Jump to content

Search the Community

Showing results for tags 'Click'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 3 results

  1. Merged Post When I browse using Google chrome and click a link, my screen opens subwindow called LiveSearch. I have read that this browser is dangerous and I am hoping someone can talk me through removing it. I have completely re-installed my C-Drive twice whne this has happen before. This is the 3rd time my Google Chrome search has been hijacked by this Click Livesearchnow thing. Please help. here are the two (2) log files Attach.txt and DDS.txt that got placed onto my desktop by the DDS.com tool: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 7/26/2012 1:27:29 AM System Uptime: 1/29/2013 6:00:00 PM (1 hours ago) . Motherboard: PEGATRON CORPORATION | | Eureka3 Processor: Intel® Core™2 Quad CPU Q8400 @ 2.66GHz | CPU 1 | 2002/1333mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 721 GiB total, 590.318 GiB free. D: is FIXED (NTFS) - 11 GiB total, 1.515 GiB free. E: is CDROM () F: is FIXED (NTFS) - 49 GiB total, 35.015 GiB free. H: is Removable I: is Removable J: is Removable K: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Photosmart Plus B209a-m Device ID: ROOT\MULTIFUNCTION\0000 Manufacturer: HP Name: Photosmart Plus B209a-m PNP Device ID: ROOT\MULTIFUNCTION\0000 Service: . Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Description: Officejet J4680 series Device ID: ROOT\IMAGE\0000 Manufacturer: HP Name: Officejet J4680 series PNP Device ID: ROOT\IMAGE\0000 Service: StillCam . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Officejet J4680 series Device ID: ROOT\MULTIFUNCTION\0001 Manufacturer: HP Name: Officejet J4680 series PNP Device ID: ROOT\MULTIFUNCTION\0001 Service: . Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Description: Photosmart Plus B209a-m Device ID: ROOT\IMAGE\0001 Manufacturer: HP Name: Photosmart Plus B209a-m PNP Device ID: ROOT\IMAGE\0001 Service: StillCam . ==== System Restore Points =================== . RP95: 1/10/2013 10:44:19 PM - Windows Update RP96: 1/15/2013 4:35:08 PM - Windows Live Essentials RP97: 1/15/2013 4:42:29 PM - Installed DirectX RP98: 1/15/2013 4:43:30 PM - Installed DirectX RP99: 1/15/2013 4:44:42 PM - Installed DirectX RP100: 1/15/2013 4:49:21 PM - WLSetup RP101: 1/19/2013 9:35:42 PM - Windows Backup RP102: 1/29/2013 3:23:36 PM - Restore Operation . ==== Installed Programs ====================== . 4660_4680_Help 64 Bit HP CIO Components Installer ActiveCheck component for HP Active Support Library Adams Personal Legal Forms and Agreements CD Adobe AIR Adobe Flash Player 11 ActiveX Adobe Reader XI (11.0.01) Adobe SendNow Desktop Adobe SendNow for Microsoft Outlook Adobe Shockwave Player 11.6 Apple Application Support Apple Mobile Device Support Apple Software Update B209a-m Bonjour bpd_scan BPDSoftware BPDSoftware_Ini BufferChm Cisco WebEx Meetings Compatibility Pack for the 2007 Office system ConvertXtoDVD 4.1.19.365 Coupon Printer for Windows CyberLink DVD Suite Deluxe D3DX10 Destinations DeviceDiscovery DirectX for Managed Code Update (Summer 2004) DocMgr DocProc DVD Menu Pack for HP MediaSmart Video FileASSASSIN Free Video Flip and Rotate version 2.1.3.903 Google Chrome Google Toolbar for Internet Explorer Google Update Helper GPBaseService2 H&R Block Business 2012 (Remove Only) H&R Block Premium + Efile + State 2012 Hardware Diagnostic Tools HP Advisor HP Customer Experience Enhancements HP Customer Participation Program 13.0 HP Document Manager 2.0 HP Games HP Imaging Device Functions 13.0 HP MediaSmart Demo HP MediaSmart DVD HP MediaSmart Music/Photo/Video HP MediaSmart SmartMenu HP MediaSmart/TouchSmart Netflix HP Odometer HP OfficeJet J4600 All-In-One Series HP Photo Creations HP Photosmart Essential 3.5 HP Photosmart Plus B209a-m All-In-One Driver Software 13.0 Rel .6 HP Print Projects 1.0 HP Product Detection HP Remote Solution HP Setup HP Smart Web Printing 4.5 HP Solution Center 13.0 HP Support Assistant HP Support Information HP Update HPAsset component for HP Active Support Library HPPhotoGadget HPPhotoSmartDiscLabelContent1 HPPhotosmartEssential hpPrintProjects HPProductAssistant HPSSupply hpWLPGInstaller Hulu Desktop iCloud Intel® Graphics Media Accelerator Driver iTunes J4680 Java™ 7 Update 5 (64-bit) Junk Mail filter update LabelPrint LightScribe System Software Malwarebytes Anti-Malware version 1.70.0.1100 MarketResearch Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Live Search Toolbar Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office Home and Student 60 day trial Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft SkyDrive Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works Movie Maker Movie Theme Pack for HP MediaSmart Video MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Network64 Norton 360 Premier Edition Norton One Norton Online Backup OCR Software by I.R.I.S. 13.0 Offline Course Player PANTECH Handset USB Driver V2 Pantech PCSuite PC Connectivity Solution Photo Common Photo Gallery PictureMover PlayReady PC Runtime amd64 Power2Go PowerDirector ProductContext PS_AIO_06_B209a-m_SW_Min QuickTime Realtek High Definition Audio Driver Recovery Manager SAMSUNG Mobile Composite Device Software SAMSUNG Mobile Modem Driver Set Samsung Mobile phone USB driver Drive Software SAMSUNG Mobile USB Modem 1.0 Software SAMSUNG Mobile USB Modem Software Samsung New PC Studio SamsungConnectivityCableDriver Scan Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Shop for HP Supplies Skype™ 6.1 SkypeTalking 0.9.6 SmartWebPrinting SolutionCenter Status swMSM The Print Shop Business - Business Cards Premier 3.0.0.0 Toolbox TrayApp Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Update Installer for WildTangent Games App Visual Studio Tools for the Office system 3.0 Runtime WebReg WildTangent Games App Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0) Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Mobile Device Updater Component Yahoo! Toolbar Zune Zune Language Pack (CHS) Zune Language Pack (CHT) Zune Language Pack (CSY) Zune Language Pack (DAN) Zune Language Pack (DEU) Zune Language Pack (ELL) Zune Language Pack (ESP) Zune Language Pack (FIN) Zune Language Pack (FRA) Zune Language Pack (HUN) Zune Language Pack (IND) Zune Language Pack (ITA) Zune Language Pack (JPN) Zune Language Pack (KOR) Zune Language Pack (MSL) Zune Language Pack (NLD) Zune Language Pack (NOR) Zune Language Pack (PLK) Zune Language Pack (PTB) Zune Language Pack (PTG) Zune Language Pack (RUS) Zune Language Pack (SVE) . ==== Event Viewer Messages From Past Week ======== . 1/29/2013 9:30:24 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer LAPTOP_LINDA that believes that it is the master browser for the domain on transport NetBT_Tcpip_{ACB6631D-EE2B-49BA-902C-02102B94CF27}. The master browser is stopping or an election is being forced. 1/29/2013 4:26:46 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting. 1/29/2013 4:11:50 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 1/29/2013 3:47:07 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 1/29/2013 3:33:52 PM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143. 1/29/2013 3:33:30 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 1/29/2013 3:33:22 PM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied.. 1/29/2013 2:46:57 PM, Error: Service Control Manager [7022] - The OracleServiceORCL service hung on starting. 1/29/2013 2:33:04 PM, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 1 time(s). 1/29/2013 2:33:04 PM, Error: Service Control Manager [7034] - The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s). 1/28/2013 9:27:55 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk5\DR5. 1/25/2013 8:12:59 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {10DA4F3C-CC99-4190-BE4D-58330754E882} and APPID {7DDEFEA6-98EE-4F13-A25B-EC83D9BC5541} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 1/24/2013 1:41:37 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {B77C4C36-0154-4C52-AB49-FAA03837E47F} and APPID {EA022610-0748-4C24-B229-6C507EBDFDBB} to the user HP-Network-HUB\Whittington SID (S-1-5-21-3281186221-1807480009-210684987-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. . ==== End Of File =========================== DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16457 Run by Whittington at 19:54:06 on 2013-01-29 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8157.5870 [GMT -5:00] . AV: Norton 360 Premier Edition *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton 360 Premier Edition *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\dldtcoms.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccSvcHst.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Windows\System32\igfxtray.exe C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccSvcHst.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Zune\ZuneLauncher.exe C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccSvcHst.exe C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe C:\Windows\system32\svchost.exe -k HPService C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\WUDFHost.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\taskeng.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccSvcHst.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe F:\MicroSoft E-Learning\OlpSynch.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe F:\app\Whittington11g\product\11.2.0\dbhome_1\bin\nmesrvc.exe F:\app\Whittington11g\product\11.2.0\dbhome_1\perl\bin\perl.exe F:\app\Whittington11g\product\11.2.0\dbhome_1\bin\emagent.exe F:\app\Whittington11g\product\11.2.0\dbhome_1\bin\omtsreco.exe F:\app\Whittington11g\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe F:\app\Whittington11g\product\11.2.0\dbhome_1\BIN\TNSLSNR.exe f:\app\whittington11g\product\11.2.0\dbhome_1\bin\ORACLE.EXE C:\Windows\system32\wbem\wmiprvse.exe f:\app\whittington11g\product\11.2.0\dbhome_1\bin\OraVSSW.exe F:\app\Whittington11g\product\11.2.0\dbhome_1\jdk\bin\java.exe C:\Windows\system32\wbem\WmiApSrv.exe C:\Windows\splwow64.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll mWinlogon: Userinit = userinit.exe, BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\coieplg.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ips\ipsbho.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\coieplg.dll TB: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\coieplg.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_bho.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_bho.dll uRun: [Google Update] "C:\Users\Whittington\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe uRun: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe mRun: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [NPSStartup] <no file> dRun: [Norton Download Manager{NONE31024-ESD-FSD31014}] C:\Program Files (x86)\Norton Management\Engine\3.1.0.24\ccSvcHst.exe /m dRun: [Norton Download Manager{N360P201102-SHPD-FSD31014}] C:\Program Files (x86)\Norton One\Engine\3.1.0.24\ccSvcHst.exe /m StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PICTUR~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab DPF: {15589FA1-C456-11CE-BF01-00AA0055595A} - hxxp://w4s.work4sure.com/c/ge/w4sgeen9.exe DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect119.cab DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://akamaicdn.webex.com/client/WBXclient-T28L10NSP7-15458/webex/ieatgpc1.cab TCP: NameServer = 192.168.1.1 192.168.1.1 TCP: Interfaces\{ACB6631D-EE2B-49BA-902C-02102B94CF27} : DHCPNameServer = 192.168.1.1 192.168.1.1 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-Run: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background x64-Run: [PC-Doctor for Windows localizer] C:\Program Files\PC-Doctor for Windows\localizer.exe x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe" x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1402010.016\symds64.sys [2013-1-18 493216] R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1402010.016\symefa64.sys [2013-1-18 1133216] R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\BASHDefs\20130116.013_724\BHDrvx64.sys [2013-1-16 1388120] R1 ccSet_MCLIENT;Norton One Settings Manager;C:\Windows\System32\drivers\MCLIENTx64\0302000.013\ccsetx64.sys [2012-10-23 168096] R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\System32\drivers\N360x64\1402010.016\ccsetx64.sys [2013-1-18 168096] R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.1.2\Definitions\IPSDefs\20130126.002_75f\IDSviA64.sys [2013-1-26 513184] R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1402010.016\ironx64.sys [2013-1-18 224416] R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1402010.016\symnets.sys [2013-1-18 432800] R2 dldt_device;dldt_device;C:\Windows\System32\dldtcoms.exe -service --> C:\Windows\System32\dldtcoms.exe -service [?] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-10 398184] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-10 682344] R2 MCLIENT;Norton One;C:\Program Files (x86)\Norton One\Engine\3.2.0.19\ccsvchst.exe [2012-10-23 143928] R2 N360;Norton 360;C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.2.1.22\ccsvchst.exe [2013-1-18 143928] R2 OracleOraDb11g_home1ClrAgent;OracleOraDb11g_home1ClrAgent;F:\app\Whittington11g\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe agent_sid=CLRExtProc max_dispatchers=2 tcp_dispatchers=0 max_task_threads=6 max_sessions=25 ENVS="EXTPROC_DLLS=ONLY:F:\app\Whittington11g\product\11.2.0\dbhome_1\bin\oraclr11.dll" --> F:\app\Whittington11g\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe agent_sid=CLRExtProc max_dispatchers=2 tcp_dispatchers=0 max_task_threads=6 max_sessions=25 ENVS=EXTPROC_DLLS=ONLY:F:\app\Whittington11g\product\11.2.0\dbhome_1\bin\oraclr11.dll [?] R2 OracleOraDb11g_home1TNSListener;OracleOraDb11g_home1TNSListener;F:\app\Whittington11g\product\11.2.0\dbhome_1\BIN\TNSLSNR --> F:\app\Whittington11g\product\11.2.0\dbhome_1\BIN\TNSLSNR [?] R2 OracleServiceORCL;OracleServiceORCL;f:\app\whittington11g\product\11.2.0\dbhome_1\bin\ORACLE.EXE ORCL --> f:\app\whittington11g\product\11.2.0\dbhome_1\bin\ORACLE.EXE ORCL [?] R2 OracleVssWriterORCL;Oracle ORCL VSS Writer Service;f:\app\whittington11g\product\11.2.0\dbhome_1\bin\OraVSSW.exe ORCL --> f:\app\whittington11g\product\11.2.0\dbhome_1\bin\OraVSSW.exe ORCL [?] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-8 138912] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-8-10 24176] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-12-4 239616] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536] S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-1-15 57856] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448] S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-12-4 56344] S3 PTQHBUS;PANTECH Handset HSUSB Composite Device(MSM6290);C:\Windows\System32\drivers\PTQHBUS.sys [2012-9-27 69264] S3 PTQHMDM;PANTECH HSUSB Modem(MSM6290);C:\Windows\System32\drivers\PTQHMDM.sys [2012-9-27 177040] S3 PTQHVSP;PANTECH HSUSB Diagnostic Serial Port(MSM6290);C:\Windows\System32\drivers\PTQHVSP.sys [2012-9-27 177040] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-24 19456] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-24 57856] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7-26 1255736] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464] S4 OracleJobSchedulerORCL;OracleJobSchedulerORCL;f:\app\whittington11g\product\11.2.0\dbhome_1\Bin\extjob.exe ORCL --> f:\app\whittington11g\product\11.2.0\dbhome_1\Bin\extjob.exe ORCL [?] . =============== File Associations =============== . FileExt: .vbe: VBEFile="C:\Windows\System32\CScript.exe" "%1" %* [default=Open2] FileExt: .vbs: VBSFile="C:\Windows\System32\CScript.exe" "%1" %* [default=Open2] FileExt: .js: JSFile=C:\Windows\System32\CScript.exe "%1" %* [default=Open2] FileExt: .jse: JSEFile=C:\Windows\System32\CScript.exe "%1" %* [default=Open2] FileExt: .wsf: WSFFile="C:\Windows\System32\CScript.exe" "%1" %* [default=Open2] . =============== Created Last 30 ================ . 2013-01-19 16:04:47 -------- d-sh--w- C:\Users\Whittington\AppData\Roaming\.# 2013-01-19 16:04:43 -------- d-----w- C:\Users\Whittington\AppData\Roaming\McGraw-HillLicensing 2013-01-18 22:49:01 776864 ----a-w- C:\Windows\System32\drivers\N360x64\1402010.016\srtsp64.sys 2013-01-18 22:49:01 493216 ----a-w- C:\Windows\System32\drivers\N360x64\1402010.016\symds64.sys 2013-01-18 22:49:01 432800 ----a-w- C:\Windows\System32\drivers\N360x64\1402010.016\symnets.sys 2013-01-18 22:49:01 37496 ----a-r- C:\Windows\System32\drivers\N360x64\1402010.016\srtspx64.sys 2013-01-18 22:49:01 23448 ----a-r- C:\Windows\System32\drivers\N360x64\1402010.016\symelam.sys 2013-01-18 22:49:01 224416 ----a-w- C:\Windows\System32\drivers\N360x64\1402010.016\ironx64.sys 2013-01-18 22:49:01 168096 ----a-w- C:\Windows\System32\drivers\N360x64\1402010.016\ccsetx64.sys 2013-01-18 22:49:01 1133216 ----a-w- C:\Windows\System32\drivers\N360x64\1402010.016\symefa64.sys 2013-01-18 22:48:53 -------- d-----w- C:\Windows\System32\drivers\N360x64\1402010.016 2013-01-18 19:43:13 -------- d-----w- C:\Users\Whittington\AppData\Roaming\SkypeTalking 2013-01-18 19:42:28 -------- d-----w- C:\Program Files (x86)\SkypeTalking 2013-01-15 23:51:38 19696 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2013-01-15 21:55:11 -------- d-----w- C:\Windows\en 2013-01-15 21:50:31 57856 ----a-w- C:\Windows\System32\drivers\fssfltr.sys 2013-01-15 21:46:23 77656 ----a-w- C:\Windows\System32\XAPOFX1_5.dll 2013-01-15 21:46:23 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_5.dll 2013-01-15 21:46:23 527192 ----a-w- C:\Windows\SysWow64\XAudio2_7.dll 2013-01-15 21:46:23 518488 ----a-w- C:\Windows\System32\XAudio2_7.dll 2013-01-15 21:46:21 2526056 ----a-w- C:\Windows\System32\D3DCompiler_43.dll 2013-01-15 21:46:21 2106216 ----a-w- C:\Windows\SysWow64\D3DCompiler_43.dll 2013-01-15 21:46:19 276832 ----a-w- C:\Windows\System32\d3dx11_43.dll 2013-01-15 21:46:19 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll 2013-01-15 21:44:28 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll 2013-01-15 21:44:28 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll 2013-01-15 21:41:19 5659096 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\55f186441cdf36805\skydrivesetup.exe 2013-01-15 21:41:19 -------- d-----w- C:\Program Files (x86)\Microsoft SkyDrive 2013-01-15 21:41:18 -------- d-----r- C:\Users\Whittington\SkyDrive 2013-01-15 21:40:51 -------- d-----w- C:\ProgramData\Microsoft SkyDrive 2013-01-15 21:36:09 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\4d9fa3561cdf36804\DSETUP.dll 2013-01-15 21:36:09 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\4d9fa3561cdf36804\DXSETUP.exe 2013-01-15 21:36:09 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\4d9fa3561cdf36804\dsetup32.dll 2013-01-15 21:35:51 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\40f7d3481cdf36802\DXSETUP.exe 2013-01-15 21:35:51 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\40f7d3481cdf36802\dsetup32.dll 2013-01-15 21:35:50 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\40f7d3481cdf36802\DSETUP.dll 2013-01-15 21:35:25 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\3784827e1cdf36801\DSETUP.dll 2013-01-15 21:35:25 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\3784827e1cdf36801\DXSETUP.exe 2013-01-15 21:35:25 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\3784827e1cdf36801\dsetup32.dll 2013-01-15 16:03:44 -------- d-----r- C:\Program Files (x86)\Skype 2013-01-15 10:47:39 -------- d-----w- C:\Users\Whittington\AppData\Local\{E17A161B-E620-4A28-991C-194FF495AFD7} 2013-01-14 19:09:47 -------- d-----w- C:\Users\Whittington\AppData\Local\{C107FBAE-49AE-4829-93A4-9E8736C1220A} 2013-01-14 07:09:18 -------- d-----w- C:\Users\Whittington\AppData\Local\{FBF71926-3EB4-4FDF-A298-7B57D254BC6F} 2013-01-13 13:46:18 -------- d-----w- C:\Users\Whittington\AppData\Local\{7442A473-60AF-40BB-AB92-A3EDE461DAD3} 2013-01-12 08:02:37 -------- d-----w- C:\Users\Whittington\AppData\Local\{DEB4C600-6068-4BD5-B467-8013F3388798} 2013-01-11 15:52:39 -------- d-----w- C:\Users\Whittington\AppData\Local\{B7A75C95-74CA-4DDB-A28E-20A88CF5DDE1} 2013-01-11 03:41:31 46592 ----a-w- C:\Windows\SysWow64\fpb.rs 2013-01-11 03:40:57 2002432 ----a-w- C:\Windows\System32\msxml6.dll 2013-01-11 03:40:57 1882624 ----a-w- C:\Windows\System32\msxml3.dll 2013-01-11 03:40:56 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll 2013-01-11 03:40:56 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2013-01-11 03:40:52 800768 ----a-w- C:\Windows\System32\usp10.dll 2013-01-11 03:40:51 626688 ----a-w- C:\Windows\SysWow64\usp10.dll 2013-01-11 03:40:47 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2013-01-11 03:40:47 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2013-01-11 03:37:50 68608 ----a-w- C:\Windows\System32\taskhost.exe 2013-01-11 03:34:57 3149824 ----a-w- C:\Windows\System32\win32k.sys 2013-01-10 17:27:35 -------- d-----w- C:\Users\Whittington\AppData\Local\{4F9FE85C-60A4-4F4D-8EB2-4BC1AD8E60EC} 2013-01-10 05:09:03 -------- d-----w- C:\Users\Whittington\AppData\Local\{6BA502F8-8CF4-4FFA-9484-7A218FDA6EDB} 2013-01-09 16:23:43 15739912 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe 2013-01-09 15:57:35 -------- d-----w- C:\Users\Whittington\AppData\Local\{7AEAD598-2D17-46EE-B5CE-8EC606BD534F} 2013-01-09 02:01:17 -------- d-----w- C:\Users\Whittington\AppData\Local\{C219E5D5-45A6-4FCF-B2A0-B3B233200CEA} 2013-01-08 14:00:44 -------- d-----w- C:\Users\Whittington\AppData\Local\{D19E04B0-C2DF-40EC-9DF0-44AA9112C633} 2013-01-07 14:47:59 -------- d-----w- C:\Users\Whittington\AppData\Local\{CA7BDACA-6141-4B09-B968-7F8A3007763D} 2013-01-07 04:27:58 -------- dc----w- C:\Users\Whittington\AppData\Local\MigWiz 2013-01-07 02:47:35 -------- d-----w- C:\Users\Whittington\AppData\Local\{281C3FAA-79DE-45B4-B249-60BF62073259} 2013-01-06 10:14:22 -------- d-----w- C:\Program Files (x86)\FileASSASSIN 2013-01-06 05:03:47 -------- d-----w- C:\ProgramData\The Print Shop Business 2013-01-06 05:03:46 -------- d-----w- C:\Program Files (x86)\The Print Shop Business 2013-01-06 04:40:28 86016 ----a-w- C:\Windows\unvise32.exe 2013-01-06 04:40:20 -------- d-----w- C:\Personal Legal Forms 2013-01-06 03:51:29 -------- d-----w- C:\Users\Whittington\AppData\Local\{BCFC9CF7-B18A-4373-9431-393148A7822C} 2013-01-06 02:43:39 -------- d-----w- C:\Users\Whittington\AppData\Roaming\TaxCut 2013-01-06 01:33:45 -------- d-----w- C:\Users\Whittington\AppData\Roaming\MozillaControl 2013-01-06 01:22:49 -------- d-----w- C:\ProgramData\Wolters Kluwer 2013-01-06 01:21:41 -------- d-----w- C:\Program Files (x86)\H&R Block Business 2012 2013-01-06 01:13:08 -------- d-----w- C:\Program Files (x86)\PDF995 2013-01-06 01:13:08 -------- d-----w- C:\Program Files (x86)\HRBlock2012 2013-01-06 00:11:20 -------- d-----w- C:\ProgramData\TaxCut 2013-01-06 00:11:02 -------- d-----w- C:\Program Files\HRBlock2012 2013-01-05 23:05:49 -------- d-----w- C:\Users\Whittington\AppData\Roaming\com.adobe.sendnow.SendNowDesktop 2013-01-05 13:48:34 -------- d-----w- C:\Users\Whittington\AppData\Local\{88B2A6DA-6E10-4676-8628-034C63A67447} 2013-01-04 18:05:48 -------- d-----w- C:\Users\Whittington\AppData\Local\{2ECBE62B-1DD7-4795-B02D-E09364A4F0C3} 2013-01-04 17:26:41 -------- d-----w- C:\Users\Whittington\AppData\Local\{8B723675-523E-4667-AEC4-A70B3295FF02} 2013-01-04 14:59:06 -------- d-----w- C:\Users\Whittington\AppData\Local\{8B0F259B-26E1-4117-9908-383C47D3B597} 2013-01-04 12:30:15 -------- d-----w- C:\Users\Whittington\AppData\Local\{E6EEC3A7-053C-48F3-A11F-3E51CEA9A8F0} 2013-01-03 13:31:42 -------- d-----w- C:\Users\Whittington\AppData\Local\{157B6CDB-8309-43A1-944C-755B3F4AB116} 2013-01-03 02:07:41 -------- d-----w- C:\Users\Whittington\AppData\Local\{1C171311-EB47-462F-B45B-E9D991957BCC} 2013-01-02 08:48:48 -------- d-----w- C:\Users\Whittington\AppData\Local\{92DFCAA8-3830-4DA0-99AE-38ABC7EE78B5} 2013-01-01 12:06:51 -------- d-----w- C:\Users\Whittington\AppData\Local\{3BBC5436-12B8-4157-BF96-1DDAE3335F26} 2012-12-31 12:59:41 -------- d-----w- C:\Users\Whittington\AppData\Local\{AB8314DF-E215-4CB8-A3B6-ACA52F108934} . ==================== Find3M ==================== . 2013-01-09 16:53:49 74248 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-01-09 16:53:49 697864 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll 2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll 2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll 2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll 2012-12-14 21:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll 2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll 2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll 2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll 2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs 2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs 2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs 2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs 2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs 2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs 2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs 2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs 2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs 2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs 2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs 2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs 2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs 2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs 2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll 2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll 2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll 2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll 2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll 2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll 2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe 2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe 2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll 2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-11-09 05:45:32 750592 ----a-w- C:\Windows\System32\win32spl.dll 2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll 2012-11-09 04:43:04 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll 2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll 2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll . ============= FINISH: 19:55:06.08 =============== I forgot to include the log file from my MBAM scan: 2013/01/29 01:31:01 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting protection 2013/01/29 01:31:01 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection started successfully 2013/01/29 01:31:01 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection 2013/01/29 01:31:06 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully 2013/01/29 07:08:56 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting protection 2013/01/29 07:08:56 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection started successfully 2013/01/29 07:08:56 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection 2013/01/29 07:09:03 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully 2013/01/29 07:27:49 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting database refresh 2013/01/29 07:27:49 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping IP protection 2013/01/29 07:27:50 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection stopped successfully 2013/01/29 07:27:52 -0500 HP-NETWORK-HUB Whittington MESSAGE Database refreshed successfully 2013/01/29 07:27:52 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection 2013/01/29 07:27:56 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully 2013/01/29 08:54:11 -0500 HP-NETWORK-HUB Whittington IP-BLOCK 66.152.78.239 (Type: outgoing, Port: 51752, Process: chrome.exe) 2013/01/29 12:51:39 -0500 HP-NETWORK-HUB Whittington MESSAGE Executing scheduled update: Daily 2013/01/29 12:51:47 -0500 HP-NETWORK-HUB Whittington MESSAGE Scheduled update executed successfully: database updated from version v2013.01.29.04 to version v2013.01.29.08 2013/01/29 12:51:47 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting database refresh 2013/01/29 12:51:48 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping IP protection 2013/01/29 12:51:48 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection stopped successfully 2013/01/29 12:51:51 -0500 HP-NETWORK-HUB Whittington MESSAGE Database refreshed successfully 2013/01/29 12:51:51 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection 2013/01/29 12:51:55 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully 2013/01/29 14:16:33 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting protection 2013/01/29 14:16:33 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection started successfully 2013/01/29 14:16:33 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection 2013/01/29 14:16:39 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully 2013/01/29 14:31:30 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping protection 2013/01/29 14:31:30 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection stopped successfully 2013/01/29 14:31:33 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping IP protection 2013/01/29 14:31:33 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection stopped successfully 2013/01/29 14:38:16 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting protection 2013/01/29 14:38:17 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection started successfully 2013/01/29 14:38:17 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection 2013/01/29 14:38:22 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully 2013/01/29 15:30:01 -0500 HP-NETWORK-HUB Whittington MESSAGE Executing scheduled update: Daily 2013/01/29 15:30:03 -0500 HP-NETWORK-HUB Whittington ERROR Scheduled update failed: Host not found failed with error code 0 2013/01/29 15:30:03 -0500 HP-NETWORK-HUB Whittington ERROR Integrity verification failed failed with error code 2 2013/01/29 15:30:03 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection stopped 2013/01/29 15:33:53 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting protection 2013/01/29 15:33:53 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection started successfully 2013/01/29 15:33:53 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection 2013/01/29 15:33:57 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully 2013/01/29 15:33:57 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting database refresh 2013/01/29 15:33:57 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping IP protection 2013/01/29 15:33:58 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection stopped successfully 2013/01/29 15:34:00 -0500 HP-NETWORK-HUB Whittington MESSAGE Database refreshed successfully 2013/01/29 15:34:00 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection 2013/01/29 15:34:05 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully 2013/01/29 16:10:58 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting protection 2013/01/29 16:10:58 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection started successfully 2013/01/29 16:10:58 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection 2013/01/29 16:11:04 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully 2013/01/29 19:53:09 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping protection 2013/01/29 19:53:09 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection stopped successfully 2013/01/29 19:53:09 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping IP protection 2013/01/29 19:53:10 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection stopped successfully 2013/01/29 19:56:40 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting protection 2013/01/29 19:56:40 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection started successfully 2013/01/29 19:56:41 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection 2013/01/29 19:56:45 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully 2013/01/29 19:56:45 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping IP protection 2013/01/29 19:56:46 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection stopped successfully 2013/01/29 19:56:46 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection 2013/01/29 19:56:50 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully 2013/01/29 19:56:50 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping IP protection 2013/01/29 19:56:50 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection stopped successfully 2013/01/29 19:56:50 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection 2013/01/29 19:56:55 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully 2013/01/29 19:56:55 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping IP protection 2013/01/29 19:56:55 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection stopped successfully 2013/01/29 19:56:55 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection 2013/01/29 19:57:00 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully 2013/01/29 19:57:00 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping IP protection 2013/01/29 19:57:00 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection stopped successfully 2013/01/29 19:57:00 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping protection 2013/01/29 19:57:00 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection stopped successfully 2013/01/29 19:57:00 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting protection 2013/01/29 19:57:00 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection started successfully 2013/01/29 19:57:00 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping protection 2013/01/29 19:57:00 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection stopped successfully 2013/01/29 19:57:02 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection 2013/01/29 19:57:06 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully 2013/01/29 19:57:06 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting protection 2013/01/29 19:57:06 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection started successfully 2013/01/29 20:52:12 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting protection 2013/01/29 20:52:12 -0500 HP-NETWORK-HUB Whittington MESSAGE Protection started successfully 2013/01/29 20:52:12 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection 2013/01/29 20:52:18 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully 2013/01/29 21:53:52 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting database refresh 2013/01/29 21:53:52 -0500 HP-NETWORK-HUB Whittington MESSAGE Stopping IP protection 2013/01/29 21:53:53 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection stopped successfully 2013/01/29 21:53:55 -0500 HP-NETWORK-HUB Whittington MESSAGE Database refreshed successfully 2013/01/29 21:53:55 -0500 HP-NETWORK-HUB Whittington MESSAGE Starting IP protection 2013/01/29 21:53:59 -0500 HP-NETWORK-HUB Whittington MESSAGE IP Protection started successfully attach.txt dds.txt protection-log-2013-01-29.txt
  2. I have removed this infection twice I think with combofix, but I must be wrong because it keeps reappearing. It does nothing to my desktop, and Spybot notifies me each time I start the computer up that it's trying to delete my CMD, taskMGR, drivers, and a few other components. I simply click deny and remember that decision. It is a redirect infection. I have conquered it and been without redirection for the rest of the day, but every time I restart the computer it seems to reinfect my machine. I have scanned multiple times with TDSSkiller, Malewarebytes, and Rougekiller, as well as Combofix only to come up empty handed. There is some pretty important data (pictures etc..) and I don't want to factory reset or have the computer enter a state of nonoperational meltdown during my attempted fixings so I am asking for help. ---------------------------------------------------------------Here is my Hijackthis log and hope someone will be available on the forums to assist me. Thank you.--------------------------------------------------------------------------------------------- Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 8:14:06 AM, on 1/12/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Normal Running processes: C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Users\computer\AppData\Local\Akamai\netsession_win.exe C:\Users\computer\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\computer\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Users\computer\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\computer\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\computer\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\computer\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\computer\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\computer\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1:9421;*.local;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\computer\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [ADA2A0E7261CB6A8553FA5425D18AE06C32E1021._service_run] "C:\Users\computer\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file) O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file) O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgemc.exe O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - http://libusb-win32.sourceforge.net - C:\Windows\system32\libusbd-nt.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10201 bytes</local> I will be back around 11 to continue this forum* Thank you for the help and patience.
  3. Hello, Have a decent google/redirect virus. Installed and ran MB scan. Found one trojan...seemed to run a little better, than less than a day later I've got redirect again. Followed steps outlined in sticky. Here are the two dds/attach logs. Thanks in advance. DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_30 Run by jimmywings at 1:39:26 on 2012-07-16 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.1909.775 [GMT -7:00] . AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\Dell\DellDock\DockLogin.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\system32\Dwm.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe C:\Windows\System32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files (x86)\AVG\AVG10\avgtray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe C:\Program Files (x86)\Microsoft\BingBar\BingApp.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\WUDFHost.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\AVG\AVG10\avgui.exe C:\Windows\System32\svchost.exe -k swprv C:\Program Files (x86)\AVG\AVG10\avgcfgex.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = g.msn.com/USCON/1 uDefault_Page_URL = g.msn.com/USCON/1 uInternet Settings,ProxyOverride = *.local uURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll mURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll mWinlogon: Userinit=userinit.exe, BHO: {043C5167-00BB-4324-AF7E-62013FAEDACF} - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe uRun: [skype] Rundll32.exe C:\Users\jimmywings\AppData\Local\Skype\eukbbsxr.dll,CreateCTXMLAttribute mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab TCP: DhcpNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{C092949A-15F9-4293-9B88-06C497C7C3EB} : DhcpNameServer = 75.75.75.75 75.75.76.76 Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL BHO-X64: {043C5167-00BB-4324-AF7E-62013FAEDACF} - No File BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-X64: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll BHO-X64: uTorrentControl2 - No File BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB-X64: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun-x64: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\jimmywings\AppData\Roaming\Mozilla\Firefox\Profiles\u04i1iyp.default\ FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?] R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-11-16 98208] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2011-2-8 269520] R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648] R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648] R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-11-16 2320920] R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?] R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?] R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\system32\DRIVERS\bcmvwl64.sys --> C:\Windows\system32\DRIVERS\bcmvwl64.sys [?] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?] R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?] R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2010-7-31 25072] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2012-1-31 7391072] S2 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 McMPFSvc;McAfee Personal Firewall Service;"C:\Program Files\Common Files\McSvHost.exe" /McCoreSvc --> C:\Program Files\Common Files\McSvHost.exe [?] S2 McNaiAnn;McAfee VirusScan Announcer;"C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc --> C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [?] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-7-15 113120] S3 pbfilter;pbfilter;C:\Program Files\PeerBlock\pbfilter.sys [2011-12-22 24176] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2012-07-15 05:56:17 -------- d-----w- C:\Users\jimmywings\AppData\Roaming\Malwarebytes 2012-07-15 05:56:01 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-07-15 05:56:01 -------- d-----w- C:\ProgramData\Malwarebytes 2012-07-15 05:56:00 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-07-11 10:07:03 3147264 ----a-w- C:\Windows\System32\win32k.sys 2012-07-10 23:26:14 -------- d-----w- C:\Users\jimmywings\AppData\Local\ElevatedDiagnostics 2012-07-06 18:03:19 -------- d-----w- C:\Users\jimmywings\AppData\Local\Skype 2012-06-21 15:51:19 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-21 15:51:01 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-21 15:50:46 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-21 15:50:46 186752 ----a-w- C:\Windows\System32\wuwebv.dll . ==================== Find3M ==================== . 2012-06-06 05:50:50 2003968 ----a-w- C:\Windows\System32\msxml6.dll 2012-06-06 05:50:50 1880064 ----a-w- C:\Windows\System32\msxml3.dll 2012-06-06 05:09:46 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-06 05:09:46 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-02 05:38:26 95088 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:38:24 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:37:45 459216 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-06-02 05:27:02 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:27:00 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 04:48:39 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:48:35 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:47:31 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-06-02 04:42:51 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-05-23 16:14:20 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-23 16:14:20 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-05-15 03:56:59 1197568 ----a-w- C:\Windows\System32\wininet.dll 2012-05-15 03:08:48 981504 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-05-04 16:52:23 5473136 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-05-04 10:03:46 3970928 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03:46 3915632 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-05-02 05:32:43 208896 ----a-w- C:\Windows\System32\profsvc.dll 2012-04-28 03:50:40 204800 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-04-26 05:34:38 76288 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-04-26 05:34:37 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-04-26 05:28:32 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-04-24 05:59:45 182272 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-04-24 05:59:45 1460224 ----a-w- C:\Windows\System32\crypt32.dll 2012-04-24 05:59:45 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-04-24 04:47:04 139264 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-04-24 04:47:04 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2012-04-24 04:47:03 1156608 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-04-20 06:22:18 57856 ----a-w- C:\Windows\System32\licmgr10.dll 2012-04-20 05:05:47 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll 2012-04-20 05:00:31 482816 ----a-w- C:\Windows\System32\html.iec 2012-04-20 04:15:04 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2012-04-20 03:58:07 386048 ----a-w- C:\Windows\SysWow64\html.iec 2012-04-20 03:24:18 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2011-01-18 08:53:32 2994688 ----a-w- C:\Program Files\openofficeorg33.msi 2011-01-18 08:52:10 475016 ----a-w- C:\Program Files\setup.exe . ============= FINISH: 1:39:44.97 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 12/25/2010 8:43:13 PM System Uptime: 7/15/2012 2:16:51 PM (11 hours ago) . Motherboard: Dell Inc. | | 08VFX1 Processor: Intel® Pentium® CPU P6100 @ 2.00GHz | U2E1 | 1999/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 218 GiB total, 160.677 GiB free. D: is CDROM () F: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Description: USB Video Device Device ID: USB\VID_0C45&PID_6480&MI_00\7&48F2EAB&0&0000 Manufacturer: Microsoft Name: Integrated Webcam PNP Device ID: USB\VID_0C45&PID_6480&MI_00\7&48F2EAB&0&0000 Service: usbvideo . ==== System Restore Points =================== . RP115: 6/14/2012 3:01:01 AM - Windows Update RP116: 6/21/2012 8:50:20 AM - Windows Update RP117: 6/30/2012 12:16:05 AM - Scheduled Checkpoint RP118: 7/7/2012 11:39:22 AM - Scheduled Checkpoint RP119: 7/11/2012 3:01:06 AM - Windows Update RP120: 7/15/2012 12:42:26 AM - Removed League of Legends . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) µTorrent Adobe Flash Player 10 ActiveX Adobe Reader 9.1.2 Adobe Shockwave Player 11.6 Advanced Audio FX Engine Apple Application Support Apple Software Update Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver Bing Bar Cozi Dell DataSafe Local Backup Dell DataSafe Local Backup - Support Software Dell DataSafe Online Dell Dock Dell Getting Started Guide Dell Home Systems Service Agreement Dell Webcam Central GARMIN 400 Series Trainer GoToAssist 8.0.0.514 Intel® Graphics Media Accelerator Driver Intel® Management Engine Components Internet Explorer Java Auto Updater Java 6 Update 22 Java 6 Update 30 Junk Mail filter update League of Legends Live! Cam Avatar Creator Malwarebytes Anti-Malware version 1.62.0.1300 Microsoft Choice Guard Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Professional 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft PowerPoint Viewer Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable - KB2467175 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Mozilla Firefox 13.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT OpenOffice.org 3.3 Pando Media Booster QuickTime Realtek High Definition Audio Driver Respondus LockDown Browser Roxio Burn Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Skype Toolbars Skype™ 4.2 swMSM Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) uTorrentControl2 Toolbar Visual Studio 2008 x64 Redistributables VLC media player 1.1.9 vShare Plugin WildTangent Games Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Sync Windows Live Upload Tool Windows Live Writer . ==== Event Viewer Messages From Past Week ======== . 7/15/2012 12:20:37 AM, Error: Service Control Manager [7000] - The McAfee VirusScan Announcer service failed to start due to the following error: The system cannot find the file specified. 7/15/2012 12:18:25 AM, Error: Service Control Manager [7003] - The McAfee Personal Firewall Service service depends the following service: MfeFire. This service might not be installed. 7/11/2012 12:48:59 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer MASTER-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{C092949A-15F9-4293-9B88-06C497C7C3EB}. The master browser is stopping or an election is being forced. 7/11/2012 11:15:01 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1. 7/10/2012 8:12:36 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 7/10/2012 11:36:35 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service. . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.