Jump to content

MrsM1

Members
 View Profile  See their activity

  • Posts

    16

  • Joined

  • Last visited

Reputation

0 Neutral
  1. MrsM1
    thanks, will do!
  2. MrsM1
    no, they have gone. no other issues to report thanks
  3. MrsM1
    it is : netgear - n 150 router wnr1000.
  4. MrsM1
  5. MrsM1
    oh and the hijacking stopped, i downloaded comodo security, and it routed my service through their dns thingy, i think that stopped the mbr from working.. but mbrcheck says its still there..
  6. MrsM1
    2010/08/12 17:48:23.0288 TDSS rootkit removing tool 2.4.1.1 Aug 10 2010 14:48:09 2010/08/12 17:48:23.0288 ================================================================================ 2010/08/12 17:48:23.0288 SystemInfo: 2010/08/12 17:48:23.0288 2010/08/12 17:48:23.0288 OS Version: 6.1.7600 ServicePack: 0.0 2010/08/12 17:48:23.0289 Product type: Workstation 2010/08/12 17:48:23.0289 ComputerName: PRIMA-PC 2010/08/12 17:48:23.0290 UserName: Prima 2010/08/12 17:48:23.0290 Windows directory: C:\windows 2010/08/12 17:48:23.0290 System windows directory: C:\windows 2010/08/12 17:48:23.0290 Running under WOW64 2010/08/12 17:48:23.0290 Processor architecture: Intel x64 2010/08/12 17:48:23.0290 Number of processors: 2 2010/08/12 17:48:23.0290 Page size: 0x1000 2010/08/12 17:48:23.0290 Boot type: Normal boot 2010/08/12 17:48:23.0290 ================================================================================ 2010/08/12 17:48:23.0291 Utility is running under WOW64, functionality is limited. 2010/08/12 17:48:23.0600 Initialize success 2010/08/12 17:48:32.0933 ================================================================================ 2010/08/12 17:48:32.0933 Scan started 2010/08/12 17:48:32.0933 Mode: Manual; 2010/08/12 17:48:32.0933 ================================================================================ 2010/08/12 17:48:33.0544 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\windows\system32\DRIVERS\1394ohci.sys 2010/08/12 17:48:33.0605 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\windows\system32\DRIVERS\ACPI.sys 2010/08/12 17:48:33.0656 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\windows\system32\DRIVERS\acpipmi.sys 2010/08/12 17:48:33.0704 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys 2010/08/12 17:48:33.0764 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys 2010/08/12 17:48:33.0813 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys 2010/08/12 17:48:33.0938 AFD (b9384e03479d2506bc924c16a3db87bc) C:\windows\system32\drivers\afd.sys 2010/08/12 17:48:34.0023 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\windows\system32\DRIVERS\agrsm64.sys 2010/08/12 17:48:34.0119 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\DRIVERS\agp440.sys 2010/08/12 17:48:34.0339 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\DRIVERS\aliide.sys 2010/08/12 17:48:34.0450 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\DRIVERS\amdide.sys 2010/08/12 17:48:34.0519 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys 2010/08/12 17:48:34.0569 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys 2010/08/12 17:48:34.0624 amdsata (7a4b413614c055935567cf88a9734d38) C:\windows\system32\DRIVERS\amdsata.sys 2010/08/12 17:48:34.0686 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys 2010/08/12 17:48:34.0732 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\windows\system32\DRIVERS\amdxata.sys 2010/08/12 17:48:34.0806 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\windows\system32\drivers\appid.sys 2010/08/12 17:48:34.0899 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys 2010/08/12 17:48:34.0941 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys 2010/08/12 17:48:34.0996 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys 2010/08/12 17:48:35.0046 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\DRIVERS\atapi.sys 2010/08/12 17:48:35.0132 athr (e857eee6b92aaa473ebb3465add8f7e7) C:\windows\system32\DRIVERS\athrx.sys 2010/08/12 17:48:35.0398 atikmdag (173f4c05f87085e9bda3f7037bc9f40e) C:\windows\system32\DRIVERS\atikmdag.sys 2010/08/12 17:48:35.0620 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\windows\system32\DRIVERS\AtiPcie.sys 2010/08/12 17:48:35.0819 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys 2010/08/12 17:48:35.0912 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys 2010/08/12 17:48:36.0031 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys 2010/08/12 17:48:36.0160 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys 2010/08/12 17:48:36.0207 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\windows\system32\DRIVERS\bowser.sys 2010/08/12 17:48:36.0272 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys 2010/08/12 17:48:36.0317 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys 2010/08/12 17:48:36.0397 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys 2010/08/12 17:48:36.0451 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys 2010/08/12 17:48:36.0484 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys 2010/08/12 17:48:36.0520 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys 2010/08/12 17:48:36.0568 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys 2010/08/12 17:48:36.0688 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys 2010/08/12 17:48:36.0755 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\windows\system32\DRIVERS\cdrom.sys 2010/08/12 17:48:36.0855 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys 2010/08/12 17:48:36.0929 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys 2010/08/12 17:48:37.0063 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys 2010/08/12 17:48:37.0155 cmderd (07809ec7deece895de3cd10c46218ccf) C:\windows\system32\DRIVERS\cmderd.sys 2010/08/12 17:48:37.0220 cmdGuard (82a2bb05e25dc7c4f591ec7cc040f728) C:\windows\system32\DRIVERS\cmdguard.sys 2010/08/12 17:48:37.0298 cmdHlp (332179e46d2aa3e79fe2fcbca272267f) C:\windows\system32\DRIVERS\cmdhlp.sys 2010/08/12 17:48:37.0369 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\DRIVERS\cmdide.sys 2010/08/12 17:48:37.0437 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\windows\system32\Drivers\cng.sys 2010/08/12 17:48:37.0483 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys 2010/08/12 17:48:37.0546 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\windows\system32\DRIVERS\CompositeBus.sys 2010/08/12 17:48:37.0677 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys 2010/08/12 17:48:37.0852 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\windows\system32\Drivers\dfsc.sys 2010/08/12 17:48:37.0944 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys 2010/08/12 17:48:38.0015 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys 2010/08/12 17:48:38.0148 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys 2010/08/12 17:48:38.0228 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\windows\System32\drivers\dxgkrnl.sys 2010/08/12 17:48:38.0422 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys 2010/08/12 17:48:38.0650 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys 2010/08/12 17:48:38.0699 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\DRIVERS\errdev.sys 2010/08/12 17:48:38.0844 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys 2010/08/12 17:48:38.0894 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys 2010/08/12 17:48:38.0984 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys 2010/08/12 17:48:39.0098 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys 2010/08/12 17:48:39.0150 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys 2010/08/12 17:48:39.0202 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys 2010/08/12 17:48:39.0259 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\windows\system32\drivers\fltmgr.sys 2010/08/12 17:48:39.0388 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys 2010/08/12 17:48:39.0424 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys 2010/08/12 17:48:39.0494 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\windows\system32\DRIVERS\fvevol.sys 2010/08/12 17:48:39.0561 FwLnk (60acb128e64c35c2b4e4aab1b0a5c293) C:\windows\system32\DRIVERS\FwLnk.sys 2010/08/12 17:48:39.0616 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys 2010/08/12 17:48:39.0733 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys 2010/08/12 17:48:39.0796 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\windows\system32\drivers\HdAudio.sys 2010/08/12 17:48:39.0862 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\windows\system32\DRIVERS\HDAudBus.sys 2010/08/12 17:48:39.0922 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys 2010/08/12 17:48:39.0980 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys 2010/08/12 17:48:40.0040 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys 2010/08/12 17:48:40.0115 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\windows\system32\DRIVERS\hidusb.sys 2010/08/12 17:48:40.0253 HpSAMD (0886d440058f203eba0e1825e4355914) C:\windows\system32\DRIVERS\HpSAMD.sys 2010/08/12 17:48:40.0327 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\windows\system32\drivers\HTTP.sys 2010/08/12 17:48:40.0407 hwpolicy (f17766a19145f111856378df337a5d79) C:\windows\system32\drivers\hwpolicy.sys 2010/08/12 17:48:40.0473 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys 2010/08/12 17:48:40.0541 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\windows\system32\DRIVERS\iaStorV.sys 2010/08/12 17:48:40.0618 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys 2010/08/12 17:48:40.0734 inspect (08069a7784fc040f343f8767c4e359f9) C:\windows\system32\DRIVERS\inspect.sys 2010/08/12 17:48:40.0866 IntcAzAudAddService (0c3cf4b3bae28e121a1689e3538f8712) C:\windows\system32\drivers\RTKVHD64.sys 2010/08/12 17:48:41.0034 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\DRIVERS\intelide.sys 2010/08/12 17:48:41.0100 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys 2010/08/12 17:48:41.0183 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\windows\system32\DRIVERS\ipfltdrv.sys 2010/08/12 17:48:41.0279 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\windows\system32\DRIVERS\IPMIDrv.sys 2010/08/12 17:48:41.0356 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys 2010/08/12 17:48:41.0416 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys 2010/08/12 17:48:41.0452 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\DRIVERS\isapnp.sys 2010/08/12 17:48:41.0503 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\windows\system32\DRIVERS\msiscsi.sys 2010/08/12 17:48:41.0551 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys 2010/08/12 17:48:41.0609 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\windows\system32\DRIVERS\kbdhid.sys 2010/08/12 17:48:41.0696 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\windows\system32\Drivers\ksecdd.sys 2010/08/12 17:48:41.0751 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\windows\system32\Drivers\ksecpkg.sys 2010/08/12 17:48:41.0806 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys 2010/08/12 17:48:41.0974 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys 2010/08/12 17:48:42.0115 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys 2010/08/12 17:48:42.0155 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys 2010/08/12 17:48:42.0197 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys 2010/08/12 17:48:42.0239 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys 2010/08/12 17:48:42.0290 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys 2010/08/12 17:48:42.0372 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys 2010/08/12 17:48:42.0423 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys 2010/08/12 17:48:42.0503 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys 2010/08/12 17:48:42.0560 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys 2010/08/12 17:48:42.0626 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys 2010/08/12 17:48:42.0668 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys 2010/08/12 17:48:42.0732 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\windows\system32\drivers\mountmgr.sys 2010/08/12 17:48:42.0775 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\windows\system32\DRIVERS\mpio.sys 2010/08/12 17:48:42.0829 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys 2010/08/12 17:48:42.0929 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\windows\system32\drivers\mrxdav.sys 2010/08/12 17:48:42.0998 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\windows\system32\DRIVERS\mrxsmb.sys 2010/08/12 17:48:43.0059 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\windows\system32\DRIVERS\mrxsmb10.sys 2010/08/12 17:48:43.0126 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\windows\system32\DRIVERS\mrxsmb20.sys 2010/08/12 17:48:43.0201 msahci (5c37497276e3b3a5488b23a326a754b7) C:\windows\system32\DRIVERS\msahci.sys 2010/08/12 17:48:43.0275 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\windows\system32\DRIVERS\msdsm.sys 2010/08/12 17:48:43.0375 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys 2010/08/12 17:48:43.0431 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys 2010/08/12 17:48:43.0482 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\DRIVERS\msisadrv.sys 2010/08/12 17:48:43.0600 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys 2010/08/12 17:48:43.0649 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys 2010/08/12 17:48:43.0694 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys 2010/08/12 17:48:43.0742 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\windows\system32\drivers\MsRPC.sys 2010/08/12 17:48:43.0817 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys 2010/08/12 17:48:43.0877 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys 2010/08/12 17:48:43.0932 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys 2010/08/12 17:48:44.0003 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys 2010/08/12 17:48:44.0104 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys 2010/08/12 17:48:44.0222 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\windows\system32\drivers\ndis.sys 2010/08/12 17:48:44.0335 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys 2010/08/12 17:48:44.0399 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys 2010/08/12 17:48:44.0454 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\windows\system32\DRIVERS\ndisuio.sys 2010/08/12 17:48:44.0509 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\windows\system32\DRIVERS\ndiswan.sys 2010/08/12 17:48:44.0556 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\windows\system32\drivers\NDProxy.sys 2010/08/12 17:48:44.0610 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys 2010/08/12 17:48:44.0677 NetBT (9162b273a44ab9dce5b44362731d062a) C:\windows\system32\DRIVERS\netbt.sys 2010/08/12 17:48:44.0858 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys 2010/08/12 17:48:44.0932 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys 2010/08/12 17:48:45.0002 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys 2010/08/12 17:48:45.0106 Ntfs (356698a13c4630d5b31c37378d469196) C:\windows\system32\drivers\Ntfs.sys 2010/08/12 17:48:45.0243 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys 2010/08/12 17:48:45.0316 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\windows\system32\DRIVERS\nvraid.sys 2010/08/12 17:48:45.0388 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\windows\system32\DRIVERS\nvstor.sys 2010/08/12 17:48:45.0460 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\DRIVERS\nv_agp.sys 2010/08/12 17:48:45.0533 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\DRIVERS\ohci1394.sys 2010/08/12 17:48:45.0686 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys 2010/08/12 17:48:45.0761 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\windows\system32\drivers\partmgr.sys 2010/08/12 17:48:45.0873 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\windows\system32\DRIVERS\pci.sys 2010/08/12 17:48:45.0939 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys 2010/08/12 17:48:45.0989 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys 2010/08/12 17:48:46.0039 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys 2010/08/12 17:48:46.0112 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys 2010/08/12 17:48:46.0284 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys 2010/08/12 17:48:46.0521 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\windows\system32\DRIVERS\raspptp.sys 2010/08/12 17:48:46.0573 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys 2010/08/12 17:48:46.0688 Psched (ee992183bd8eaefd9973f352e587a299) C:\windows\system32\DRIVERS\pacer.sys 2010/08/12 17:48:46.0758 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\windows\system32\Drivers\PxHlpa64.sys 2010/08/12 17:48:46.0829 pxkbf (c8d78b156b78b7d3098ee6cc3362f277) C:\windows\system32\drivers\pxkbf.sys 2010/08/12 17:48:46.0878 pxrts (52f8fb4dcdd17e789be53c1f7a160743) C:\windows\system32\drivers\pxrts.sys 2010/08/12 17:48:46.0928 pxscan (6484c97057d03aad89d1301e415ec21a) C:\windows\system32\drivers\pxscan.sys 2010/08/12 17:48:47.0024 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys 2010/08/12 17:48:47.0100 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys 2010/08/12 17:48:47.0186 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys 2010/08/12 17:48:47.0241 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys 2010/08/12 17:48:47.0294 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys 2010/08/12 17:48:47.0367 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\windows\system32\DRIVERS\rasl2tp.sys 2010/08/12 17:48:47.0448 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys 2010/08/12 17:48:47.0498 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys 2010/08/12 17:48:47.0574 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\windows\system32\DRIVERS\rdbss.sys 2010/08/12 17:48:47.0641 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys 2010/08/12 17:48:47.0691 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys 2010/08/12 17:48:47.0749 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys 2010/08/12 17:48:47.0812 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys 2010/08/12 17:48:47.0858 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\windows\system32\drivers\RDPWD.sys 2010/08/12 17:48:47.0943 rdyboost (634b9a2181d98f15941236886164ec8b) C:\windows\system32\drivers\rdyboost.sys 2010/08/12 17:48:48.0164 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys 2010/08/12 17:48:48.0296 RTL8167 (f65f171165fbb613f7aa3cc78e8cab42) C:\windows\system32\DRIVERS\Rt64win7.sys 2010/08/12 17:48:48.0374 rtl8192se (7cd14bf5b42931fb80bee5d3e6ba7089) C:\windows\system32\DRIVERS\rtl8192se.sys 2010/08/12 17:48:48.0551 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\windows\system32\DRIVERS\sbp2port.sys 2010/08/12 17:48:48.0635 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\windows\system32\DRIVERS\scfilter.sys 2010/08/12 17:48:48.0765 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys 2010/08/12 17:48:48.0882 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys 2010/08/12 17:48:48.0937 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys 2010/08/12 17:48:48.0992 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys 2010/08/12 17:48:49.0111 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\DRIVERS\sffdisk.sys 2010/08/12 17:48:49.0160 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\DRIVERS\sffp_mmc.sys 2010/08/12 17:48:49.0201 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\windows\system32\DRIVERS\sffp_sd.sys 2010/08/12 17:48:49.0275 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys 2010/08/12 17:48:49.0398 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys 2010/08/12 17:48:49.0445 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys 2010/08/12 17:48:49.0510 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys 2010/08/12 17:48:49.0617 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys 2010/08/12 17:48:49.0788 srv (43067a65522eaec33d31a12d6fa8e3f4) C:\windows\system32\DRIVERS\srv.sys 2010/08/12 17:48:49.0873 srv2 (03715cf9c30b563da35fc5f2b8f7b8e0) C:\windows\system32\DRIVERS\srv2.sys 2010/08/12 17:48:49.0933 srvnet (fbd09635227a8026c0f7790f604343c6) C:\windows\system32\DRIVERS\srvnet.sys 2010/08/12 17:48:50.0076 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys 2010/08/12 17:48:50.0211 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys 2010/08/12 17:48:50.0322 SynTP (be7311da9d6833fa69ed04b744a1c8f8) C:\windows\system32\DRIVERS\SynTP.sys 2010/08/12 17:48:50.0607 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\windows\system32\drivers\tcpip.sys 2010/08/12 17:48:50.0785 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\windows\system32\DRIVERS\tcpip.sys 2010/08/12 17:48:50.0877 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\windows\system32\drivers\tcpipreg.sys 2010/08/12 17:48:50.0968 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys 2010/08/12 17:48:51.0034 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys 2010/08/12 17:48:51.0091 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\windows\system32\drivers\tdtcp.sys 2010/08/12 17:48:51.0151 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\windows\system32\DRIVERS\tdx.sys 2010/08/12 17:48:51.0220 TermDD (c448651339196c0e869a355171875522) C:\windows\system32\DRIVERS\termdd.sys 2010/08/12 17:48:51.0531 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys 2010/08/12 17:48:51.0699 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\windows\system32\DRIVERS\tssecsrv.sys 2010/08/12 17:48:51.0771 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\windows\system32\DRIVERS\tunnel.sys 2010/08/12 17:48:51.0836 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS 2010/08/12 17:48:51.0916 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys 2010/08/12 17:48:51.0981 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys 2010/08/12 17:48:52.0059 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\windows\system32\DRIVERS\udfs.sys 2010/08/12 17:48:52.0162 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\DRIVERS\uliagpkx.sys 2010/08/12 17:48:52.0225 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\windows\system32\DRIVERS\umbus.sys 2010/08/12 17:48:52.0269 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys 2010/08/12 17:48:52.0344 usbccgp (b26afb54a534d634523c4fb66765b026) C:\windows\system32\DRIVERS\usbccgp.sys 2010/08/12 17:48:52.0453 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\DRIVERS\usbcir.sys 2010/08/12 17:48:52.0503 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\windows\system32\DRIVERS\usbehci.sys 2010/08/12 17:48:52.0579 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\windows\system32\DRIVERS\usbhub.sys 2010/08/12 17:48:52.0632 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\windows\system32\DRIVERS\usbohci.sys 2010/08/12 17:48:52.0677 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys 2010/08/12 17:48:52.0728 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\windows\system32\DRIVERS\USBSTOR.SYS 2010/08/12 17:48:52.0779 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\windows\system32\DRIVERS\usbuhci.sys 2010/08/12 17:48:52.0839 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\windows\system32\Drivers\usbvideo.sys 2010/08/12 17:48:52.0969 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\DRIVERS\vdrvroot.sys 2010/08/12 17:48:53.0041 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys 2010/08/12 17:48:53.0098 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys 2010/08/12 17:48:53.0157 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\windows\system32\DRIVERS\vhdmp.sys 2010/08/12 17:48:53.0214 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\DRIVERS\viaide.sys 2010/08/12 17:48:53.0270 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\windows\system32\DRIVERS\volmgr.sys 2010/08/12 17:48:53.0347 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\windows\system32\drivers\volmgrx.sys 2010/08/12 17:48:53.0420 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\windows\system32\DRIVERS\volsnap.sys 2010/08/12 17:48:53.0483 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys 2010/08/12 17:48:53.0581 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys 2010/08/12 17:48:53.0651 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys 2010/08/12 17:48:53.0767 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys 2010/08/12 17:48:53.0856 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys 2010/08/12 17:48:53.0887 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys 2010/08/12 17:48:54.0106 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys 2010/08/12 17:48:54.0175 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys 2010/08/12 17:48:54.0419 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys 2010/08/12 17:48:54.0470 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys 2010/08/12 17:48:54.0724 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys 2010/08/12 17:48:54.0888 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys 2010/08/12 17:48:55.0033 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\windows\system32\drivers\WudfPf.sys 2010/08/12 17:48:55.0171 ================================================================================ 2010/08/12 17:48:55.0171 Scan finished 2010/08/12 17:48:55.0171 ================================================================================ it said no threats found, but mbrcheck says there is an mbr code there still.
  7. MrsM1
    it says windows 2008 mbr detected. heres the log MBRCheck, version 1.2.3 © 2010, AD Command-line: Windows Version: Windows 7 Home Premium Edition Windows Information: (build 7600), 64-bit Base Board Manufacturer: TOSHIBA BIOS Manufacturer: Insyde Corp. System Manufacturer: TOSHIBA System Product Name: Satellite L505D Logical Drives Mask: 0x0000000c Kernel Drivers (total 198): 0x02C63000 \SystemRoot\system32\ntoskrnl.exe 0x02C1A000 \SystemRoot\system32\hal.dll 0x00BAD000 \SystemRoot\system32\kdcom.dll 0x00C74000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll 0x00C81000 \SystemRoot\system32\PSHED.dll 0x00C95000 \SystemRoot\system32\CLFS.SYS 0x00CF3000 \SystemRoot\system32\CI.dll 0x00E77000 \SystemRoot\system32\drivers\Wdf01000.sys 0x00F1B000 \SystemRoot\system32\drivers\WDFLDR.SYS 0x00F2A000 \SystemRoot\system32\DRIVERS\ACPI.sys 0x00F81000 \SystemRoot\system32\DRIVERS\WMILIB.SYS 0x00F8A000 \SystemRoot\system32\DRIVERS\msisadrv.sys 0x00F94000 \SystemRoot\system32\DRIVERS\pci.sys 0x00FC7000 \SystemRoot\system32\DRIVERS\vdrvroot.sys 0x00FD4000 \SystemRoot\System32\drivers\partmgr.sys 0x00FE9000 \SystemRoot\system32\DRIVERS\compbatt.sys 0x00FF2000 \SystemRoot\system32\DRIVERS\BATTC.SYS 0x00E00000 \SystemRoot\system32\DRIVERS\volmgr.sys 0x00E15000 \SystemRoot\System32\drivers\volmgrx.sys 0x00DB3000 \SystemRoot\system32\DRIVERS\pciide.sys 0x00DBA000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS 0x00DCA000 \SystemRoot\System32\drivers\mountmgr.sys 0x00DE4000 \SystemRoot\system32\DRIVERS\atapi.sys 0x00C00000 \SystemRoot\system32\DRIVERS\ataport.SYS 0x00C2A000 \SystemRoot\system32\DRIVERS\msahci.sys 0x00C35000 \SystemRoot\system32\DRIVERS\amdxata.sys 0x01088000 \SystemRoot\system32\drivers\fltmgr.sys 0x010D4000 \SystemRoot\system32\drivers\fileinfo.sys 0x010E8000 \SystemRoot\system32\drivers\NISx64\1107000.00C\SYMDS64.SYS 0x01156000 \SystemRoot\system32\drivers\NISx64\1107000.00C\SYMEFA64.SYS 0x01191000 \SystemRoot\System32\Drivers\PxHlpa64.sys 0x01220000 \SystemRoot\System32\Drivers\Ntfs.sys 0x0119D000 \SystemRoot\System32\Drivers\msrpc.sys 0x013C3000 \SystemRoot\System32\Drivers\ksecdd.sys 0x01000000 \SystemRoot\System32\Drivers\cng.sys 0x013DD000 \SystemRoot\System32\drivers\pcw.sys 0x013EE000 \SystemRoot\System32\Drivers\Fs_Rec.sys 0x014B9000 \SystemRoot\system32\drivers\ndis.sys 0x01400000 \SystemRoot\system32\drivers\NETIO.SYS 0x01460000 \SystemRoot\System32\Drivers\ksecpkg.sys 0x01602000 \SystemRoot\System32\drivers\tcpip.sys 0x015AB000 \SystemRoot\System32\drivers\fwpkclnt.sys 0x0184F000 \SystemRoot\system32\DRIVERS\volsnap.sys 0x0189B000 \SystemRoot\system32\DRIVERS\TVALZ_O.SYS 0x018A0000 \SystemRoot\system32\DRIVERS\tos_sps64.sys 0x0191A000 \SystemRoot\System32\Drivers\spldr.sys 0x01922000 \SystemRoot\System32\drivers\rdyboost.sys 0x0195C000 \SystemRoot\System32\Drivers\mup.sys 0x0196E000 \SystemRoot\System32\drivers\hwpolicy.sys 0x01977000 \SystemRoot\System32\DRIVERS\fvevol.sys 0x019B1000 \SystemRoot\system32\DRIVERS\disk.sys 0x019C7000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS 0x019F7000 \SystemRoot\system32\DRIVERS\AtiPcie.sys 0x0148B000 \SystemRoot\system32\DRIVERS\cdrom.sys 0x01838000 \SystemRoot\System32\Drivers\Null.SYS 0x01841000 \SystemRoot\System32\Drivers\Beep.SYS 0x01200000 \SystemRoot\System32\drivers\vga.sys 0x00C40000 \SystemRoot\System32\drivers\VIDEOPRT.SYS 0x0120E000 \SystemRoot\System32\drivers\watchdog.sys 0x015F5000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0x01073000 \SystemRoot\system32\drivers\rdpencdd.sys 0x0107C000 \SystemRoot\system32\drivers\rdprefmp.sys 0x00C65000 \SystemRoot\System32\Drivers\Msfs.SYS 0x00DED000 \SystemRoot\System32\Drivers\Npfs.SYS 0x02C4C000 \SystemRoot\system32\DRIVERS\tdx.sys 0x02C6A000 \SystemRoot\system32\DRIVERS\TDI.SYS 0x02C77000 \SystemRoot\system32\drivers\afd.sys 0x02D01000 \SystemRoot\System32\DRIVERS\netbt.sys 0x02D46000 \SystemRoot\system32\DRIVERS\wfplwf.sys 0x02D4F000 \SystemRoot\system32\DRIVERS\pacer.sys 0x02D75000 \SystemRoot\system32\DRIVERS\vwififlt.sys 0x02D8B000 \SystemRoot\system32\DRIVERS\netbios.sys 0x02D9A000 \SystemRoot\system32\DRIVERS\wanarp.sys 0x02DB5000 \SystemRoot\system32\DRIVERS\termdd.sys 0x02DC9000 \SystemRoot\system32\drivers\NISx64\1107000.00C\Ironx64.SYS 0x02C00000 \SystemRoot\system32\drivers\NISx64\1107000.00C\SRTSPX64.SYS 0x03AD1000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x03B22000 \SystemRoot\system32\drivers\nsiproxy.sys 0x03B2E000 \SystemRoot\system32\DRIVERS\mssmbios.sys 0x03B39000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100809.001\IDSvia64.sys 0x03BAF000 \??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS 0x03A00000 \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 0x03A76000 \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 0x03A9B000 \SystemRoot\System32\drivers\discache.sys 0x03AAA000 \SystemRoot\System32\Drivers\dfsc.sys 0x03CA4000 \SystemRoot\system32\drivers\NISx64\1107000.00C\ccHPx64.sys 0x03D40000 \SystemRoot\system32\DRIVERS\blbdrive.sys 0x03E49000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100719.001\BHDrvx64.sys 0x03F34000 \SystemRoot\system32\DRIVERS\tunnel.sys 0x03F5A000 \SystemRoot\system32\DRIVERS\TVALZFL.sys 0x03F61000 \SystemRoot\system32\DRIVERS\FwLnk.sys 0x03F69000 \SystemRoot\system32\DRIVERS\amdppm.sys 0x03F7E000 \SystemRoot\system32\DRIVERS\CmBatt.sys 0x04808000 \SystemRoot\system32\DRIVERS\atikmdag.sys 0x04E1F000 \SystemRoot\System32\drivers\dxgkrnl.sys 0x04F13000 \SystemRoot\System32\drivers\dxgmms1.sys 0x04029000 \SystemRoot\system32\DRIVERS\rtl8192se.sys 0x04131000 \SystemRoot\system32\DRIVERS\vwifibus.sys 0x0413E000 \SystemRoot\system32\DRIVERS\Rt64win7.sys 0x0417C000 \SystemRoot\system32\DRIVERS\tdcmdpst.sys 0x04186000 \SystemRoot\system32\DRIVERS\usbohci.sys 0x04191000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0x041E7000 \SystemRoot\system32\DRIVERS\usbehci.sys 0x04000000 \SystemRoot\system32\DRIVERS\HDAudBus.sys 0x04F59000 \SystemRoot\system32\DRIVERS\i8042prt.sys 0x04F77000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0x04F86000 \SystemRoot\system32\DRIVERS\SynTP.sys 0x04024000 \SystemRoot\system32\DRIVERS\USBD.SYS 0x04FCF000 \SystemRoot\system32\DRIVERS\mouclass.sys 0x04FDE000 \SystemRoot\system32\DRIVERS\CompositeBus.sys 0x03F83000 \SystemRoot\system32\DRIVERS\AgileVpn.sys 0x03F99000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0x04FEE000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0x03FBD000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0x03E00000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0x03E1B000 \SystemRoot\system32\DRIVERS\raspptp.sys 0x03D51000 \SystemRoot\system32\DRIVERS\rassstp.sys 0x04026000 \SystemRoot\system32\DRIVERS\swenum.sys 0x03D6B000 \SystemRoot\system32\DRIVERS\ks.sys 0x03FEC000 \SystemRoot\system32\DRIVERS\umbus.sys 0x03C00000 \SystemRoot\system32\DRIVERS\usbhub.sys 0x03C5A000 \SystemRoot\System32\Drivers\NDProxy.SYS 0x06401000 \SystemRoot\system32\drivers\RTKVHD64.sys 0x03DAE000 \SystemRoot\system32\drivers\portcls.sys 0x03C6F000 \SystemRoot\system32\drivers\drmk.sys 0x065E0000 \SystemRoot\system32\drivers\ksthunk.sys 0x065E6000 \SystemRoot\System32\Drivers\crashdmp.sys 0x065F4000 \SystemRoot\System32\Drivers\dump_dumpata.sys 0x03E3C000 \SystemRoot\System32\Drivers\dump_msahci.sys 0x03C91000 \SystemRoot\System32\Drivers\dump_dumpfve.sys 0x02C14000 \SystemRoot\system32\DRIVERS\usbccgp.sys 0x01800000 \SystemRoot\System32\Drivers\usbvideo.sys 0x041F8000 \SystemRoot\system32\DRIVERS\pgeffect.sys 0x00090000 \SystemRoot\System32\win32k.sys 0x03DEB000 \SystemRoot\System32\drivers\Dxapi.sys 0x03BE5000 \SystemRoot\system32\DRIVERS\monitor.sys 0x00500000 \SystemRoot\System32\TSDDD.dll 0x006D0000 \SystemRoot\System32\cdd.dll 0x02658000 \SystemRoot\system32\drivers\luafv.sys 0x0267B000 \SystemRoot\system32\DRIVERS\lltdio.sys 0x02690000 \SystemRoot\system32\DRIVERS\nwifi.sys 0x026E3000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0x026F6000 \SystemRoot\system32\DRIVERS\rspndr.sys 0x0270E000 \SystemRoot\system32\drivers\HTTP.sys 0x027D6000 \SystemRoot\system32\DRIVERS\bowser.sys 0x02600000 \SystemRoot\System32\drivers\mpsdrv.sys 0x02618000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0x038E4000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys 0x03932000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys 0x03955000 \SystemRoot\system32\drivers\peauth.sys 0x03800000 \SystemRoot\System32\Drivers\secdrv.SYS 0x0380B000 \SystemRoot\System32\DRIVERS\srvnet.sys 0x03838000 \SystemRoot\System32\drivers\tcpipreg.sys 0x0384A000 \SystemRoot\System32\DRIVERS\srv2.sys 0x066A8000 \SystemRoot\System32\DRIVERS\srv.sys 0x06600000 \SystemRoot\System32\Drivers\NISx64\1107000.00C\SYMTDIV.SYS 0x06EF6000 \SystemRoot\System32\Drivers\NISx64\1107000.00C\SRTSP64.SYS 0x07211000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100810.049\EX64.SYS 0x073CB000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100810.049\ENG64.SYS 0x77C90000 \Windows\System32\ntdll.dll 0x47C60000 \Windows\System32\smss.exe 0xFFFB0000 \Windows\System32\apisetschema.dll 0xFF2E0000 \Windows\System32\autochk.exe 0xFFF00000 \Windows\System32\msvcrt.dll 0xFFE20000 \Windows\System32\oleaut32.dll 0x77B90000 \Windows\System32\user32.dll 0xFFCF0000 \Windows\System32\wininet.dll 0xFFCA0000 \Windows\System32\Wldap32.dll 0xFFB90000 \Windows\System32\msctf.dll 0x77A70000 \Windows\System32\kernel32.dll 0xFFAF0000 \Windows\System32\clbcatq.dll 0xFFAD0000 \Windows\System32\sechost.dll 0xFF8F0000 \Windows\System32\setupapi.dll 0xFF820000 \Windows\System32\usp10.dll 0xFF6F0000 \Windows\System32\rpcrt4.dll 0xFF650000 \Windows\System32\comdlg32.dll 0xFF4D0000 \Windows\System32\urlmon.dll 0xFF460000 \Windows\System32\gdi32.dll 0xFF450000 \Windows\System32\lpk.dll 0x77E60000 \Windows\System32\normaliz.dll 0xFF420000 \Windows\System32\imm32.dll 0xFF210000 \Windows\System32\ole32.dll 0xFF190000 \Windows\System32\shlwapi.dll 0xFF180000 \Windows\System32\nsi.dll 0xFF160000 \Windows\System32\imagehlp.dll 0xFE3D0000 \Windows\System32\shell32.dll 0xFE2F0000 \Windows\System32\advapi32.dll 0x77E50000 \Windows\System32\psapi.dll 0xFE2A0000 \Windows\System32\ws2_32.dll 0xFE220000 \Windows\System32\difxapi.dll 0xFDFC0000 \Windows\System32\iertutil.dll 0xFDF80000 \Windows\System32\cfgmgr32.dll 0xFDF10000 \Windows\System32\KernelBase.dll 0xFDED0000 \Windows\System32\wintrust.dll 0xFDE30000 \Windows\System32\comctl32.dll 0xFDCC0000 \Windows\System32\crypt32.dll 0xFDCA0000 \Windows\System32\devobj.dll 0xFDC90000 \Windows\System32\msasn1.dll Processes (total 74): 0 System Idle Process 4 System 276 C:\Windows\System32\smss.exe 420 csrss.exe 472 C:\Windows\System32\wininit.exe 488 csrss.exe 548 C:\Windows\System32\winlogon.exe 584 C:\Windows\System32\services.exe 596 C:\Windows\System32\lsass.exe 608 C:\Windows\System32\lsm.exe 704 C:\Windows\System32\svchost.exe 784 C:\Windows\System32\svchost.exe 880 C:\Windows\System32\atiesrxx.exe 912 C:\Windows\System32\svchost.exe 944 C:\Windows\System32\svchost.exe 972 C:\Windows\System32\svchost.exe 696 C:\Windows\System32\svchost.exe 1144 C:\Windows\System32\svchost.exe 1264 C:\Windows\System32\spoolsv.exe 1300 C:\Windows\System32\svchost.exe 1752 C:\Program Files (x86)\TOSHIBA\ToshibaRegistration\TaisRegistPinger.exe 1792 C:\Windows\System32\TODDSrv.exe 1820 C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe 1896 C:\Program Files\TOSHIBA\TECO\TecoService.exe 1936 C:\Windows\System32\SearchIndexer.exe 2240 C:\Windows\System32\svchost.exe 2656 C:\Program Files (x86)\Norton Internet Security\Engine\17.7.0.12\ccsvchst.exe 2948 C:\Windows\System32\atieclxx.exe 3008 C:\Windows\System32\svchost.exe 1908 C:\Windows\System32\taskhost.exe 2520 C:\Program Files (x86)\Norton Internet Security\Engine\17.7.0.12\ccsvchst.exe 1572 C:\Windows\System32\dwm.exe 2320 C:\Windows\explorer.exe 3332 C:\Windows\System32\taskeng.exe 3372 C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe 3404 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 3436 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 3524 C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe 3712 C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe 3732 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe 3824 C:\Program Files\TOSHIBA\TECO\Teco.exe 3920 C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe 3952 C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe 4024 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe 3080 C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe 2488 C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe 2176 C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe 3228 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe 2284 C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe 3632 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe 3864 C:\Program Files\Windows Media Player\wmpnetwk.exe 1432 C:\Program Files (x86)\Vidalia Bundle\Tor\tor.exe 2504 C:\Windows\System32\conhost.exe 3848 C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe 3976 C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe 2012 C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe 4280 C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe 5092 C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe 4656 C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe 1744 C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe 4964 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe 3196 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe 4728 C:\Program Files (x86)\Skype\Phone\Skype.exe 4660 C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe 4732 C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames2.exe 4700 C:\Windows\System32\taskhost.exe 856 C:\Program Files (x86)\FileASSASSIN\FileASSASSIN.exe 3200 C:\Windows\System32\audiodg.exe 4736 C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 2\firefox.exe 3540 C:\Windows\System32\SearchProtocolHost.exe 780 C:\Windows\System32\SearchFilterHost.exe 3892 C:\Users\Prima\Downloads\MBRCheck.exe 1676 C:\Windows\System32\conhost.exe 4544 C:\Windows\System32\dllhost.exe \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`5dd00000 (NTFS) PhysicalDrive0 Model Number: WDCWD3200BEVT-26ZCT0, Rev: 12.01A12 Size Device Name MBR Status -------------------------------------------- 298 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected SHA1: BBAD517F7EAC529451E4B9586C847AE190574F61 oh and it does show up in every browser that I use.
  8. MrsM1
    well, I thought completely restoring factory setting on my comp would get rid of it, it didnt. i backed everything up and put windows 7 back on it... didnt work. when i click on searches in yahoo it gets redirected to localpages, informationgetter.com your local neighbourhood, shopica, etc.. i'm really tired of this. whatever you come up with will be appreciated. oh and i tried to put mbam on this freshly wiped comp, it does the wont update winhttp send request error 12007 again. so i'm just gonna rename the file. whatever it is its still on there. maybe its in the partition?
  9. MrsM1
    and heres the OTL extras.txt OTL Extras logfile created on: 8/5/2010 07:13:05 - Run 1 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\MOjet1\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 4.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 25.00% Memory free 7.00 Gb Paging File | 3.00 Gb Available in Paging File | 43.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 287.61 Gb Total Space | 184.01 Gb Free Space | 63.98% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MOJET1-PC Current User Name: MOjet1 Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- Reg Error: Key error. https [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MIF5BA~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- Reg Error: Key error. https [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MIF5BA~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.0.0 (r181) "{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5BCC94A1-DEF1-4AB4-8046-BC13048E929A}" = TOSHIBA ReelTime "{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator "{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center "{81F3BC27-141B-635F-5D6B-5DE08D3B5884}" = ccc-utility64 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007 "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor "{A0880F03-8480-482E-1606-BC91669B0882}" = ATI Catalyst Install Manager "{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility "{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator "{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64 "{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{F64684A0-754B-4637-B7F9-6E8DAA8CD5CD}" = TOSHIBA Bulletin Board "{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0 "{01DCAD46-FF60-478B-88FB-8A17B1129F53}" = Easy Resume Creator Pro "{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package "{0DB8F853-899A-8628-E0D7-29FB190CF848}" = Catalyst Control Center Graphics Full Existing "{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver "{117BCF94-6A1E-6741-39F5-09444381445E}" = CCC Help Italian "{1211D6B0-B7B5-CB9A-99A2-066473FC35CA}" = CCC Help Swedish "{14956199-1890-C3D4-F8B8-3C0C6FD82993}" = ccc-core-static "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works "{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer "{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = TOSHIBA Assist "{1D210042-41EE-4472-2219-6A900366B9A3}" = CCC Help French "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java 6 Update 21 "{2ABB6396-785C-E2CB-579E-79BAF98E0527}" = Catalyst Control Center Graphics Previews Vista "{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64) "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker "{3E1B8E31-9692-207B-77B7-A8339AF03795}" = Catalyst Control Center Graphics Full New "{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0 "{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{58630658-9DF7-E873-9F5D-0EAF87D25DAA}" = CCC Help Norwegian "{58F9D852-9443-4955-A1ED-12C9E0504DD0}" = Mavis Beacon Teaches Typing Platinum 20 "{594A3C2C-19B3-E02E-359C-B8D134F6B939}" = CCC Help Korean "{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration "{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{6055830B-40E4-C794-3F04-2D0CD8AF1AAC}" = CCC Help Russian "{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3 "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6ADD0603-16EF-400D-9F9E-486432835002}" = OpenOffice.org 3.2 "{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER "{6E932CA6-FD17-7694-FD7C-14CE25770EA5}" = Catalyst Control Center Graphics Previews Common "{739A6E9D-5D7D-8A5D-EC8A-4BD11E5749AA}" = CCC Help Hungarian "{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0 "{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C72927B-7410-131A-E641-B9C505F4973C}" = CCC Help Japanese "{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{911AB6CA-E04C-1E98-523D-8FCFAB4F456C}" = CCC Help Czech "{9216C6A7-694A-4437-BD00-BD1CF58E1839}" = CCC Help Spanish "{92DE68CE-BC3E-7323-EA53-99490C8BD34D}" = Catalyst Control Center Graphics Light "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English) "{9668AE11-E05C-8169-F6D8-FBF7B507D7DB}" = CCC Help German "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer "{979587FD-F264-3C71-B0BE-6FC8DA993790}" = CCC Help Thai "{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller "{999307CD-D57D-8C98-27ED-07F384ACFAA1}" = CCC Help Turkish "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A208044D-A88B-4ACF-AE95-E4F213E6EDC0}" = TOSHIBA Supervisor Password "{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Roxio Burn "{A7594D38-0B7E-BCF7-A938-1AC03A6477FB}" = CCC Help English "{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station "{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2 "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{AC7BE07B-14D3-6EB5-814A-EB0A63CBFB47}" = CCC Help Polish "{B1CDB3C6-8DD8-4864-8589-BDFBDA033941}" = CCC Help Chinese Traditional "{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn "{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility "{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0 "{BDABF8CD-7436-EC6C-DD82-439225E22557}" = CCC Help Finnish "{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1" = Uniblue DriverScanner "{C5A15C68-0DF3-8A13-352E-E605491D7E3D}" = Catalyst Control Center InstallProxy "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Professional "{CFAE78A9-A7A4-537E-7CC0-5A794FFBF73F}" = Catalyst Control Center Core Implementation "{D0387727-C89D-4774-B643-B9333EAA09DE}" = TOSHIBA Hardware Setup "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype
  10. MrsM1
    they are redirected to crappy shopping list sites...ok heres one "http://www.freshdeals.com/deals.php?uvx=iOogDni088shv1nPQ-3e_Pw--f4X7x5PzFPUSxhmQT7KYzGkBecg3wQPsPH7dFv-NWYOSEZExN5W_At1cf5WMsxZAT46sLT628DcDwQPGXDkfJBDqYbRx5mcSEu_NjoddBnbWliQPM4YBA-pG4r9EQsD3AA27D0zhDTc12McIudUWHLut9yK2pBEPU4hhNnR8weLmaglIwYLKoztYGvsLty5S2mGoLV PO1JJxJPhLH1oPD7ffoqmwQ**" and another "bridge1.admarketplace.net." i have had shopica,, shoppingmarkets. etc. otl text> OTL logfile created on: 8/8/2010 13:16:10 - Run 2 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\MOjet1\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 4.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 19.00% Memory free 7.00 Gb Paging File | 3.00 Gb Available in Paging File | 42.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 287.61 Gb Total Space | 179.05 Gb Free Space | 62.26% Space Free | Partition Type: NTFS Drive D: | 4.38 Gb Total Space | 0.08 Gb Free Space | 1.85% Space Free | Partition Type: UDF E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MOJET1-PC Current User Name: MOjet1 Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010/08/04 02:49:44 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\MOjet1\Downloads\OTL.exe PRC - [2010/07/24 13:28:22 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe PRC - [2010/07/24 13:28:21 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2010/07/23 05:26:07 | 002,403,568 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files (x86)\SUPERAntiSpyware\SUPERANTISPYWARE.EXE PRC - [2010/07/20 22:05:07 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe PRC - [2010/07/20 21:49:30 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe PRC - [2010/07/20 21:49:15 | 002,065,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgtray.exe PRC - [2010/07/20 21:48:44 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe PRC - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2010/04/29 15:39:32 | 000,437,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2010/03/16 20:58:44 | 002,162,688 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Tor\tor.exe PRC - [2010/02/27 23:45:02 | 005,344,807 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe PRC - [2009/07/28 23:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe PRC - [2009/07/14 22:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe PRC - [2009/07/13 18:24:00 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe PRC - [2009/03/10 21:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe PRC - [2008/04/24 13:26:18 | 000,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Comcast\Desktop Doctor\bin\sprtsvc.exe PRC - [2007/04/27 19:30:54 | 000,380,928 | ---- | M] (QSX Software Group) -- C:\Program Files (x86)\Ovulation Calendar\OvuCal.exe ========== Modules (SafeList) ========== MOD - [2010/08/04 02:49:44 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\MOjet1\Downloads\OTL.exe MOD - [2009/07/13 21:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009/07/13 21:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE) SRV:64bit: - [2009/09/17 15:41:36 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service) SRV:64bit: - [2009/08/21 12:31:06 | 000,488,800 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv) SRV:64bit: - [2009/08/11 19:10:48 | 000,252,272 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service) SRV:64bit: - [2009/08/04 14:15:06 | 000,826,224 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv) SRV:64bit: - [2009/07/30 02:54:22 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2009/07/28 19:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv) SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2010/07/20 22:05:07 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe -- (avg9emc) SRV - [2010/07/20 21:48:44 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [On_Demand | Running] -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe -- (avg9wd) SRV - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2010/04/19 10:25:38 | 000,430,152 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service) SRV - [2010/03/18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/08/17 13:48:42 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo) SRV - [2009/08/10 22:55:58 | 000,248,688 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService) SRV - [2009/07/14 22:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe -- (ConfigFree Gadget Service) SRV - [2009/03/10 21:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service) SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) SRV - [2008/04/24 13:26:18 | 000,202,560 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Comcast\Desktop Doctor\bin\sprtsvc.exe -- (sprtsvc_ddoctorv2) SupportSoft Sprocket Service (ddoctorv2) ========== Driver Services (SafeList) ========== DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\DRIVERS\RtsUCcid.sys -- (USBCCID) DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\DRIVERS\Rts516xIR.sys -- (RtsUIR) DRV:64bit: - [2010/07/20 21:50:49 | 000,317,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (AvgTdiA) DRV:64bit: - [2010/07/20 21:50:40 | 000,269,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (AvgLdx64) DRV:64bit: - [2010/07/20 21:50:36 | 000,035,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (AvgMfx64) DRV:64bit: - [2010/04/29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2010/04/26 17:23:08 | 001,103,904 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se) DRV:64bit: - [2009/11/05 14:15:40 | 000,291,328 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009/09/28 02:02:38 | 000,019,544 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter) DRV:64bit: - [2009/08/05 22:04:06 | 000,222,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2009/07/31 00:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst) DRV:64bit: - [2009/07/30 15:07:12 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2009/07/24 18:57:08 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64) DRV:64bit: - [2009/07/20 20:48:32 | 000,274,480 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ) DRV:64bit: - [2009/07/13 21:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009/07/13 21:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/09 06:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2009/07/07 11:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk) DRV:64bit: - [2009/06/22 20:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect) DRV:64bit: - [2009/06/19 22:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL) DRV:64bit: - [2009/06/19 22:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009/06/10 17:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem) DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/05/05 03:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV - [2010/08/04 02:30:31 | 000,034,560 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\windows\SysWow64\drivers\Normandy.sys -- (Normandy) DRV - [2010/07/23 05:26:07 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV) DRV - [2010/07/23 05:26:06 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2010/07/23 05:26:06 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?br...A&bmod=TSNA IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?br...A&bmod=TSNA IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig?brand=TSNA&bmod=TSNA IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?r0=1279861101 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 83 6C 6F 74 B6 26 CB 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/ig?brand=TSNA&bmod=TSNA IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll () IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:8118 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = file://C:/Users/MOjet1/AppData/Local/Google/Chrome/User%20Data/Default/Extensions/caehdcpeofiiigpdhbabniblemipncjj/SwitchyAuto.pac?1281170372375 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search" FF - prefs.js..browser.search.defaultthis.engineName: "Free TV Bar c3 Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2399412&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm" FF - prefs.js..browser.search.param.yahoo-type: "${8}" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/" FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:2.21.3 FF - prefs.js..extensions.enabledItems: firefox@ghostery.com:2.2.1 FF - prefs.js..extensions.enabledItems: tabberwocky@studio17.wordpress.com:1.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: optimizegoogle@optimizegoogle.com:0.78.1 FF - prefs.js..extensions.enabledItems: {3EC9C995-8072-4fc0-953E-4F30620D17F3}:2.0.0.4 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1 FF - prefs.js..extensions.enabledItems: craigslistpeek@tech4computer:0.042 FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.9 FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.845 FF - prefs.js..extensions.enabledItems: https-everywhere@eff.org:0.2.2.development.3 FF - prefs.js..keyword.URL: "http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p=" FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG9\Firefox [2010/07/20 22:05:41 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\avg@igeared [2010/07/20 21:50:30 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/07/24 13:28:23 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/07/31 17:30:57 | 000,000,000 | ---D | M] [2010/04/10 04:04:18 | 000,000,000 | ---D | M] -- C:\Users\MOjet1\AppData\Roaming\mozilla\Extensions [2010/08/08 03:57:04 | 000,000,000 | ---D | M] -- C:\Users\MOjet1\AppData\Roaming\mozilla\Firefox\Profiles\4t6796v2.default\extensions [2010/07/19 00:28:45 | 000,000,000 | ---D | M] (WeatherBug) -- C:\Users\MOjet1\AppData\Roaming\mozilla\Firefox\Profiles\4t6796v2.default\extensions\{3EC9C995-8072-4fc0-953E-4F30620D17F3} [2010/07/19 00:47:31 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\MOjet1\AppData\Roaming\mozilla\Firefox\Profiles\4t6796v2.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8} [2010/07/29 03:54:52 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\MOjet1\AppData\Roaming\mozilla\Firefox\Profiles\4t6796v2.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2010/07/19 00:43:48 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\MOjet1\AppData\Roaming\mozilla\Firefox\Profiles\4t6796v2.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010/07/31 16:15:47 | 000,000,000 | ---D | M] -- C:\Users\MOjet1\AppData\Roaming\mozilla\Firefox\Profiles\4t6796v2.default\extensions\craigslistpeek@tech4computer [2010/07/22 11:54:13 | 000,000,000 | ---D | M] -- C:\Users\MOjet1\AppData\Roaming\mozilla\Firefox\Profiles\4t6796v2.default\extensions\firefox@ghostery.com [2010/07/12 00:01:09 | 000,000,000 | ---D | M] -- C:\Users\MOjet1\AppData\Roaming\mozilla\Firefox\Profiles\4t6796v2.default\extensions\foxyproxy@eric.h.jung [2010/07/26 01:56:16 | 000,000,000 | ---D | M] -- C:\Users\MOjet1\AppData\Roaming\mozilla\Firefox\Profiles\4t6796v2.default\extensions\https-everywhere@eff.org [2010/07/18 19:21:56 | 000,000,000 | ---D | M] -- C:\Users\MOjet1\AppData\Roaming\mozilla\Firefox\Profiles\4t6796v2.default\extensions\optimizegoogle@optimizegoogle.com [2010/07/17 17:39:05 | 000,000,000 | ---D | M] -- C:\Users\MOjet1\AppData\Roaming\mozilla\Firefox\Profiles\4t6796v2.default\extensions\tabberwocky@studio17.wordpress.com [2010/06/08 11:30:18 | 000,000,931 | ---- | M] () -- C:\Users\MOjet1\AppData\Roaming\Mozilla\FireFox\Profiles\4t6796v2.default\searchplugins\conduit.xml [2010/07/31 16:19:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010/07/18 18:00:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/04/18 23:33:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\staff@hide-my-ip.com [2010/07/18 17:59:50 | 000,423,656 | ---- | M] (Oracle) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll O1 HOSTS File: ([2010/07/17 15:50:52 | 000,412,182 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 123fporn.info O1 - Hosts: 14241 more lines... O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll () O2 - BHO: (no name) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No CLSID value found. O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - No CLSID value found. O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll () O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll () O4:64bit: - HKLM..\Run: [] File not found O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [smartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [smoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files (x86)\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation) O4 - HKCU..\Run: [sUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com) O4 - HKCU..\Run: [Vidalia] C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe () O4 - Startup: C:\Users\MOjet1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ovulation Calendar.lnk = C:\Program Files (x86)\Ovulation Calendar\OvuCal.exe (QSX Software Group) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialo...osoft/wrc32.ocx (WRC Class) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgppa.dll (AVG Technologies CZ, s.r.o.) O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll () O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:64bit: - AppInit_DLLs: (avgrssta.dll) - C:\windows\SysNative\avgrssta.dll (AVG Technologies CZ, s.r.o.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/05/14 21:13:32 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2010/08/07 23:57:52 | 000,000,000 | RH-- | M] () - D:\autorun.wbcat -- [ UDF ] O32 - AutoRun File - [2010/08/07 23:57:52 | 000,000,129 | ---- | M] () - D:\autorun.inf -- [ UDF ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010/08/07 12:38:12 | 000,000,000 | ---D | C] -- C:\VundoFix Backups [2010/08/07 06:40:36 | 000,000,000 | ---D | C] -- C:\Users\MOjet1\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1 [2010/08/07 06:40:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BBC iPlayer Desktop [2010/08/07 06:40:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2010/08/07 05:51:32 | 000,000,000 | ---D | C] -- C:\Users\MOjet1\AppData\Roaming\StreamTorrent [2010/08/07 05:51:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StreamTorrent 1.0 [2010/08/07 02:44:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion [2010/08/07 02:36:24 | 000,000,000 | ---D | C] -- C:\Users\MOjet1\Desktop\logs [2010/08/04 12:34:10 | 000,000,000 | -H-D | C] -- C:\$AVG [2010/08/01 02:14:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ovulation Calendar [2010/07/31 17:20:04 | 000,000,000 | ---D | C] -- C:\windows\Sun [2010/07/31 16:19:34 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS [2010/07/29 03:58:00 | 000,289,144 | ---- | C] (S!Ri) -- C:\windows\SysWow64\VCCLSID.exe [2010/07/29 03:58:00 | 000,288,417 | ---- | C] (S!Ri) -- C:\windows\SysWow64\SrchSTS.exe [2010/07/29 03:58:00 | 000,135,168 | ---- | C] (SteelWerX) -- C:\windows\SysWow64\swreg.exe [2010/07/29 03:58:00 | 000,087,552 | ---- | C] (S!Ri.URZ) -- C:\windows\SysWow64\VACFix.exe [2010/07/29 03:58:00 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\windows\SysWow64\IEDFix.exe [2010/07/29 03:58:00 | 000,082,944 | ---- | C] (S!Ri.URZ) -- C:\windows\SysWow64\IEDFix.C.exe [2010/07/29 03:58:00 | 000,082,432 | ---- | C] (S!Ri.URZ) -- C:\windows\SysWow64\404Fix.exe [2010/07/29 03:58:00 | 000,080,384 | ---- | C] (S!Ri.URZ) -- C:\windows\SysWow64\o4Patch.exe [2010/07/29 03:58:00 | 000,079,360 | ---- | C] (SteelWerX) -- C:\windows\SysWow64\swxcacls.exe [2010/07/29 03:58:00 | 000,078,336 | ---- | C] (S!Ri.URZ) -- C:\windows\SysWow64\Agent.OMZ.Fix.exe [2010/07/26 15:19:28 | 000,000,000 | ---D | C] -- C:\Users\MOjet1\Documents\job stuff [2010/07/26 02:45:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Marvell [2010/07/25 23:34:09 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysWow64\drivers\mbamswissarmy.sys [2010/07/23 05:11:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SUPERAntiSpyware [2010/07/23 05:11:45 | 000,000,000 | ---D | C] -- C:\Users\MOjet1\AppData\Roaming\SUPERAntiSpyware.com [2010/07/23 01:14:58 | 000,000,000 | ---D | C] -- C:\Users\MOjet1\Desktop\Downloads [2010/07/23 01:14:53 | 000,000,000 | ---D | C] -- C:\Users\MOjet1\AppData\Roaming\GetRightToGo [2010/07/23 00:52:02 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2010/07/23 00:38:47 | 001,071,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSCOMCTL.OCX [2010/07/23 00:38:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster [2010/07/23 00:29:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareGuard [2010/07/23 00:21:33 | 001,137,360 | ---- | C] (F-Secure Corporation) -- C:\Users\MOjet1\Desktop\fsbl.exe [2010/07/22 23:34:57 | 000,000,000 | ---D | C] -- C:\Users\MOjet1\AppData\Local\ElevatedDiagnostics [2010/07/21 20:50:51 | 000,000,000 | -HSD | C] -- C:\windows\SysWow64\%APPDATA% [2010/07/21 00:14:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010/07/20 22:08:17 | 000,000,000 | ---D | C] -- C:\Users\MOjet1\AppData\Local\AVG Security Toolbar [2010/07/20 22:07:55 | 000,000,000 | ---D | C] -- C:\bfu [2010/07/20 21:50:51 | 000,013,048 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\avgrssta.dll [2010/07/20 21:50:48 | 000,317,520 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgtdia.sys [2010/07/20 21:50:40 | 000,269,904 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgldx64.sys [2010/07/20 21:50:35 | 000,035,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgmfx64.sys [2010/07/20 21:50:35 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\Avg [2010/07/20 21:50:30 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Security Toolbar [2010/07/20 21:46:54 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9 [2010/07/20 21:45:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG [2010/07/20 21:36:55 | 000,000,000 | ---D | C] -- C:\Users\MOjet1\AppData\Roaming\Grisoft [2010/07/20 21:36:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Grisoft [2010/07/20 00:58:11 | 000,000,000 | ---D | C] -- C:\Users\MOjet1\AppData\Local\Adobe [2010/07/18 18:00:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2010/07/18 18:00:16 | 000,423,656 | ---- | C] (Oracle) -- C:\windows\SysWow64\deployJava1.dll [2010/07/18 18:00:16 | 000,153,376 | ---- | C] (Oracle) -- C:\windows\SysWow64\javaws.exe [2010/07/18 18:00:16 | 000,145,184 | ---- | C] (Oracle) -- C:\windows\SysWow64\javaw.exe [2010/07/18 18:00:16 | 000,145,184 | ---- | C] (Oracle) -- C:\windows\SysWow64\java.exe [2010/07/18 17:59:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2010/07/18 17:56:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue [2010/07/18 17:56:35 | 000,000,000 | ---D | C] -- C:\Users\MOjet1\AppData\Roaming\Uniblue [2010/07/18 07:53:45 | 000,000,000 | ---D | C] -- C:\Users\MOjet1\AppData\Roaming\Malwarebytes [2010/07/18 07:53:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010/07/18 07:53:18 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys [2010/07/18 04:21:02 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2010/07/18 04:20:51 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE [2010/07/18 02:48:45 | 000,000,000 | ---D | C] -- C:\Users\MOjet1\DoctorWeb [2010/07/18 01:41:01 | 000,000,000 | ---D | C] -- C:\Users\MOjet1\Desktop\wedding [2010/07/18 01:39:51 | 000,000,000 | ---D | C] -- C:\Users\MOjet1\Desktop\pics [2010/07/18 01:37:31 | 000,000,000 | ---D | C] -- C:\Users\MOjet1\Desktop\wils all [2010/07/17 16:34:04 | 000,000,000 | ---D | C] -- C:\Users\MOjet1\Desktop\bookmarks [2010/07/17 15:58:25 | 000,000,000 | ---D | C] -- C:\windows\pss [2010/07/17 12:24:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2010/07/17 12:24:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2010/07/17 11:53:03 | 000,000,000 | ---D | C] -- C:\ProgramData\FrontLine Registry Cleaner [2010/07/17 11:52:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Frontline Registry Cleaner [2010/07/17 11:50:29 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW [2010/07/15 13:10:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner [2010/07/14 15:25:31 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdd.dll ========== Files - Modified Within 30 Days ========== [2010/08/08 13:19:06 | 006,553,600 | -HS- | M] () -- C:\Users\MOjet1\ntuser.dat [2010/08/08 13:19:04 | 000,000,898 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2010/08/08 13:14:00 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2027184126-505508850-3967297620-1000UA.job [2010/08/08 13:10:56 | 000,000,435 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts.ics [2010/08/08 13:10:41 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2010/08/08 09:40:21 | 063,051,185 | ---- | M] () -- C:\windows\SysNative\drivers\Avg\incavi.avm [2010/08/08 04:14:03 | 000,000,860 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2027184126-505508850-3967297620-1000Core.job [2010/08/08 03:00:02 | 000,000,462 | ---- | M] () -- C:\windows\tasks\FrontLine Registry Cleaner Scheduled Scan - MOjet1.job [2010/08/08 01:19:01 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2010/08/07 14:07:32 | 000,015,792 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010/08/07 14:07:32 | 000,015,792 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010/08/07 14:00:03 | 000,001,028 | ---- | M] () -- C:\Users\MOjet1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ovulation Calendar.lnk [2010/08/07 13:59:34 | 000,524,288 | -HS- | M] () -- C:\Users\MOjet1\ntuser.dat{75053067-a24d-11df-b556-00266c4bf1e6}.TMContainer00000000000000000002.regtrans-ms [2010/08/07 13:59:34 | 000,524,288 | -HS- | M] () -- C:\Users\MOjet1\ntuser.dat{75053067-a24d-11df-b556-00266c4bf1e6}.TMContainer00000000000000000001.regtrans-ms [2010/08/07 13:59:34 | 000,065,536 | -HS- | M] () -- C:\Users\MOjet1\ntuser.dat{75053067-a24d-11df-b556-00266c4bf1e6}.TM.blf [2010/08/07 13:59:29 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT [2010/08/07 13:59:11 | 3016,884,224 | -HS- | M] () -- C:\hiberfil.sys [2010/08/07 13:47:55 | 002,770,586 | -H-- | M] () -- C:\Users\MOjet1\AppData\Local\IconCache.db [2010/08/07 11:58:10 | 000,000,000 | ---- | M] () -- C:\Users\MOjet1\defogger_reenable [2010/08/07 05:51:31 | 000,001,128 | ---- | M] () -- C:\Users\MOjet1\Desktop\StreamTorrent 1.0.lnk [2010/08/07 04:10:17 | 000,002,330 | ---- | M] () -- C:\Users\MOjet1\Desktop\Google Chrome.lnk [2010/08/07 03:52:05 | 000,730,320 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2010/08/07 03:52:05 | 000,627,082 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2010/08/07 03:52:05 | 000,107,366 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2010/08/07 03:05:03 | 000,132,306 | ---- | M] () -- C:\Users\MOjet1\Documents\cc_20100807_030455.reg [2010/08/07 02:43:44 | 000,001,018 | ---- | M] () -- C:\Users\MOjet1\Desktop\CCleaner.lnk [2010/08/04 02:30:31 | 000,034,560 | ---- | M] () -- C:\windows\SysWow64\drivers\Normandy.sys [2010/08/03 11:35:01 | 000,078,336 | ---- | M] () -- C:\Users\MOjet1\Desktop\ableton comments to set up patch.doc [2010/08/01 21:08:20 | 019,461,015 | ---- | M] () -- C:\Users\MOjet1\Documents\vlc-1.1.2-win32.exe [2010/08/01 02:14:13 | 000,000,992 | ---- | M] () -- C:\Users\MOjet1\Desktop\Ovulation Calendar.lnk [2010/07/29 09:38:10 | 000,002,104 | ---- | M] () -- C:\windows\SysWow64\tmp.reg [2010/07/29 09:38:10 | 000,000,691 | ---- | M] () -- C:\Users\MOjet1\AppData\Roaming\GetValue.vbs [2010/07/29 09:38:10 | 000,000,035 | ---- | M] () -- C:\Users\MOjet1\AppData\Roaming\SetValue.bat [2010/07/27 04:53:59 | 000,239,601 | ---- | M] () -- C:\Users\MOjet1\Desktop\property claim forms.pdf [2010/07/26 03:21:28 | 000,000,940 | ---- | M] () -- C:\windows\SysNative\temp0201 [2010/07/26 03:21:28 | 000,000,004 | ---- | M] () -- C:\windows\SysNative\WowErr.dat [2010/07/26 03:21:28 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\katch00 [2010/07/26 03:21:16 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\Zlob01 [2010/07/26 03:21:16 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\WareOut01 [2010/07/26 03:21:16 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\WareOut00 [2010/07/26 03:21:16 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\temp06 [2010/07/26 03:21:16 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\temp04 [2010/07/26 03:21:16 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\temp03 [2010/07/26 03:21:16 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\temp02 [2010/07/26 03:21:16 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\svctdss [2010/07/26 03:21:16 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\katchNT-OS [2010/07/26 03:21:14 | 000,000,006 | ---- | M] () -- C:\windows\SysNative\BootDrivers [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\Unhandled.dat [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\temp0103 [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\temp0101 [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\temp0100 [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\temp000B [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\temp000A [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\temp0004.bat [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\temp0003 [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\temp0002 [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\temp0001 [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\temp0000 [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\System.dump02 [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\System.dump01 [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\System.dump00 [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\SvcFull [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\SvcDumpFull02 [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\SvcDumpFull01 [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\SvcDumpFull00 [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\SvcDumpFull [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\SvcDumpB [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\SvcDump00 [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\SvcDump [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\SvcDiff [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\SvcCovered [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\suspectSvc.dat [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\ServiceFiles00 [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\ServiceFiles.dat [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\RustB00 [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\LockedServiceFiles00 [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\LegacyNoSvc [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\LegacyFull [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\HandleList [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\Handle00 [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\del03.bat [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\d-del_A.dat [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\CCS.bat [2010/07/26 03:21:14 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\BootSvcs [2010/07/25 23:34:11 | 000,001,020 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/07/23 05:20:17 | 000,002,020 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk [2010/07/23 03:51:47 | 000,021,770 | ---- | M] () -- C:\Users\MOjet1\Documents\cc_20100723_035127.reg [2010/07/23 00:21:34 | 001,137,360 | ---- | M] (F-Secure Corporation) -- C:\Users\MOjet1\Desktop\fsbl.exe [2010/07/21 00:13:42 | 000,001,131 | ---- | M] () -- C:\Users\MOjet1\Desktop\mbam-setup-1.46 - Shortcut.lnk [2010/07/20 23:39:08 | 000,000,036 | ---- | M] () -- C:\Users\MOjet1\AppData\Local\housecall.guid.cache [2010/07/20 21:50:56 | 000,001,865 | ---- | M] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk [2010/07/20 21:50:53 | 000,013,048 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\avgrssta.dll [2010/07/20 21:50:49 | 000,317,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgtdia.sys [2010/07/20 21:50:40 | 000,269,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgldx64.sys [2010/07/20 21:50:36 | 000,035,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\windows\SysNative\drivers\avgmfx64.sys [2010/07/20 21:50:35 | 000,113,461 | ---- | M] () -- C:\windows\SysNative\drivers\Avg\iavichjw.avm [2010/07/20 01:29:44 | 000,046,661 | ---- | M] () -- C:\Users\MOjet1\Documents\application cms.pdf [2010/07/18 18:38:23 | 000,001,407 | ---- | M] () -- C:\Users\MOjet1\Desktop\wuaclt.exe.lnk [2010/07/18 18:38:11 | 000,001,506 | ---- | M] () -- C:\Users\MOjet1\Desktop\ATF-Cleaner - Shortcut.lnk [2010/07/18 17:59:43 | 000,153,376 | ---- | M] (Oracle) -- C:\windows\SysWow64\javaws.exe [2010/07/18 17:59:43 | 000,145,184 | ---- | M] (Oracle) -- C:\windows\SysWow64\javaw.exe [2010/07/18 17:59:43 | 000,145,184 | ---- | M] (Oracle) -- C:\windows\SysWow64\java.exe [2010/07/18 17:59:42 | 000,423,656 | ---- | M] (Oracle) -- C:\windows\SysWow64\deployJava1.dll [2010/07/17 15:59:52 | 000,009,020 | ---- | M] () -- C:\Users\MOjet1\Documents\cc_20100717_155942.reg [2010/07/17 15:50:52 | 000,412,182 | R--- | M] () -- C:\windows\SysNative\drivers\etc\hosts [2010/07/17 15:46:40 | 000,412,182 | R--- | M] () -- C:\windows\SysNative\drivers\etc\hosts.20100717-155052.backup [2010/07/15 13:30:20 | 000,041,048 | ---- | M] () -- C:\Users\MOjet1\Documents\cc_20100715_133007.reg ========== Files Created - No Company Name ========== [2010/08/07 13:59:34 | 000,524,288 | -HS- | C] () -- C:\Users\MOjet1\ntuser.dat{75053067-a24d-11df-b556-00266c4bf1e6}.TMContainer00000000000000000002.regtrans-ms [2010/08/07 13:59:34 | 000,524,288 | -HS- | C] () -- C:\Users\MOjet1\ntuser.dat{75053067-a24d-11df-b556-00266c4bf1e6}.TMContainer00000000000000000001.regtrans-ms [2010/08/07 13:59:34 | 000,065,536 | -HS- | C] () -- C:\Users\MOjet1\ntuser.dat{75053067-a24d-11df-b556-00266c4bf1e6}.TM.blf [2010/08/07 11:58:10 | 000,000,000 | ---- | C] () -- C:\Users\MOjet1\defogger_reenable [2010/08/07 05:51:31 | 000,001,128 | ---- | C] () -- C:\Users\MOjet1\Desktop\StreamTorrent 1.0.lnk [2010/08/07 04:10:17 | 000,002,330 | ---- | C] () -- C:\Users\MOjet1\Desktop\Google Chrome.lnk [2010/08/07 04:09:30 | 000,000,912 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2027184126-505508850-3967297620-1000UA.job [2010/08/07 04:09:28 | 000,000,860 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2027184126-505508850-3967297620-1000Core.job [2010/08/07 03:04:59 | 000,132,306 | ---- | C] () -- C:\Users\MOjet1\Documents\cc_20100807_030455.reg [2010/08/04 02:21:09 | 000,034,560 | ---- | C] () -- C:\windows\SysWow64\drivers\Normandy.sys [2010/08/03 11:35:01 | 000,078,336 | ---- | C] () -- C:\Users\MOjet1\Desktop\ableton comments to set up patch.doc [2010/08/01 21:07:40 | 019,461,015 | ---- | C] () -- C:\Users\MOjet1\Documents\vlc-1.1.2-win32.exe [2010/08/01 02:14:37 | 000,001,028 | ---- | C] () -- C:\Users\MOjet1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ovulation Calendar.lnk [2010/08/01 02:14:13 | 000,000,992 | ---- | C] () -- C:\Users\MOjet1\Desktop\Ovulation Calendar.lnk [2010/07/29 03:58:46 | 000,002,104 | ---- | C] () -- C:\windows\SysWow64\tmp.reg [2010/07/29 03:58:46 | 000,000,691 | ---- | C] () -- C:\Users\MOjet1\AppData\Roaming\GetValue.vbs [2010/07/29 03:58:46 | 000,000,035 | ---- | C] () -- C:\Users\MOjet1\AppData\Roaming\SetValue.bat [2010/07/29 03:58:00 | 000,075,776 | ---- | C] () -- C:\windows\SysWow64\WS2Fix.exe [2010/07/29 03:58:00 | 000,051,200 | ---- | C] () -- C:\windows\SysWow64\dumphive.exe [2010/07/29 03:58:00 | 000,040,960 | ---- | C] () -- C:\windows\SysWow64\swsc.exe [2010/07/27 04:53:59 | 000,239,601 | ---- | C] () -- C:\Users\MOjet1\Desktop\property claim forms.pdf [2010/07/26 03:21:28 | 000,000,940 | ---- | C] () -- C:\windows\SysNative\temp0201 [2010/07/26 03:21:28 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\katch00 [2010/07/26 03:21:16 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\Zlob01 [2010/07/26 03:21:16 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\WareOut01 [2010/07/26 03:21:16 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\WareOut00 [2010/07/26 03:21:16 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\temp06 [2010/07/26 03:21:16 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\temp04 [2010/07/26 03:21:16 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\temp03 [2010/07/26 03:21:16 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\temp02 [2010/07/26 03:21:16 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\svctdss [2010/07/26 03:21:16 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\katchNT-OS [2010/07/26 03:21:14 | 000,000,006 | ---- | C] () -- C:\windows\SysNative\BootDrivers [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\Unhandled.dat [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\temp0103 [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\temp0101 [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\temp0100 [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\temp000B [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\temp000A [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\temp0004.bat [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\temp0003 [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\temp0002 [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\temp0001 [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\temp0000 [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\System.dump02 [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\System.dump01 [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\System.dump00 [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\SvcFull [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\SvcDumpFull02 [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\SvcDumpFull01 [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\SvcDumpFull00 [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\SvcDumpFull [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\SvcDumpB [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\SvcDump00 [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\SvcDump [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\SvcDiff [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\SvcCovered [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\suspectSvc.dat [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\ServiceFiles00 [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\ServiceFiles.dat [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\RustB00 [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\LockedServiceFiles00 [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\LegacyNoSvc [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\LegacyFull [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\HandleList [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\Handle00 [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\del03.bat [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\d-del_A.dat [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\CCS.bat [2010/07/26 03:21:14 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\BootSvcs [2010/07/26 03:21:13 | 000,000,004 | ---- | C] () -- C:\windows\SysNative\WowErr.dat [2010/07/25 23:34:11 | 000,001,020 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/07/23 05:11:52 | 000,002,020 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk [2010/07/23 03:51:33 | 000,021,770 | ---- | C] () -- C:\Users\MOjet1\Documents\cc_20100723_035127.reg [2010/07/20 23:39:08 | 000,000,036 | ---- | C] () -- C:\Users\MOjet1\AppData\Local\housecall.guid.cache [2010/07/20 21:50:55 | 000,001,865 | ---- | C] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk [2010/07/20 21:50:35 | 063,051,185 | ---- | C] () -- C:\windows\SysNative\drivers\Avg\incavi.avm [2010/07/20 21:50:35 | 000,113,461 | ---- | C] () -- C:\windows\SysNative\drivers\Avg\iavichjw.avm [2010/07/20 01:29:44 | 000,046,661 | ---- | C] () -- C:\Users\MOjet1\Documents\application cms.pdf [2010/07/18 18:38:23 | 000,001,407 | ---- | C] () -- C:\Users\MOjet1\Desktop\wuaclt.exe.lnk [2010/07/18 18:38:11 | 000,001,506 | ---- | C] () -- C:\Users\MOjet1\Desktop\ATF-Cleaner - Shortcut.lnk [2010/07/18 18:36:49 | 000,001,131 | ---- | C] () -- C:\Users\MOjet1\Desktop\mbam-setup-1.46 - Shortcut.lnk [2010/07/17 15:59:46 | 000,009,020 | ---- | C] () -- C:\Users\MOjet1\Documents\cc_20100717_155942.reg [2010/07/17 11:53:05 | 000,000,462 | ---- | C] () -- C:\windows\tasks\FrontLine Registry Cleaner Scheduled Scan - MOjet1.job [2010/07/15 13:30:12 | 000,041,048 | ---- | C] () -- C:\Users\MOjet1\Documents\cc_20100715_133007.reg [2010/07/15 13:10:30 | 000,001,018 | ---- | C] () -- C:\Users\MOjet1\Desktop\CCleaner.lnk [2010/04/21 16:59:34 | 000,731,106 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI [2010/03/14 23:16:29 | 000,000,000 | ---- | C] () -- C:\windows\NDSTray.INI [2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll [2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll [1999/03/21 16:45:30 | 000,000,136 | ---- | C] () -- C:\windows\SysWow64\mstraps.dll [1998/03/21 17:02:45 | 000,000,136 | ---- | C] () -- C:\windows\SysWow64\msrfst.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:5C321E34 < End of report >
  11. MrsM1
    yes it does, i did all these steps two weeks ago, i did them again this morning, yahoo searches are still being hijacked and certain google searches are too. it helped initially when i first did it a few weeks ago, but i am still having reports from mbam that a malicious site is trying to access my comp, also certain webpages get blocked.
  12. MrsM1
    yes
  13. MrsM1
    my mbam log: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4375 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 8/6/2010 12:59:08 mbam-log-2010-08-06 (12-59-08).txt Scan type: Quick scan Objects scanned: 132063 Time elapsed: 6 minute(s), 57 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) my eset scanner log: C:\Program Files (x86)\Mozilla Firefox\SmitfraudFix\Process.exe Win32/PrcView application cleaned by deleting - quarantined C:\Program Files (x86)\Mozilla Firefox\SmitfraudFix\restart.exe Win32/Shutdown.NAA application cleaned by deleting - quarantined C:\Users\MOjet1\Downloads\SmitfraudFix.exe multiple threats deleted - quarantined C:\Users\MOjet1\Downloads\SmitfraudFix\Process.exe Win32/PrcView application cleaned by deleting - quarantined C:\Users\MOjet1\Downloads\SmitfraudFix\restart.exe Win32/Shutdown.NAA application cleaned by deleting - quarantined C:\Windows\System32\Process.exe Win32/PrcView application cleaned by deleting - quarantined it found threats and fixed em, but yahoo searches are still being redirected, now some pages arent opening at all even if i copy and paste the url.
  14. MrsM1
    hi ok i will do that, I tried to post the logs instead of attaching them but it said it was too big. ok will get back to you soon. I have run eset online scanner several times, it finds nothing> but i will do so again and post the logs here. Thanks
  15. MrsM1
    no problem at all , i really do need help. currently i have posted in two forums yours and bleeping computer and i was just waiting for a reply. as for mbam not updating i had to change the name of the file to confuse whatever it is on my computer to update and now it updates. but i dont think it finds whats hiding on my computer. when i search on Google it doesnt redirect it, because of the add on that i put on mozilla, but yahoo searches still get redirected and the odd google search still gets redirected to some crap listing site. so here is what i have done thus far, ran gmer.. only three of the boxes under toolkit show up with an error mssg that says, cant uses window, system32, config/system file in use, then it scans with another popup of same mssg with same results, apparently my comp is clean. I changed my router password from its default one last saturday and now it works quickly, where as before it was slowing down. i have run mbam several times it always finds a tracking cookie or two or thirty, i have and do run regularly superantispyware at first it found some stuff, but it was mostly only cookies, one trojan.. i have run rootkit, it finds nothing, i have done this in safe mode and normal mode. But i know something is there, can you help. here are ( attached) my dds logs, my otl logs, mymbr logs and my mbam logs Done! i havent run hijack this, as yet simply because not sure what to do with it all, nor have i touched combofix.. let me know what would be the best solution. all the above test were run with my machine defogged.. thanks for your help.. DDS_1.txt Attach_aug_2010.txt MBRCheck_08.04.10_02.43.47.txt OTL.Txt mbam_log_2010_07_18__07_59_07_.txt avgrep.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.