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-10-8 30056] R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-4-3 55856] R0 SMR322;Symantec SMR Utility Service 3.2.2;C:\Windows\System32\drivers\SMR322.SYS [2013-5-3 96856] R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2011-4-3 21616] R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1403010.016\symds64.sys [2013-4-16 493656] R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1403010.016\symefa64.sys [2013-4-16 1139800] R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130412.001\BHDrvx64.sys [2013-4-13 1390680] R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\System32\drivers\N360x64\1403010.016\ccsetx64.sys [2013-4-16 168096] R1 HssDRV6;Hotspot Shield Routing Driver 6;C:\Windows\System32\drivers\hssdrv6.sys [2013-4-24 46792] R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130503.001\IDSviA64.sys [2013-5-4 513184] R1 nvkflt;nvkflt;C:\Windows\System32\drivers\nvkflt.sys [2012-10-8 284008] R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1403010.016\ironx64.sys [2013-4-16 224416] R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1403010.016\symnets.sys [2013-4-16 432800] R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-7-2 98208] R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-14 27136] R2 BackupStack;Computer Backup (MyPC Backup);C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2013-4-8 32808] R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-1-24 901184] R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-1-24 991296] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 Garmin Core Update Service;Garmin Core Update Service;C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-3-27 185688] R2 GuffinsService;GuffinsService;C:\PROGRA~2\Guffins\bar\1.bin\u4barsvc.exe [2012-7-26 42504] R2 hshld;Hotspot Shield Service;C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [2013-4-26 570664] R2 HssWd;Hotspot Shield Monitoring Service;C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2013-4-26 390440] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-5-3 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-5-3 701512] R2 MyOwnSuperheroService;MyOwnSuperheroService;C:\PROGRA~2\MYOWNS~2\bar\1.bin\v3barsvc.exe [2012-1-29 42504] R2 MyScrapNook_12Service;My Scrap NookService;C:\PROGRA~2\MYSCRA~2\bar\1.bin\12barsvc.exe [2011-10-7 42504] R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccsvchst.exe [2013-4-16 144520] R2 Retrogamer_4wService;RetrogamerService;C:\PROGRA~2\RETROG~2\bar\1.bin\4wbarsvc.exe [2013-1-30 42504] R2 RobotBoom_60Service;Robot BoomService;C:\PROGRA~2\ROBOTB~2\bar\1.bin\60barsvc.exe [2012-9-30 42504] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-4-3 1692480] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-4-3 2656280] R2 WDDMService;WDDMService;C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2011-3-9 288768] R2 WDFME;WD File Management Engine;C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [2011-3-9 1066896] R2 WDSC;WD File Management Shadow Engine;C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [2011-3-9 491920] R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\Accelern.sys [2011-4-3 27760] R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208] R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-1-24 1298496] R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-1-24 58128] R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-1-24 274944] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2011-4-3 175168] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-22 138912] R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-1-24 59904] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-4-3 317440] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-5-3 25928] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-4-3 80384] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-4-3 181248] R3 qicflt;upper Device Filter Driver;C:\Windows\System32\drivers\qicflt.sys [2011-4-3 29288] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240] R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264] R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648] R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960] R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] R3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2013-4-24 42184] S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-9-4 219632] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\System32\drivers\ssadadb.sys [2011-12-26 36328] S3 btmaudio;Intel Bluetooth Audio Service;C:\Windows\System32\drivers\btmaud.sys [2011-1-24 53008] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-2-6 102936] S3 dgderdrv;dgderdrv;C:\Windows\System32\drivers\dgderdrv.sys [2010-12-20 20552] S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-6-22 48488] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840] S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-4-3 158976] S3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2011-4-3 174168] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240] S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\System32\drivers\nvstusb.sys [2011-4-3 121960] S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2010-7-31 25072] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-4-5 19456] S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-9-4 1116656] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2011-12-26 157672] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2011-12-26 16872] S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2011-12-26 177640] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-2-6 203544] S3 TFsExDisk;TFsExDisk;C:\Windows\System32\drivers\TFsExDisk.sys [2011-7-2 16392] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-4-5 57856] S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-7-5 1255736] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184] . =============== Created Last 30 ================ . 2013-05-03 22:26:41 96856 ----a-w- C:\Windows\System32\drivers\SMR322.SYS 2013-05-03 22:26:23 -------- d-----w- C:\Users\Dora n Tony\AppData\Local\NPE 2013-05-03 20:31:13 -------- d-----w- C:\Users\Dora n Tony\AppData\Roaming\Malwarebytes 2013-05-03 20:31:09 -------- d-----w- C:\ProgramData\Malwarebytes 2013-05-03 20:31:08 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-05-03 20:31:08 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-05-03 20:24:32 -------- d-----w- C:\Users\Dora n Tony\AppData\Roaming\Foresight Software 2013-05-03 20:24:32 -------- d-----w- C:\Users\Dora n Tony\AppData\Roaming\DriverCure 2013-05-03 20:24:20 -------- d-----w- C:\ProgramData\Foresight Software 2013-05-03 20:24:20 -------- d-----w- C:\Program Files (x86)\Foresight Software 2013-04-24 19:28:08 42184 ----a-w- C:\Windows\System32\drivers\taphss6.sys 2013-04-24 19:18:34 46792 ----a-w- C:\Windows\System32\drivers\hssdrv6.sys 2013-04-24 15:01:23 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2013-04-19 13:34:21 -------- d-----w- C:\ProgramData\Systweak 2013-04-19 13:34:20 16896 ----a-w- C:\Windows\System32\sasnative64.exe 2013-04-19 13:34:20 -------- d-----w- C:\Program Files (x86)\Advanced System Protector 2013-04-19 13:34:00 -------- d-----w- C:\Program Files (x86)\MyPC Backup 2013-04-19 13:33:52 -------- d-----w- C:\Program Files (x86)\Amazon 2013-04-19 13:32:36 -------- d-----w- C:\Users\Dora n Tony\AppData\Local\Programs 2013-04-19 13:32:32 -------- d-----w- C:\Users\Dora n Tony\AppData\Roaming\Systweak 2013-04-19 13:32:30 20312 ----a-w- C:\Windows\System32\roboot64.exe 2013-04-16 14:41:18 796248 ----a-w- C:\Windows\System32\drivers\N360x64\1403010.016\srtsp64.sys 2013-04-16 14:41:18 493656 ----a-w- C:\Windows\System32\drivers\N360x64\1403010.016\symds64.sys 2013-04-16 14:41:18 432800 ----a-w- C:\Windows\System32\drivers\N360x64\1403010.016\symnets.sys 2013-04-16 14:41:18 36952 ----a-w- C:\Windows\System32\drivers\N360x64\1403010.016\srtspx64.sys 2013-04-16 14:41:18 23448 ----a-r- C:\Windows\System32\drivers\N360x64\1403010.016\symelam.sys 2013-04-16 14:41:18 224416 ----a-w- C:\Windows\System32\drivers\N360x64\1403010.016\ironx64.sys 2013-04-16 14:41:18 168096 ----a-w- C:\Windows\System32\drivers\N360x64\1403010.016\ccsetx64.sys 2013-04-16 14:41:18 1139800 ----a-w- C:\Windows\System32\drivers\N360x64\1403010.016\symefa64.sys 2013-04-16 14:40:50 -------- d-----w- C:\Windows\System32\drivers\N360x64\1403010.016 2013-04-10 08:53:09 3153408 ----a-w- C:\Windows\System32\win32k.sys 2013-04-10 08:47:45 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys 2013-04-10 08:47:41 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-04-10 08:47:40 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll 2013-04-10 08:47:40 43520 ----a-w- C:\Windows\System32\csrsrv.dll 2013-04-10 08:47:40 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-04-10 08:47:40 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-04-10 08:47:40 112640 ----a-w- C:\Windows\System32\smss.exe 2013-04-06 10:44:14 -------- d-----w- C:\ProgramData\Package Cache 2013-04-05 20:38:51 -------- d-----w- C:\Program Files (x86)\Garmin GPS Plugin 2013-04-05 20:38:49 -------- d-----w- C:\Program Files\Garmin GPS Plugin 2013-04-05 19:27:58 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2013-04-05 19:27:58 458712 ----a-w- C:\Windows\System32\drivers\cng.sys 2013-04-05 19:27:58 340992 ----a-w- C:\Windows\System32\schannel.dll 2013-04-05 19:27:58 247808 ----a-w- C:\Windows\SysWow64\schannel.dll 2013-04-05 19:27:58 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2013-04-05 19:27:58 154480 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2013-04-05 19:27:58 1448448 ----a-w- C:\Windows\System32\lsasrv.dll 2013-04-05 19:27:53 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll 2013-04-05 19:27:53 366592 ----a-w- C:\Windows\System32\qdvd.dll . ==================== Find3M ==================== . 2013-04-17 20:30:35 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-04-17 20:30:35 691592 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-04-03 17:01:10 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-04-03 17:01:09 861088 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll 2013-04-03 17:01:09 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll 2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll 2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll 2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll 2013-02-12 04:12:05 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys 2013-02-06 07:42:10 203544 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys 2013-02-06 07:42:08 102936 ----a-w- C:\Windows\System32\drivers\ssudbus.sys 2011-12-18 17:07:35 689552 ----a-w- C:\Program Files (x86)\j2Uninstall SoccerInferno.dll 2011-12-18 17:07:35 161728 ----a-w- C:\Program Files (x86)\j2res.dll 2011-10-07 09:42:56 669072 ----a-w- C:\Program Files (x86)\v3Uninstall MyOwnSuperhero.dll 2011-10-07 09:42:56 161744 ----a-w- C:\Program Files (x86)\v3res.dll 2011-10-02 16:10:19 161712 ----a-w- C:\Program Files (x86)\u4res.dll . ============= FINISH: 15:41:23.76 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 02/07/2011 15:28:50 System Uptime: 04/05/2013 04:35:10 (11 hours ago) . Motherboard: Dell Inc. | | 0NJT03 Processor: Intel® Core i7-2630QM CPU @ 2.00GHz | CPU | 780/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 581 GiB total, 433.303 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: Description: Bluetooth Peripheral Device Device ID: BTHENUM\{00001132-0000-1000-8000-00805F9B34FB}_VID&0001000F_PID&0000\8&CD9ECF4&0&0CDFA417F39D_C00000000 Manufacturer: Name: Bluetooth Peripheral Device PNP Device ID: BTHENUM\{00001132-0000-1000-8000-00805F9B34FB}_VID&0001000F_PID&0000\8&CD9ECF4&0&0CDFA417F39D_C00000000 Service: . ==== System Restore Points =================== . RP156: 13/04/2013 14:01:08 - Windows Update RP157: 13/04/2013 14:30:04 - Device Driver Package Install: Anchorfree HSS VPN Adapter Network adapters RP158: 19/04/2013 14:35:59 - RegClean Pro Fri, Apr 19, 13 14:35 RP159: 25/04/2013 08:06:49 - Windows Update RP160: 01/05/2013 03:00:22 - Windows Update RP161: 03/05/2013 23:26:10 - Device Driver Package Install: Anchorfree HSS VPN Adapter Network adapters . ==== Installed Programs ====================== . AccelerometerP11 Adobe AIR Adobe Flash Player 11 ActiveX Adobe Reader X (10.1.6) MUI Adobe Shockwave Player 11.6 Advanced Audio FX Engine Advanced System Protector AirRivals Akamai NetSession Interface Apple Application Support Apple Mobile Device Support Apple Software Update Ask Toolbar Ask Toolbar Updater µTorrent Babylon toolbar on IE BBC iPlayer Desktop Bing Bar Bonjour Champions Online Cisco Connect D3DX10 DC Universe Online Live Dell DataSafe Local Backup Dell DataSafe Local Backup - Support Software Dell Driver Download Manager Dell Edoc Viewer Dell Getting Started Guide Dell Mobile Broadband Manager Dell MusicStage Dell PhotoStage Dell Stage Dell Support Center Dell VideoStage Dell Webcam Central DirectX 9 Runtime Download Updater (AOL Inc.) eBay Elevated Installer Escape from Paradise 2 - A Kingdoms Quest Facebook Video Calling 1.2.0.287 FreeArc 0.666 GameTap Web Player Garmin BaseCamp Garmin Communicator Plugin Garmin Communicator Plugin x64 Garmin Express Garmin Express Tray Garmin MapSource Garmin Update Service Garmin USB Drivers Garmin WebUpdater Google Chrome Google Earth Google Talk Plugin Google Toolbar for Internet Explorer Google Update Helper Guffins Toolbar Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) Hotspot Shield 2.93 HP Deskjet 3050A J611 series Basic Device Software HP Deskjet 3050A J611 series Help HP Deskjet 3050A J611 series Product Improvement Study HP Games HP Photo Creations HP Update iCloud Intel PROSet Wireless Intel® Control Center Intel® Management Engine Components Intel® Processor Graphics Intel® PROSet/Wireless Software for Bluetooth® Technology Intel® PROSet/Wireless WiFi Software Intel® Turbo Boost Technology Monitor 2.0 iTunes Java 7 Update 17 Java Auto Updater Java 6 Update 23 (64-bit) JMicron Flash Media Controller Driver JumpStart World Presents Pet Playground Junk Mail filter update Malwarebytes Anti-Malware version 1.75.0.1300 Mesh Runtime Messenger Companion Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Starter 2010 - English Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable - KB2467175 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 MobileMe Control Panel MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) My Scrap Nook MyFreeCodec MyOwnSuperhero MyPC Backup Norton 360 NVIDIA 3D Vision Driver 306.97 NVIDIA Control Panel 306.97 NVIDIA Graphics Driver 306.97 NVIDIA HD Audio Driver 1.1.13.1 NVIDIA Install Application NVIDIA Optimus 1.10.8 NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.10.8 NVIDIA Update Components OpenAL Pando Media Booster PhotoShowExpress Playalot Games PriceGong 2.6.7 Quickset64 QuickTime RBVirtualFolder64Inst Realtek High Definition Audio Driver Retrogamer toolbar ROBLOX Player for Dora n Tony Robot Boom Toolbar Roxio Activation Module Roxio BackOnTrack Roxio Burn Roxio Creator Starter Roxio Express Labeler 3 Roxio File Backup Safari Samsung Kies SAMSUNG USB Driver for Mobile Phones Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Skype Click to Call Skype™ 6.3 Sonic CinePlayer Decoder Pack SweetIM for Messenger 3.6 SweetPacks Toolbar for Internet Explorer 4.6 swMSM Synaptics Pointing Device Driver Unity Web Player Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update Installer for WildTangent Games App Update Manager for SweetPacks 1.0 uTorrentBar Toolbar Vuze WD Link WD SmartWare WildTangent Games App (HP Games) Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Wizard101 Yontoo 1.10.02 . ==== Event Viewer Messages From Past Week ======== . 04/05/2013 14:52:13, Error: Service Control Manager [7031] - The Hotspot Shield Routing Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. 04/05/2013 13:44:12, Error: Service Control Manager [7031] - The Hotspot Shield Routing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. 03/05/2013 23:26:50, Error: Service Control Manager [7034] - The Hotspot Shield Routing Service service terminated unexpectedly. It has done this 1 time(s). 03/05/2013 23:26:45, Error: Service Control Manager [7030] - The Hotspot Shield Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 03/05/2013 21:20:18, Error: Service Control Manager [7031] - The Hotspot Shield Routing Service service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. 01/05/2013 13:52:53, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect. 01/05/2013 13:52:53, Error: Service Control Manager [7000] - The Computer Backup (MyPC Backup) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 01/05/2013 12:42:43, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service. . ==== End Of File ===========================