jamesost Posted July 25, 2012 ID:576386 Share Posted July 25, 2012 So my wife was on my computer the other day and when I got home from work it had one of those dumb fake internet security alert messages popping up that was hijacking all urls and wouldnt let programs open due to it being a "Security risk".I followed a malwarebytes tutorial that had me launch safemode and run iexplore, malwarebytes full scan (I own the pro version), and then hitmanpro in regular startup mode. All the fake messages went away, but I would like to make sure my computer is clean and free of anything.If one of you kind fellas wouldnt mind taking a look and please letting me know I would much appreciate it. Logs are attached. Thank you.attach.txtDDS.txt Link to post Share on other sites More sharing options...
Staff screen317 Posted July 25, 2012 Staff ID:576400 Share Posted July 25, 2012 Hi and welcome to Malwarebytes. In the future, please post all logs directly into your reply instead of attaching them unless otherwise indicated. With that said, please update MBAM, run a Quick Scan, and post its log. Next, run DDS again and post DDS.txt directly in your reply. Link to post Share on other sites More sharing options...
jamesost Posted July 25, 2012 Author ID:576501 Share Posted July 25, 2012 Malwarebytes Anti-Malware (PRO) 1.62.0.1300www.malwarebytes.orgDatabase version: v2012.07.25.07Windows 7 Service Pack 1 x64 NTFSInternet Explorer 9.0.8112.16421James :: JAMES-PC [administrator]Protection: Enabled7/25/2012 12:04:39 PMmbam-log-2012-07-25 (12-04-39).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 206053Time elapsed: 13 minute(s), 34 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)(end) Link to post Share on other sites More sharing options...
jamesost Posted July 25, 2012 Author ID:576514 Share Posted July 25, 2012 .DDS (Ver_2011-08-26.01) - NTFSAMD64Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30Run by James at 13:24:11 on 2012-07-25Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8183.4617 [GMT -5:00].AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}.============== Running Processes ===============.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Program Files\Dell\DellDock\DockLogin.exeC:\Program Files\NVIDIA Corporation\Display\NvXDSync.exeC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\SUPERAntiSpyware\SASCORE64.EXEC:\Windows\SysWOW64\svchost.exe -k AkamaiC:\Apache\bin\httpd.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\CrashPlan\CrashPlanService.exeC:\Windows\System32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Motive\McciCMService.exeC:\Program Files\Common Files\Motive\McciCMService.exeC:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exeC:\Program Files (x86)\Mil Incorporated\Mil Shield\ShieldService.exeC:\Apache\bin\httpd.exeC:\Users\James\AppData\Local\Akamai\netsession_win.exeC:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\Users\James\AppData\Local\Akamai\netsession_win.exeC:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exeC:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exeC:\Windows\SysWOW64\rundll32.exeC:\Program Files (x86)\CMS Peripherals\BounceBack Express\BBLauncher.exeC:\Program Files\CrashPlan\CrashPlanTray.exec:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exeC:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exeC:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exeC:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exeC:\Program Files\Dell\DellDock\DellDock.exeC:\Program Files\McAfee.com\Agent\mcagent.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exeC:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\sqlservr.exeC:\Program Files\Microsoft SQL Server\MSAS10.MSSQLSERVER\OLAP\bin\msmdsrv.exeC:\MYSQL\bin\mysqld.exeC:\Program Files\Microsoft SQL Server\MSRS10.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exec:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exec:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exeC:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exeC:\Program Files\Common Files\McAfee\SystemCore\mcshield.exeC:\Program Files\Common Files\McAfee\SystemCore\mfefire.exeC:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exeC:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXEC:\Windows\system32\conhost.exeC:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeC:\Program Files\iPod\bin\iPodService.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\fdlauncher.exec:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\fdhost.exeC:\Windows\system32\WUDFHost.exeC:\Windows\system32\conhost.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXEC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Windows\system32\svchost.exe -k SDRSVCC:\Program Files\McAfee\VirusScan\mcods.exec:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exeC:\PROGRA~2\Yahoo!\MESSEN~1\YAHOOM~1.EXEC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exeC:\Windows\system32\conhost.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exeC:\Windows\system32\conhost.exeC:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exeC:\Windows\system32\taskeng.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\SysWOW64\cmd.exeC:\Windows\system32\conhost.exeC:\Windows\SysWOW64\cscript.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://google.com/uInternet Settings,ProxyOverride = <local>;*.localBHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dllBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dllBHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dllBHO: IEExtension.VDownloaderBHO: {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - mscoree.dllBHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120622015142.dllBHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllBHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dllBHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLLBHO: Somoto Toolbar: {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - C:\Program Files (x86)\somototoolbar\vmntemplateX.dllBHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllTB: Somoto Toolbar: {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - C:\Program Files (x86)\somototoolbar\vmntemplateX.dllTB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllTB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dllTB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dllTB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No FileTB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No FileTB: {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - No FileEB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dlluRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quietuRun: [Google Update] "C:\Users\James\AppData\Local\Google\Update\GoogleUpdate.exe" /cuRun: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorunuRun: [Akamai NetSession Interface] "C:\Users\James\AppData\Local\Akamai\netsession_win.exe"uRun: [MilShieldSlave] "C:\Program Files (x86)\Mil Incorporated\Mil Shield\ShieldWorker.exe" -logonuRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeuRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"mRun: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exemRun: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /rmRun: [sPIRunE] Rundll32 SPIRunE.dll,RunDLLEntrymRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /mmRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exemRun: [bounceBack Setup] "C:\Program Files (x86)\CMS Peripherals\BounceBack Express\AppLaunch.exe" /LaunchitmRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkeymRun: [RegistryQuick.exe] C:\Program Files (x86)\RegQuick\RegistryQuick.exemRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttraymRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exemRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"mRun: [<NO NAME>]mRun: [Adobe_ID0EYTHM] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXEStartupFolder: C:\Users\James\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exeStartupFolder: C:\Users\James\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\VDOWNL~1.LNK - C:\Program Files (x86)\VDownloader\VDownloader.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEA~1.LNK - C:\Windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEA~2.LNK - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BOUNCE~1.LNK - C:\Program Files (x86)\CMS Peripherals\BounceBack Express\BBLauncher.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CRASHP~1.LNK - C:\Program Files (x86)\CrashPlan\CrashPlanTray.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Apache\bin\ApacheMonitor.exeuPolicies-explorer: HideSCAHealth = 1 (0x1)mPolicies-explorer: NoActiveDesktop = 1 (0x1)mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)mPolicies-system: EnableUIADesktopToggle = 0 (0x0)IE: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlIE: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlIE: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLLLSP: mswsock.dllTrusted Zone: mesquiteisd.orgTrusted Zone: mesquiteisd.org\elearn2Trusted Zone: mesquiteisd.org\wwwTrusted Zone: twixt.us\beDPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cabDPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabDPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cabTCP: DhcpNameServer = 192.168.1.254TCP: Interfaces\{68CF1513-A706-4EF5-A048-F4BDFF7B2011} : DhcpNameServer = 192.168.1.254Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllBHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dllBHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO-X64: AcroIEHelperStub - No FileBHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dllBHO-X64: McAfee Phishing Filter - No FileBHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dllBHO-X64: IEExtension.VDownloaderBHO: {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - mscoree.dllBHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120622015142.dllBHO-X64: scriptproxy - No FileBHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllBHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dllBHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLLBHO-X64: URLRedirectionBHO - No FileBHO-X64: Somoto Toolbar: {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - C:\Program Files (x86)\somototoolbar\vmntemplateX.dllBHO-X64: Somoto Toolbar - No FileBHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllTB-X64: Somoto Toolbar: {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - C:\Program Files (x86)\somototoolbar\vmntemplateX.dllTB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllTB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dllTB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dllTB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No FileTB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No FileTB-X64: {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - No FileEB-X64: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - No FilemRun-x64: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exemRun-x64: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /rmRun-x64: [sPIRunE] Rundll32 SPIRunE.dll,RunDLLEntrymRun-x64: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /mmRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exemRun-x64: [bounceBack Setup] "C:\Program Files (x86)\CMS Peripherals\BounceBack Express\AppLaunch.exe" /LaunchitmRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkeymRun-x64: [RegistryQuick.exe] C:\Program Files (x86)\RegQuick\RegistryQuick.exemRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttraymRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun-x64: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exemRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"mRun-x64: [(Default)]mRun-x64: [Adobe_ID0EYTHM] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE.================= FIREFOX ===================.FF - ProfilePath - C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\72zwrn9e.default\FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}FF - prefs.js: browser.search.selectedEngine - Search ResultsFF - prefs.js: browser.startup.homepage - hxxp://www.google.comFF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z045&form=ZGAADF&q=FF - plugin: c:\progra~2\mcafee\msc\npMcSnFFPl.dllFF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLLFF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.23\npGoogleOneClick8.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dllFF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dllFF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dllFF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dllFF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dllFF - plugin: C:\Program Files (x86)\Opera\program\plugins\np_gp.dllFF - plugin: C:\Program Files (x86)\Opera\program\plugins\npMozCouponPrinter.dllFF - plugin: C:\Program Files (x86)\VDownloader\Addons\npVDownloader.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\Users\James\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dllFF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}FF - Ext: Java Console: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}FF - Ext: Web Developer: {c45c406e-ab73-11d8-be73-000a95be3b12} - %profile%\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}FF - Ext: Firebug: firebug@software.joehewitt.com - %profile%\extensions\firebug@software.joehewitt.comFF - Ext: MacOSX Theme: {00352F14-3F76-4e4d-ACFF-9972D7E4B3B9} - %profile%\extensions\{00352F14-3F76-4e4d-ACFF-9972D7E4B3B9}FF - Ext: Firefox Accessibility Extension: accessext@cita.uiuc.edu - %profile%\extensions\accessext@cita.uiuc.eduFF - Ext: Fangs: {21D01944-2878-4eb3-A72A-83E8D1E6D4A6} - %profile%\extensions\{21D01944-2878-4eb3-A72A-83E8D1E6D4A6}FF - Ext: Juicy Studio Colour Contrast Analyser: {34c51bf3-5fb2-4799-8cca-d5b8567cf7ef} - %profile%\extensions\{34c51bf3-5fb2-4799-8cca-d5b8567cf7ef}FF - Ext: YSlow: yslow@yahoo-inc.com - %profile%\extensions\yslow@yahoo-inc.comFF - Ext: Firecookie: firecookie@janodvarko.cz - %profile%\extensions\firecookie@janodvarko.czFF - Ext: FirePHP: FirePHPExtension-Build@firephp.org - %profile%\extensions\FirePHPExtension-Build@firephp.orgFF - Ext: Pixel Perfect: pixelperfectplugin@openhouseconcepts.com - %profile%\extensions\pixelperfectplugin@openhouseconcepts.comFF - Ext: FireRainbow: firerainbow@hildebrand.cz - %profile%\extensions\firerainbow@hildebrand.czFF - Ext: CodeBurner for Firebug: firebug@tools.sitepoint.com - %profile%\extensions\firebug@tools.sitepoint.comFF - Ext: Font Finder: fontfinder@bendodson.com - %profile%\extensions\fontfinder@bendodson.comFF - Ext: SomotoToolbar: {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - %profile%\extensions\{c3721e85-f0ac-4b7e-ae4c-3e738011dc9d}FF - Ext: XfireXO Community Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - %profile%\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}FF - Ext: CacheViewer: {71328583-3CA7-4809-B4BA-570A85818FBB} - %profile%\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}FF - Ext: Cache Status: cache@status.org - %profile%\extensions\cache@status.orgFF - Ext: VDownloader: support@vdownloader.com - C:\Program Files (x86)\VDownloader\Addons\FireFox.============= SERVICES / DRIVERS ===============.R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-7-18 140672]R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 20992]R2 Apache2.2;Apache2.2;C:\Apache\bin\httpd.exe [2010-7-30 24645]R2 CrashPlanService;CrashPlan Backup Service;C:\Program Files\CrashPlan\CrashPlanService.exe [2012-3-26 222720]R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]R2 Freedom Scientific Kernel Manager {D2B4C7A7-7605-4039-89E4-DE5CC69BBE9D};Freedom Scientific Kernel Manager;\??\C:\Windows\system32\fsKMgr.dll --> C:\Windows\system32\fsKMgr.dll [?]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-5-13 655944]R2 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2010-3-25 517632]R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-4 249936]R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-4 249936]R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2010-9-1 199272]R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2010-9-1 210584]R2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-9-1 162192]R2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);C:\Program Files\Microsoft SQL Server\MSRS10.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2009-3-30 2075480]R2 Sentinel64;Sentinel64;C:\Windows\system32\Drivers\Sentinel64.sys --> C:\Windows\system32\Drivers\Sentinel64.sys [?]R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]R3 fsvidmir;fsvidmir;C:\Windows\system32\DRIVERS\fsvidmir.sys --> C:\Windows\system32\DRIVERS\fsvidmir.sys [?]R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]R3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER);C:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [2008-7-10 34840]R3 t3;Sound Blaster X-Fi Xtreme Audio;C:\Windows\system32\drivers\t3.sys --> C:\Windows\system32\drivers\t3.sys [?]R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys --> C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys [?]R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);C:\Windows\system32\drivers\WsAudio_DeviceS(2).sys --> C:\Windows\system32\drivers\WsAudio_DeviceS(2).sys [?]R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);C:\Windows\system32\drivers\WsAudio_DeviceS(3).sys --> C:\Windows\system32\drivers\WsAudio_DeviceS(3).sys [?]R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);C:\Windows\system32\drivers\WsAudio_DeviceS(4).sys --> C:\Windows\system32\drivers\WsAudio_DeviceS(4).sys [?]R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);C:\Windows\system32\drivers\WsAudio_DeviceS(5).sys --> C:\Windows\system32\drivers\WsAudio_DeviceS(5).sys [?]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-28 136176]S2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-4 249936]S2 MsDtsServer100;SQL Server Integration Services 10.0;C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [2008-7-10 214040]S2 SessionLauncher;SessionLauncher;c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe --> c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [?]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-5 250056]S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2009-11-18 79360]S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-11-18 79360]S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-28 136176]S3 hitmanpro36;Hitman Pro 3.5 Support Driver;\??\C:\Windows\system32\drivers\hitmanpro36.sys --> C:\Windows\system32\drivers\hitmanpro36.sys [?]S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\RoxMediaDB10.exe [2009-6-26 1124848]S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2008-7-10 61976]S4 RsFx0103;RsFx0103 Driver;C:\Windows\system32\DRIVERS\RsFx0103.sys --> C:\Windows\system32\DRIVERS\RsFx0103.sys [?].=============== File Associations ===============..scr=DWGTrueViewScriptFile.=============== Created Last 30 ================.2012-07-22 06:02:38 30496 ----a-w- C:\Windows\System32\drivers\hitmanpro36.sys2012-07-22 05:47:41 -------- d-----w- C:\ProgramData\HitmanPro2012-07-22 05:46:29 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%2012-07-22 02:43:16 -------- d-----w- C:\ProgramData\225932DF004DBD4017751010F875F0022012-07-15 21:31:51 -------- d-----w- C:\Users\James\AppData\Roaming\ts3overlay2012-07-15 21:30:11 -------- d-----w- C:\Users\James\AppData\Roaming\TS3Client2012-07-15 21:27:12 -------- d-----w- C:\Users\James\AppData\Local\TeamSpeak 3 Client2012-07-13 16:07:47 -------- d-----w- C:\Users\James\AppData\Local\Macromedia2012-07-12 15:35:10 -------- d-----w- C:\ProgramData\ALM2012-07-12 15:19:45 28248 ----a-r- C:\Windows\SysWow64\AdobePDF.dll2012-07-12 06:32:52 -------- d-----w- C:\Program Files (x86)\Common Files\Macrovision Shared2012-07-12 06:17:33 -------- d-----w- C:\Program Files (x86)\NCH Software2012-07-11 08:14:42 3148800 ----a-w- C:\Windows\System32\win32k.sys2012-07-11 05:22:50 2004480 ----a-w- C:\Windows\System32\msxml6.dll2012-07-11 05:21:57 22016 ----a-w- C:\Windows\SysWow64\secur32.dll2012-07-11 05:21:48 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll2012-07-11 05:21:38 1499136 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll2012-07-11 05:21:37 1019904 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll2012-07-11 05:21:34 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll2012-07-11 05:21:33 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll2012-07-11 05:21:31 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll2012-07-11 05:21:26 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll2012-07-11 05:21:19 61440 ----a-w- C:\Program Files\Common Files\System\ado\msador15.dll2012-07-11 05:21:19 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll2012-07-11 05:21:13 57344 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msador15.dll2012-07-11 05:21:05 212992 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll2012-07-11 05:20:59 143360 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msjro.dll2012-07-11 05:20:52 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll2012-07-11 05:20:49 1133568 ----a-w- C:\Windows\System32\cdosys.dll2012-07-11 04:58:36 -------- d-----w- C:\ProgramData\FLEXnetold22012-07-11 04:26:20 -------- d-----w- C:\Users\James\AdobeLicensingFilesBackup2012-07-10 05:42:55 -------- d-----w- C:\Users\James\AppData\Local\{C755F6FD-F53B-4054-960A-771076AA9730}2012-07-10 05:42:32 -------- d-----w- C:\Users\James\AppData\Local\{F117CB5E-8EB0-4552-8049-05BFA61F9077}2012-07-10 05:33:44 -------- d-----w- C:\Windows\en2012-07-10 05:29:08 19736 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll2012-07-10 05:27:01 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a165685d1cd5e5c03\DSETUP.dll2012-07-10 05:27:01 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a165685d1cd5e5c03\DXSETUP.exe2012-07-10 05:27:01 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a165685d1cd5e5c03\dsetup32.dll2012-07-10 04:05:46 -------- d-----w- C:\Users\James\AppData\Local\MPlayer2012-07-10 03:59:31 -------- d-----w- C:\Users\James\.dvdcss2012-07-10 03:59:30 -------- d-----w- C:\Users\James\fontconfig2012-07-10 03:58:05 -------- d-----w- C:\Program Files (x86)\SnowFox Software2012-07-04 01:57:31 -------- d-----w- C:\Users\James\AppData\Local\{B3EF93C8-6709-448F-9EF8-9B6072BB82FD}2012-07-04 01:57:02 -------- d-----w- C:\Users\James\AppData\Local\{BFAE9EFA-654F-49A5-BC4D-8F3E21A13783}2012-07-04 01:46:43 -------- d-----w- C:\Users\James\AppData\Local\{9BC7646C-3BC6-4DD0-B194-5305B6FB1722}.==================== Find3M ====================.2012-07-12 07:22:33 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2012-07-12 07:22:32 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2012-07-03 18:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll2012-06-02 20:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll2012-06-02 20:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2012-05-03 02:54:46 42392 ----a-w- C:\Windows\SysWow64\xfcodec.dll2012-05-03 02:54:46 28056 ----a-w- C:\Windows\System32\xfcodec64.dll2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys2011-09-16 20:12:04 143240 ----a-w- C:\Program Files (x86)\Common Files\ApnStub.exe2010-01-26 16:11:08 444283 ----a-w- C:\Program Files (x86)\Common Files\WinPcapNmap.exe.============= FINISH: 13:32:54.82 =============== Link to post Share on other sites More sharing options...
jamesost Posted July 25, 2012 Author ID:576516 Share Posted July 25, 2012 .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2011-08-26.01).Microsoft Windows 7 Home PremiumBoot Device: \Device\HarddiskVolume2Install Date: 11/21/2009 10:45:59 PMSystem Uptime: 7/24/2012 2:30:36 AM (35 hours ago).Motherboard: Dell Inc. | | 0X231RProcessor: Intel® Core i7 CPU 860 @ 2.80GHz | CPU 1 | 2793/133mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 684 GiB total, 490.476 GiB free.D: is CDROM ()E: is CDROM ()F: is RemovableG: is RemovableH: is RemovableI: is RemovableJ: is RemovableN: is RemovableO: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP434: 7/13/2012 3:01:05 AM - Windows UpdateRP435: 7/13/2012 6:34:45 PM - Removed Opera 11.64.RP436: 7/20/2012 11:40:03 PM - Scheduled Checkpoint.==== Installed Programs ======================. Update for Microsoft Office 2007 (KB2508958)Acrobat.comAdd or Remove Adobe Creative Suite 3 Web PremiumAdobe Acrobat 8 ProfessionalAdobe AIRAdobe Anchor Service CS3Adobe Asset Services CS3Adobe Bridge CS3Adobe Bridge Start MeetingAdobe BridgeTalk Plugin CS3Adobe Camera Raw 4.0Adobe CMapsAdobe Color - Photoshop SpecificAdobe Color Common SettingsAdobe Color EU Extra SettingsAdobe Color JA Extra SettingsAdobe Color NA Recommended SettingsAdobe Contribute CS3Adobe Creative Suite 3 Web PremiumAdobe Default Language CS3Adobe Device Central CS3Adobe Dreamweaver CS3Adobe ExtendScript Toolkit 2Adobe Extension Manager CS3Adobe Fireworks CS3Adobe Flash CS3Adobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Flash Player 9 ActiveXAdobe Flash Player 9 PluginAdobe Flash Video EncoderAdobe Fonts AllAdobe Help Viewer CS3Adobe Illustrator CS3Adobe Linguistics CS3Adobe MotionPicture Color FilesAdobe PDF Library FilesAdobe Photoshop CS3Adobe Reader 9.3Adobe SetupAdobe Shockwave Player 11.5Adobe Stock Photos CS3Adobe Type SupportAdobe Update Manager CS3Adobe Version Cue CS3 ClientAdobe Version Cue CS3 ServerAdobe WAS CS3Adobe WinSoft Linguistics PluginAdobe XMP Panels CS3AHV content for Acrobat and FlashAimersoft DRM Media Converter(Build 1.4.7.2)AimOne Video Joiner 1.35AimOne Video Splitter 1.42Akamai NetSession InterfaceAkamai NetSession Interface ServiceApache HTTP Server 2.2.16Apple Application SupportApple Software UpdateAT&T U-verse SetupAutoBookmark Standard Plug-In, v. 4.0 (TRIAL VERSION)BookSmart® 2.9.4 2.9.4Camtasia Studio 7Consumer In-Home Service AgreementCopyTrans Suite Remove OnlyCoupon Printer for WindowsCreative Audio Control PanelCreative Software AutoUpdateCreative Sound Blaster Properties x64 EditionCrystal Reports Basic for Visual Studio 2008D3DX10Definition Update for Microsoft Office 2010 (KB982726) 32-Bit EditionDell DataSafe OnlineDell Getting Started GuideDirectXInstallServiceDoxillion Document ConverterEMC 10 ContentFileZilla Client 3.5.3Font Management SystemFormatFactory 2.60FrapsFreedom Scientific Synthesizer EloquenceGameSpy ArcadeGoogle ChromeGoogle Toolbar for Internet ExplorerGoogle Update HelperHandBrake 0.9.5Host OpenALHotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB2538241)Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB971091)Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB971092)Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB973674)Java Auto UpdaterJava 6 Update 30Junk Mail filter updateLet's Clean Up! PlusMalwarebytes Anti-Malware version 1.62.0.1300Market SamuraiMcAfee Security Scan PlusMcAfee SecurityCenterMicrosoft .NET Compact Framework 2.0 SP2Microsoft .NET Compact Framework 3.5Microsoft .NET Framework 1.1Microsoft Access 2010 Runtime Service Pack 1 (SP1)Microsoft Access Runtime 2010Microsoft Document Explorer 2008Microsoft HaloMicrosoft Office 2003 Web ComponentsMicrosoft Office 2007 Service Pack 3 (SP3)Microsoft Office Access MUI (English) 2007Microsoft Office Access Runtime 2010Microsoft Office Access Runtime MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2007Microsoft Office Excel MUI (English) 2007Microsoft Office File Validation Add-InMicrosoft Office Groove MUI (English) 2007Microsoft Office Groove Setup Metadata MUI (English) 2007Microsoft Office Home and Student 2007Microsoft Office InfoPath MUI (English) 2007Microsoft Office OneNote MUI (English) 2007Microsoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Publisher MUI (English) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)Microsoft Office Ultimate 2007Microsoft Office Visual Web Developer 2007Microsoft Office Visual Web Developer MUI (English) 2007Microsoft Office Word MUI (English) 2007Microsoft SilverlightMicrosoft SQL Server 2005Microsoft SQL Server 2005 Compact Edition [ENU]Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)Microsoft SQL Server 2005 Tools Express EditionMicrosoft SQL Server 2008 Books Online (English)Microsoft SQL Server 2008 BrowserMicrosoft SQL Server 2008 Management ObjectsMicrosoft SQL Server 2008 PoliciesMicrosoft SQL Server Compact 3.5 for Devices ENUMicrosoft SQL Server Compact 3.5 SP1 Design Tools EnglishMicrosoft SQL Server Compact 3.5 SP1 EnglishMicrosoft SQL Server Compact 3.5 SP1 Query Tools EnglishMicrosoft SQL Server Database Publishing Wizard 1.3Microsoft SQL Server Setup Support Files (English)Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual Studio 2005 Tools for Office RuntimeMicrosoft Visual Studio 2008 Professional Edition - ENUMicrosoft Visual Studio 2008 Professional Edition - ENU Service Pack 1 (KB945140)Microsoft Visual Studio 2008 Remote Debugger - ENU Service Pack 1 (KB945140)Microsoft Visual Studio 2008 Shell (integrated mode) - ENUMicrosoft Visual Studio Tools for Applications 2.0 - ENUMicrosoft Visual Studio Web Authoring ComponentMil ShieldMozilla Firefox (3.6.25)MSDN Library for Visual Studio 2008 - ENUMSVCRTMSVCRT_amd64MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML 4.0 SP2 Parser and SDKMultimedia Card ReaderNCH FileBulldog ToolbarNotepad++NVIDIA PhysXNVIDIA Stereoscopic 3D DriverOctoshape add-in for Adobe Flash PlayerOpera 12.00PDF SettingsPowerDVD DXQuickTimeRoxio Activation ModuleRoxio BackOnTrackRoxio Central AudioRoxio Central CopyRoxio Central CoreRoxio Central DataRoxio Central ToolsRoxio Easy CD and DVD BurningRoxio Express Labeler 3Roxio Update ManagerSafariSecurity Update for 2007 Microsoft Office System (KB2288621)Security Update for 2007 Microsoft Office System (KB2584063)Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2656351)Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596672) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596744) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596785) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596792) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596880) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597162) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597969) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2598041) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553091)Security Update for Microsoft Office 2010 (KB2553371) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553447) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2589320) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2598039) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2598243) 32-Bit EditionSecurity Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit EditionSecurity Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSecurity Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit EditionSecurity Update for Microsoft Office system 2007 (KB974234)Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit EditionSecurity Update for Microsoft SharePoint Workspace 2010 (KB2566445)Security Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB2251487)Security Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB2669970)Security Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB972222)Security Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB973675)Sentinel System Driver Installer 7.5.0SmartFTP Client Setup Files 4.0 (x64) (remove only)SnowFox DVD & Video Converter 3.0.1.0Sonic CinePlayer Decoder PackSound Blaster X-FiSQL Server System CLR TypesSwitch Sound File ConverterTeamSpeak 3 ClientTotal Validator ToolTune4win M4V Converter 1.0.4Update for 2007 Microsoft Office System (KB2284654)Update for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2600217)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office 2007 System (KB2539530)Update for Microsoft Office 2010 (KB2553181) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553310) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2596964) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2597091) 32-Bit EditionUpdate for Microsoft Office Access 2007 Help (KB963663)Update for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office Infopath 2007 Help (KB963662)Update for Microsoft Office OneNote 2007 Help (KB963670)Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit EditionUpdate for Microsoft Office Outlook 2007 Help (KB963677)Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit EditionUpdate for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Publisher 2007 Help (KB963667)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)Update for Microsoft OneNote 2010 (KB2589345) 32-Bit EditionUpdate for Microsoft Visual Studio 2008 Professional Edition - ENU (KB972221)Update for Microsoft Visual Studio Web Authoring Component (KB945140)VC Runtimes MSIVDownloader 3.8.985Visual C++ 2008 IA64 Runtime - (v9.0.30729)Visual C++ 2008 IA64 Runtime - v9.0.30729.01Visual C++ 2008 x64 Runtime - (v9.0.30729)Visual C++ 2008 x64 Runtime - (v9.0.30729.4148)Visual C++ 2008 x64 Runtime - (v9.0.30729.6161)Visual C++ 2008 x64 Runtime - v9.0.30729.01Visual C++ 2008 x64 Runtime - v9.0.30729.4148Visual C++ 2008 x64 Runtime - v9.0.30729.6161Visual C++ 2008 x86 Runtime - (v9.0.30729)Visual C++ 2008 x86 Runtime - (v9.0.30729.4148)Visual C++ 2008 x86 Runtime - (v9.0.30729.6161)Visual C++ 2008 x86 Runtime - v9.0.30729.01Visual C++ 2008 x86 Runtime - v9.0.30729.4148Visual C++ 2008 x86 Runtime - v9.0.30729.6161Visual Studio 2005 Tools for Office Second Edition RuntimeVisual Studio Tools for the Office system 3.0 RuntimeVisual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258)WavePad Sound EditorWinAce ArchiverWindows Live Communications PlatformWindows Live EssentialsWindows Live InstallerWindows Live MailWindows Live MessengerWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live SOXEWindows Live SOXE DefinitionsWindows Live SyncWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWindows Mobile 5.0 SDK R2 for Pocket PCWindows Mobile 5.0 SDK R2 for SmartphoneWindows Movie Maker 2.6WinPcap 4.1.1WinSCP 4.2.8WinZip 15.5Xfire (remove only)Yahoo! MessengerYahoo! Software UpdateZinio Reader 4.==== Event Viewer Messages From Past Week ========.7/24/2012 2:37:43 AM, Error: Service Control Manager [7003] - The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.7/24/2012 2:34:47 AM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-21470248917/24/2012 2:34:47 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-21470248917/24/2012 2:34:12 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: RxFilter7/24/2012 2:33:27 AM, Error: Service Control Manager [7000] - The SessionLauncher service failed to start due to the following error: The system cannot find the file specified.7/24/2012 2:33:12 AM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.7/24/2012 2:32:13 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SQL Server Integration Services 10.0 service to connect.7/24/2012 2:32:13 AM, Error: Service Control Manager [7000] - The SQL Server Integration Services 10.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.7/24/2012 2:31:36 AM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.7/24/2012 2:31:27 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.7/22/2012 9:47:17 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user James-PC\James SID (S-1-5-21-2482222888-3877877194-96238860-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.7/22/2012 9:47:17 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user James-PC\James SID (S-1-5-21-2482222888-3877877194-96238860-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.7/22/2012 1:02:46 AM, Error: Service Control Manager [7024] - The HitmanPro 3.6 Crusader (Boot) service terminated with service-specific error The operation completed successfully..7/21/2012 10:32:50 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}7/21/2012 10:32:50 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}7/21/2012 10:31:58 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}7/21/2012 10:29:06 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.7/21/2012 10:29:05 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}7/21/2012 10:29:04 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}7/21/2012 10:28:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}7/21/2012 10:28:48 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}7/21/2012 10:27:55 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache RxFilter SASDIFSV SASKUTIL spldr sptd vpcvmm Wanarpv67/21/2012 10:27:48 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.7/21/2012 10:27:46 PM, Error: Service Control Manager [7001] - The Creative Audio Service service depends on the Windows Audio service which failed to start because of the following error: The dependency service or group failed to start.7/21/2012 10:27:16 PM, Error: sptd [4] - Driver detected an internal error in its data structures for .7/20/2012 11:07:12 PM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found.7/19/2012 11:08:51 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user James-PC\James SID (S-1-5-21-2482222888-3877877194-96238860-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.7/19/2012 1:05:59 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly..==== End Of File =========================== Link to post Share on other sites More sharing options...
jamesost Posted July 26, 2012 Author ID:576993 Share Posted July 26, 2012 Anything else I need to submit? I'm not being impatient...you excellent folks will get to my post when you can, I just want to make sure I have posted all the needed info. Thanks! Link to post Share on other sites More sharing options...
Staff screen317 Posted July 30, 2012 Staff ID:578324 Share Posted July 30, 2012 Hi,Sorry for the delay. You're doing fine. Please visit this webpage for instructions for running ComboFix:http://www.bleepingcomputer.com/combofix/how-to-use-combofixWhen the tool is finished, it will produce a report for you.Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.-screen317 Link to post Share on other sites More sharing options...
Staff screen317 Posted August 7, 2012 Staff ID:581884 Share Posted August 7, 2012 Are you still with us? This topic will be closed in a few days if we do not hear back from you. Link to post Share on other sites More sharing options...
jamesost Posted August 8, 2012 Author ID:582117 Share Posted August 8, 2012 Yes sorry. I missed the email notifying me a reply had been made.Ok so I ran Combofix (log below), but had to system restore to before I ran it because after the reboot I couldnt launch any web browsers....it kept saying it was unable to open because it was using a registry file marked for deletion or something like that. That was for ie, firefox, chrome, etc. It also deleted my dell dock bar that's on my desktop (I use it for quick access to alot of short cuts). Any ideas?ComboFix 12-08-07.05 - James 08/08/2012 0:40.1.8 - x64Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8183.5295 [GMT -5:00]Running from: c:\users\James\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0ZM7D2RQ\ComboFix.exeAV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\program files (x86)\Mozilla Firefox\searchplugins\search.xmlc:\program files (x86)\somototoolbar\vmNTemplatex.dllc:\users\James\AppData\Roaming\16a2abb0c:\users\James\AppData\Roaming\1793673ac:\users\James\AppData\Roaming\19f0f3bbc:\users\James\AppData\Roaming\1ad3221ec:\users\James\AppData\Roaming\1bda8811c:\users\James\AppData\Roaming\1cb18b21c:\users\James\AppData\Roaming\223227a4c:\users\James\AppData\Roaming\2320cea3c:\users\James\AppData\Roaming\232b3f14c:\users\James\AppData\Roaming\2418c82cc:\users\James\AppData\Roaming\25f0e615c:\users\James\AppData\Roaming\27a2ae01c:\users\James\AppData\Roaming\287de3e1c:\users\James\AppData\Roaming\2951fd3dc:\users\James\AppData\Roaming\2a3d0dedc:\users\James\AppData\Roaming\2b1e63edc:\users\James\AppData\Roaming\376fdd8ec:\users\James\AppData\Roaming\380b2b4cc:\users\James\AppData\Roaming\385f7d06c:\users\James\AppData\Roaming\38f880a0c:\users\James\AppData\Roaming\3e9489c3c:\users\James\AppData\Roaming\3f82116bc:\users\James\AppData\Roaming\597a3bd5c:\users\James\AppData\Roaming\5a684dbcc:\users\James\AppData\Roaming\63d62c86c:\users\James\AppData\Roaming\64c3cb7bc:\users\James\AppData\Roaming\6b4f349fc:\users\James\AppData\Roaming\6c3ffb3dc:\users\James\AppData\Roaming\8a8171d5c:\users\James\AppData\Roaming\8b771eeec:\users\James\AppData\Roaming\8ff04ce5c:\users\James\AppData\Roaming\9218299dc:\users\James\AppData\Roaming\b534095fc:\users\James\AppData\Roaming\b6294e5dc:\users\James\AppData\Roaming\c12f447fc:\users\James\AppData\Roaming\cb33b891c:\users\James\AppData\Roaming\cc1cab39c:\users\James\AppData\Roaming\d2c85dcdc:\users\James\AppData\Roaming\d3aba057c:\users\James\AppData\Roaming\d803b1e9c:\users\James\AppData\Roaming\d8f55d6dc:\users\James\AppData\Roaming\d9d12f8fc:\users\James\AppData\Roaming\dac56b76c:\users\James\AppData\Roaming\dba5d6d6c:\users\James\AppData\Roaming\dc7822f2c:\users\James\AppData\Roaming\dce1b353c:\users\James\AppData\Roaming\dd5407b6c:\users\James\AppData\Roaming\ddcb6562c:\users\James\AppData\Roaming\de2a099ac:\users\James\AppData\Roaming\de71f7ddc:\users\James\AppData\Roaming\df5aae37c:\users\James\AppData\Roaming\e3b4c878c:\users\James\AppData\Roaming\e49bb10ec:\users\James\AppData\Roaming\e7b451e9c:\users\James\AppData\Roaming\e9081959c:\users\James\AppData\Roaming\e9fe67c9c:\users\James\AppData\Roaming\ea82c953c:\users\James\AppData\Roaming\eae8ac31c:\users\James\AppData\Roaming\eb6095eec:\users\James\AppData\Roaming\ec31ae4ec:\users\James\AppData\Roaming\ed336c21c:\users\James\AppData\Roaming\ee154145c:\users\James\AppData\Roaming\f7a56c49c:\users\James\AppData\Roaming\f886ce05c:\users\James\AppData\Roaming\Mozilla\Firefox\Profiles\72zwrn9e.default\searchplugins\bing-zugo.xmlc:\windows\assembly\GAC_32\Desktop.inic:\windows\assembly\GAC_64\Desktop.inic:\windows\SysWow64\htmlc:\windows\SysWow64\html\calendar.htmlc:\windows\SysWow64\html\calendarbottom.htmlc:\windows\SysWow64\html\calendartop.htmlc:\windows\SysWow64\html\crystalexportdialog.htmc:\windows\SysWow64\html\crystalprinthost.htmlc:\windows\SysWow64\imagesc:\windows\SysWow64\images\toolbar\calendar.gifc:\windows\SysWow64\images\toolbar\crlogo.gifc:\windows\SysWow64\images\toolbar\export.gifc:\windows\SysWow64\images\toolbar\export_over.gifc:\windows\SysWow64\images\toolbar\exportd.gifc:\windows\SysWow64\images\toolbar\First.gifc:\windows\SysWow64\images\toolbar\first_over.gifc:\windows\SysWow64\images\toolbar\Firstd.gifc:\windows\SysWow64\images\toolbar\gotopage.gifc:\windows\SysWow64\images\toolbar\gotopage_over.gifc:\windows\SysWow64\images\toolbar\gotopaged.gifc:\windows\SysWow64\images\toolbar\grouptree.gifc:\windows\SysWow64\images\toolbar\grouptree_over.gifc:\windows\SysWow64\images\toolbar\grouptreed.gifc:\windows\SysWow64\images\toolbar\grouptreepressed.gifc:\windows\SysWow64\images\toolbar\Last.gifc:\windows\SysWow64\images\toolbar\last_over.gifc:\windows\SysWow64\images\toolbar\Lastd.gifc:\windows\SysWow64\images\toolbar\Next.gifc:\windows\SysWow64\images\toolbar\next_over.gifc:\windows\SysWow64\images\toolbar\Nextd.gifc:\windows\SysWow64\images\toolbar\Prev.gifc:\windows\SysWow64\images\toolbar\prev_over.gifc:\windows\SysWow64\images\toolbar\Prevd.gifc:\windows\SysWow64\images\toolbar\print.gifc:\windows\SysWow64\images\toolbar\print_over.gifc:\windows\SysWow64\images\toolbar\printd.gifc:\windows\SysWow64\images\toolbar\Refresh.gifc:\windows\SysWow64\images\toolbar\refresh_over.gifc:\windows\SysWow64\images\toolbar\refreshd.gifc:\windows\SysWow64\images\toolbar\Search.gifc:\windows\SysWow64\images\toolbar\search_over.gifc:\windows\SysWow64\images\toolbar\searchd.gifc:\windows\SysWow64\images\toolbar\up.gifc:\windows\SysWow64\images\toolbar\up_over.gifc:\windows\SysWow64\images\toolbar\upd.gifc:\windows\SysWow64\images\tree\begindots.gifc:\windows\SysWow64\images\tree\beginminus.gifc:\windows\SysWow64\images\tree\beginplus.gifc:\windows\SysWow64\images\tree\blank.gifc:\windows\SysWow64\images\tree\blankdots.gifc:\windows\SysWow64\images\tree\dots.gifc:\windows\SysWow64\images\tree\lastdots.gifc:\windows\SysWow64\images\tree\lastminus.gifc:\windows\SysWow64\images\tree\lastplus.gifc:\windows\SysWow64\images\tree\Magnify.gifc:\windows\SysWow64\images\tree\minus.gifc:\windows\SysWow64\images\tree\minusbox.gifc:\windows\SysWow64\images\tree\plus.gifc:\windows\SysWow64\images\tree\plusbox.gifc:\windows\SysWow64\images\tree\singleminus.gifc:\windows\SysWow64\images\tree\singleplus.gifc:\windows\SysWow64\Packet.dllc:\windows\SysWow64\pthreadVC.dllc:\windows\SysWow64\URTTempc:\windows\SysWow64\URTTemp\regtlib.exec:\windows\SysWow64\wpcap.dllc:\windows\TEMP\jna3731133300231579884.dll.Infected copy of c:\windows\system32\Services.exe was found and disinfected Restored copy from - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe ..((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))..-------\Legacy_NPF-------\Service_npf..((((((((((((((((((((((((( Files Created from 2012-07-08 to 2012-08-08 )))))))))))))))))))))))))))))))..2012-08-08 05:52 . 2012-08-08 05:52 -------- d-----w- c:\users\Default\AppData\Local\temp2012-07-22 06:02 . 2012-07-22 06:02 30496 ----a-w- c:\windows\system32\drivers\hitmanpro36.sys2012-07-22 05:47 . 2012-07-22 06:00 -------- d-----w- c:\programdata\HitmanPro2012-07-22 05:46 . 2012-07-22 05:46 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%2012-07-22 02:43 . 2012-07-22 02:45 -------- d-----w- c:\programdata\225932DF004DBD4017751010F875F0022012-07-15 21:31 . 2012-07-15 21:34 -------- d-----w- c:\users\James\AppData\Roaming\ts3overlay2012-07-15 21:30 . 2012-07-15 21:49 -------- d-----w- c:\users\James\AppData\Roaming\TS3Client2012-07-15 21:27 . 2012-07-15 21:27 -------- d-----w- c:\users\James\AppData\Local\TeamSpeak 3 Client2012-07-13 16:07 . 2012-07-13 16:07 -------- d-----w- c:\users\James\AppData\Local\Macromedia2012-07-12 15:35 . 2012-07-12 15:35 -------- d-----w- c:\programdata\ALM2012-07-12 15:19 . 2006-09-29 11:56 28248 ----a-r- c:\windows\SysWow64\AdobePDF.dll2012-07-12 06:32 . 2012-07-12 06:32 -------- d-----w- c:\program files (x86)\Common Files\Macrovision Shared2012-07-12 06:17 . 2012-07-12 06:17 -------- d-----w- c:\program files (x86)\NCH Software2012-07-11 20:58 . 2012-07-11 20:58 -------- d-----w- c:\programdata\FLEXnet2012-07-11 08:14 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys2012-07-11 05:22 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll2012-07-11 05:21 . 2012-06-02 04:40 22016 ----a-w- c:\windows\SysWow64\secur32.dll2012-07-11 05:21 . 2012-06-02 04:34 96768 ----a-w- c:\windows\SysWow64\sspicli.dll2012-07-11 05:21 . 2012-06-06 06:05 1499136 ----a-w- c:\program files\Common Files\System\ado\msado15.dll2012-07-11 05:21 . 2012-06-06 05:05 1019904 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll2012-07-11 05:21 . 2012-06-06 06:05 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll2012-07-11 05:21 . 2012-06-06 06:05 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll2012-07-11 05:21 . 2012-06-06 05:03 805376 ----a-w- c:\windows\SysWow64\cdosys.dll2012-07-11 05:21 . 2012-06-06 06:05 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll2012-07-11 05:21 . 2012-06-06 06:05 61440 ----a-w- c:\program files\Common Files\System\ado\msador15.dll2012-07-11 05:21 . 2012-06-06 05:05 352256 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll2012-07-11 05:21 . 2012-06-06 05:05 57344 ----a-w- c:\program files (x86)\Common Files\System\ado\msador15.dll2012-07-11 05:21 . 2012-06-06 05:05 212992 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll2012-07-11 05:20 . 2012-06-06 05:05 143360 ----a-w- c:\program files (x86)\Common Files\System\ado\msjro.dll2012-07-11 05:20 . 2012-06-06 05:05 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll2012-07-11 05:20 . 2012-06-06 06:02 1133568 ----a-w- c:\windows\system32\cdosys.dll2012-07-11 04:26 . 2012-07-11 16:48 -------- d-----w- c:\users\James\AdobeLicensingFilesBackup2012-07-10 05:33 . 2012-07-10 05:33 -------- d-----w- c:\windows\en2012-07-10 05:29 . 2012-07-10 05:28 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll2012-07-10 05:27 . 2012-07-10 05:27 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a165685d1cd5e5c03\DSETUP.dll2012-07-10 05:27 . 2012-07-10 05:27 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a165685d1cd5e5c03\DXSETUP.exe2012-07-10 05:27 . 2012-07-10 05:27 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a165685d1cd5e5c03\dsetup32.dll2012-07-10 04:05 . 2012-07-10 04:05 -------- d-----w- c:\users\James\AppData\Local\MPlayer2012-07-10 03:59 . 2012-07-10 04:05 -------- d-----w- c:\users\James\.dvdcss2012-07-10 03:59 . 2012-07-10 03:59 -------- d-----w- c:\users\James\fontconfig2012-07-10 03:58 . 2012-07-10 03:58 -------- d-----w- c:\program files (x86)\SnowFox Software...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2012-08-03 07:22 . 2012-06-05 19:52 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2012-08-03 07:22 . 2011-09-12 04:18 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2012-07-11 08:08 . 2010-03-30 22:38 59701280 ----a-w- c:\windows\system32\MRT.exe2012-07-03 18:46 . 2010-10-27 07:12 24904 ----a-w- c:\windows\system32\drivers\mbam.sys2012-06-02 22:19 . 2012-06-21 10:25 38424 ----a-w- c:\windows\system32\wups.dll2012-06-02 22:19 . 2012-06-21 10:26 2428952 ----a-w- c:\windows\system32\wuaueng.dll2012-06-02 22:19 . 2012-06-21 10:26 57880 ----a-w- c:\windows\system32\wuauclt.exe2012-06-02 22:19 . 2012-06-21 10:26 44056 ----a-w- c:\windows\system32\wups2.dll2012-06-02 22:19 . 2012-06-21 10:25 701976 ----a-w- c:\windows\system32\wuapi.dll2012-06-02 22:15 . 2012-06-21 10:26 2622464 ----a-w- c:\windows\system32\wucltux.dll2012-06-02 22:15 . 2012-06-21 10:25 99840 ----a-w- c:\windows\system32\wudriver.dll2012-06-02 20:19 . 2012-06-21 10:24 186752 ----a-w- c:\windows\system32\wuwebv.dll2012-06-02 20:15 . 2012-06-21 10:24 36864 ----a-w- c:\windows\system32\wuapp.exe2011-09-16 20:12 . 2012-02-23 06:38 143240 ----a-w- c:\program files (x86)\Common Files\ApnStub.exe2010-01-26 16:11 . 2012-02-23 06:38 444283 ----a-w- c:\program files (x86)\Common Files\WinPcapNmap.exe..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2010-03-19 5248312]"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2010-04-15 427328]"Akamai NetSession Interface"="c:\users\James\AppData\Local\Akamai\netsession_win.exe" [2012-05-26 4327744]"MilShieldSlave"="c:\program files (x86)\Mil Incorporated\Mil Shield\ShieldWorker.exe" [2012-01-22 1861120]"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-07-24 5661056]"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-29 39408].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"ShwiconXP9106"="c:\program files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe" [2009-07-17 237568]"VolPanel"="c:\program files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2009-02-03 237693]"SPIRunE"="SPIRunE.dll" [2009-07-27 18432]"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2009-07-07 1779952]"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520]"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-22 1675160]"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-23 620152].c:\users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-30 1316192]VDownloader.lnk - c:\program files (x86)\VDownloader\VDownloader.exe [2012-2-23 865280].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe [2012-7-12 295606]Adobe Acrobat Synchronizer.lnk - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-23 734872]BounceBack Launcher.lnk - c:\program files (x86)\CMS Peripherals\BounceBack Express\BBLauncher.exe [2010-4-18 98304]CrashPlan Tray.lnk - c:\program files\CrashPlan\CrashPlanTray.exe [2012-3-26 217088]McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]Monitor Apache Servers.lnk - c:\apache\bin\ApacheMonitor.exe [2010-7-30 41051].c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-30 1316192].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]"mixer5"=wdmaud.drv.[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36Crusader]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36CrusaderBoot]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]@="".R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-29 136176]R2 SessionLauncher;SessionLauncher;c:\users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [x]R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-03 250056]R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2009-11-18 79360]R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-11-18 79360]R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-29 136176]R3 hitmanpro36;Hitman Pro 3.5 Support Driver;c:\windows\system32\drivers\hitmanpro36.sys [2012-07-22 30496]R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-02-22 100912]R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]R3 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-26 1124848]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-29 1255736]R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 61976]R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-02-22 289664]S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-07-02 828912]S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2012-02-22 75936]S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-05-14 140672]S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]S2 Apache2.2;Apache2.2;c:\apache\bin\httpd.exe [2010-07-30 24645]S2 CrashPlanService;CrashPlan Backup Service;c:\program files\CrashPlan\CrashPlanService.exe [2012-03-26 222720]S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]S2 Freedom Scientific Kernel Manager {D2B4C7A7-7605-4039-89E4-DE5CC69BBE9D};Freedom Scientific Kernel Manager;c:\windows\system32\fsKMgr.dll [2010-04-13 23584]S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]S2 McciCMService64;McciCMService64;c:\program files\Common Files\Motive\McciCMService.exe [2009-09-03 517632]S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-03-20 210584]S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2012-03-20 162192]S2 MsDtsServer100;SQL Server Integration Services 10.0;c:\program files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [2008-07-10 214040]S2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSRS10.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2009-03-30 2075480]S2 Sentinel64;Sentinel64;c:\windows\System32\Drivers\Sentinel64.sys [2008-07-11 145448]S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-02-22 65264]S3 fsvidmir;fsvidmir;c:\windows\system32\DRIVERS\fsvidmir.sys [2010-04-13 10784]S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-20 317480]S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-02-22 487296]S3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [2008-07-10 34840]S3 t3;Sound Blaster X-Fi Xtreme Audio;c:\windows\system32\drivers\t3.sys [2009-07-27 639512]S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [2010-12-24 29288]S3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [2010-12-24 29288]S3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [2010-12-24 29288]S3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [2010-12-24 29288]S3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [2010-12-24 29288]..--- Other Services/Drivers In Memory ---.*Deregistered* - mfeavfk01.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]Akamai REG_MULTI_SZ Akamai.Contents of the 'Scheduled Tasks' folder.2012-08-08 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-05 07:22].2012-08-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-29 04:59].2012-08-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-29 04:59].2012-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2482222888-3877877194-96238860-1000Core.job- c:\users\James\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-02 06:33].2012-08-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2482222888-3877877194-96238860-1000UA.job- c:\users\James\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-02 06:33].2012-08-08 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 6b76aca1-24e7-4e75-a3c3-b5e5e6079c7b.job- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52].2012-08-07 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task f7bc7068-c2fd-4a47-9975-b63ad374073a.job- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"combofix"="c:\combofix\CF2214.3XE" [2010-11-20 345088].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]"LoadAppInit_DLLs"=0x1.------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmuStart Page = hxxp://google.com/mLocal Page = c:\windows\SysWOW64\blank.htmuInternet Settings,ProxyOverride = <local>;*.localIE: Append to existing PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert link target to Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: Convert link target to existing PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert selected links to Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlIE: Convert selected links to existing PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlIE: Convert selection to Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: Convert selection to existing PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert to Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000Trusted Zone: mesquiteisd.orgTrusted Zone: mesquiteisd.org\elearn2Trusted Zone: mesquiteisd.org\wwwTrusted Zone: twixt.us\beTCP: DhcpNameServer = 192.168.1.254FF - ProfilePath - c:\users\James\AppData\Roaming\Mozilla\Firefox\Profiles\72zwrn9e.default\FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}FF - prefs.js: browser.search.selectedEngine - Search ResultsFF - prefs.js: browser.startup.homepage - hxxp://www.google.comFF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z045&form=ZGAADF&q=FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}FF - Ext: Java Console: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}FF - Ext: Web Developer: {c45c406e-ab73-11d8-be73-000a95be3b12} - %profile%\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}FF - Ext: Firebug: firebug@software.joehewitt.com - %profile%\extensions\firebug@software.joehewitt.comFF - Ext: MacOSX Theme: {00352F14-3F76-4e4d-ACFF-9972D7E4B3B9} - %profile%\extensions\{00352F14-3F76-4e4d-ACFF-9972D7E4B3B9}FF - Ext: Firefox Accessibility Extension: accessext@cita.uiuc.edu - %profile%\extensions\accessext@cita.uiuc.eduFF - Ext: Fangs: {21D01944-2878-4eb3-A72A-83E8D1E6D4A6} - %profile%\extensions\{21D01944-2878-4eb3-A72A-83E8D1E6D4A6}FF - Ext: Juicy Studio Colour Contrast Analyser: {34c51bf3-5fb2-4799-8cca-d5b8567cf7ef} - %profile%\extensions\{34c51bf3-5fb2-4799-8cca-d5b8567cf7ef}FF - Ext: YSlow: yslow@yahoo-inc.com - %profile%\extensions\yslow@yahoo-inc.comFF - Ext: Firecookie: firecookie@janodvarko.cz - %profile%\extensions\firecookie@janodvarko.czFF - Ext: FirePHP: FirePHPExtension-Build@firephp.org - %profile%\extensions\FirePHPExtension-Build@firephp.orgFF - Ext: Pixel Perfect: pixelperfectplugin@openhouseconcepts.com - %profile%\extensions\pixelperfectplugin@openhouseconcepts.comFF - Ext: FireRainbow: firerainbow@hildebrand.cz - %profile%\extensions\firerainbow@hildebrand.czFF - Ext: CodeBurner for Firebug: firebug@tools.sitepoint.com - %profile%\extensions\firebug@tools.sitepoint.comFF - Ext: Font Finder: fontfinder@bendodson.com - %profile%\extensions\fontfinder@bendodson.comFF - Ext: SomotoToolbar: {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - %profile%\extensions\{c3721e85-f0ac-4b7e-ae4c-3e738011dc9d}FF - Ext: XfireXO Community Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - %profile%\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}FF - Ext: CacheViewer: {71328583-3CA7-4809-B4BA-570A85818FBB} - %profile%\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}FF - Ext: Cache Status: cache@status.org - %profile%\extensions\cache@status.orgFF - Ext: VDownloader: support@vdownloader.com - c:\program files (x86)\VDownloader\Addons\FireFox.- - - - ORPHANS REMOVED - - - -.Wow6432Node-HKLM-Run-BounceBack Setup - c:\program files (x86)\CMS Peripherals\BounceBack Express\AppLaunch.exeWow6432Node-HKLM-Run-RegistryQuick.exe - c:\program files (x86)\RegQuick\RegistryQuick.exeWow6432Node-HKLM-Run-Wondershare Helper Compact.exe - c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exeToolbar-Locked - (no file)Toolbar-10 - (no file)WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)WebBrowser-{5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - (no file)ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exeAddRemove-Notepad++ - c:\program files (x86)\Notepad++\uninstall.exeAddRemove-Octoshape add-in for Adobe Flash Player - c:\users\James\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe...[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL]"ImagePath"="\"c:\mysql\bin\mysqld\" --defaults-file=\"c:\mysql\my.ini\" MySQL".--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_USERS\S-1-5-21-2482222888-3877877194-96238860-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]@Denied: (2) (LocalSystem)"Progid"="WindowsLiveMail.Email.1".[HKEY_USERS\S-1-5-21-2482222888-3877877194-96238860-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]@Denied: (2) (LocalSystem)"Progid"="WindowsLiveMail.VCard.1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.11".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]@Denied: (A 2) (Everyone)@="IFlashBroker4".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]@Denied: (A) (Everyone)"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}".[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]@Denied: (A) (Everyone)"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}".[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane]@Denied: (A) (Everyone).[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]"Key"="ActionsPane""Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd".[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]@Denied: (A) (Everyone).[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]"Key"="ActionsPane3""Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).------------------------ Other Running Processes ------------------------.c:\program files (x86)\Creative\Shared Files\CTAudSvc.exec:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exec:\program files (x86)\Common Files\Motive\McciCMService.exec:\program files (x86)\Mil Incorporated\Mil Shield\ShieldService.exec:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exec:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exec:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe.**************************************************************************.Completion time: 2012-08-08 01:05:36 - machine was rebootedComboFix-quarantined-files.txt 2012-08-08 06:05.Pre-Run: 375,894,724,608 bytes freePost-Run: 376,919,683,072 bytes free.- - End Of File - - 4B33AA21EB0043CC2FC2E01FB09150FC Link to post Share on other sites More sharing options...
jamesost Posted August 8, 2012 Author ID:582119 Share Posted August 8, 2012 The only sign that I've noticed pointing to a possible infection of some kind is that I can't play any online game now. It connects for about 1-2 minutes and then my connection drops and I can't connect to any online gaming server unless I reboot. Then I get another 1-2 minutes and it loses a connection and is unable to obtain one. This was never a problem before. Link to post Share on other sites More sharing options...
Staff screen317 Posted August 8, 2012 Staff ID:582386 Share Posted August 8, 2012 Hi,Ok so I ran Combofix (log below), but had to system restore to before I ran it because after the reboot I couldnt launch any web browsers....it kept saying it was unable to open because it was using a registry file marked for deletion or something like that. That was for ie, firefox, chrome, etc. It also deleted my dell dock bar that's on my desktop (I use it for quick access to alot of short cuts).This is normal and only requires a reboot... You should have done that before a whole System Restore...Please grab a fresh copy of ComboFix, run it, and post its log in addition to a fresh DDS log. Link to post Share on other sites More sharing options...
jamesost Posted August 8, 2012 Author ID:582424 Share Posted August 8, 2012 This is normal and only requires a reboot... You should have done that before a whole System Restore...That's what I'm telling you...Combofix did reboot the computer...upon the reboot I could not open any web browser connection. Are you saying I need to reboot it twice? I've used Combofix a few times in the past and I've never seen the error I was getting last night when trying to launch a browser. Link to post Share on other sites More sharing options...
Staff screen317 Posted August 8, 2012 Staff ID:582427 Share Posted August 8, 2012 I mean an additional reboot. It only happens in certain scenarios. I'll update my instructions to include it for the future. Link to post Share on other sites More sharing options...
jamesost Posted August 8, 2012 Author ID:582435 Share Posted August 8, 2012 No worries...you were right...I uninstalled combofix, downloaded a fresh copy, ran, and did the additional reboot and it worked. I'll post the new log and the new DDS log below...ALSO, the Combofix again uninstalled my Dell Dock shortcuts bar at the top of my screen and I'll need to reverse that deletion...I know MrCharlie has walked me through that before but I forgot what we did...combofix does not like the dell dock add-on lol. Link to post Share on other sites More sharing options...
jamesost Posted August 8, 2012 Author ID:582436 Share Posted August 8, 2012 ComboFix 12-08-08.01 - James 08/08/2012 13:46:04.1.8 - x64Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8183.4934 [GMT -5:00]Running from: c:\users\James\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0ZM7D2RQ\ComboFix.exeAV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\program files (x86)\somototoolbar\vmNTemplatex.dllc:\windows\assembly\GAC_32\Desktop.inic:\windows\assembly\GAC_64\Desktop.inic:\windows\SysWow64\htmlc:\windows\SysWow64\html\calendar.htmlc:\windows\SysWow64\html\calendarbottom.htmlc:\windows\SysWow64\html\calendartop.htmlc:\windows\SysWow64\html\crystalexportdialog.htmc:\windows\SysWow64\html\crystalprinthost.htmlc:\windows\SysWow64\imagesc:\windows\SysWow64\images\toolbar\calendar.gifc:\windows\SysWow64\images\toolbar\crlogo.gifc:\windows\SysWow64\images\toolbar\export.gifc:\windows\SysWow64\images\toolbar\export_over.gifc:\windows\SysWow64\images\toolbar\exportd.gifc:\windows\SysWow64\images\toolbar\First.gifc:\windows\SysWow64\images\toolbar\first_over.gifc:\windows\SysWow64\images\toolbar\Firstd.gifc:\windows\SysWow64\images\toolbar\gotopage.gifc:\windows\SysWow64\images\toolbar\gotopage_over.gifc:\windows\SysWow64\images\toolbar\gotopaged.gifc:\windows\SysWow64\images\toolbar\grouptree.gifc:\windows\SysWow64\images\toolbar\grouptree_over.gifc:\windows\SysWow64\images\toolbar\grouptreed.gifc:\windows\SysWow64\images\toolbar\grouptreepressed.gifc:\windows\SysWow64\images\toolbar\Last.gifc:\windows\SysWow64\images\toolbar\last_over.gifc:\windows\SysWow64\images\toolbar\Lastd.gifc:\windows\SysWow64\images\toolbar\Next.gifc:\windows\SysWow64\images\toolbar\next_over.gifc:\windows\SysWow64\images\toolbar\Nextd.gifc:\windows\SysWow64\images\toolbar\Prev.gifc:\windows\SysWow64\images\toolbar\prev_over.gifc:\windows\SysWow64\images\toolbar\Prevd.gifc:\windows\SysWow64\images\toolbar\print.gifc:\windows\SysWow64\images\toolbar\print_over.gifc:\windows\SysWow64\images\toolbar\printd.gifc:\windows\SysWow64\images\toolbar\Refresh.gifc:\windows\SysWow64\images\toolbar\refresh_over.gifc:\windows\SysWow64\images\toolbar\refreshd.gifc:\windows\SysWow64\images\toolbar\Search.gifc:\windows\SysWow64\images\toolbar\search_over.gifc:\windows\SysWow64\images\toolbar\searchd.gifc:\windows\SysWow64\images\toolbar\up.gifc:\windows\SysWow64\images\toolbar\up_over.gifc:\windows\SysWow64\images\toolbar\upd.gifc:\windows\SysWow64\images\tree\begindots.gifc:\windows\SysWow64\images\tree\beginminus.gifc:\windows\SysWow64\images\tree\beginplus.gifc:\windows\SysWow64\images\tree\blank.gifc:\windows\SysWow64\images\tree\blankdots.gifc:\windows\SysWow64\images\tree\dots.gifc:\windows\SysWow64\images\tree\lastdots.gifc:\windows\SysWow64\images\tree\lastminus.gifc:\windows\SysWow64\images\tree\lastplus.gifc:\windows\SysWow64\images\tree\Magnify.gifc:\windows\SysWow64\images\tree\minus.gifc:\windows\SysWow64\images\tree\minusbox.gifc:\windows\SysWow64\images\tree\plus.gifc:\windows\SysWow64\images\tree\plusbox.gifc:\windows\SysWow64\images\tree\singleminus.gifc:\windows\SysWow64\images\tree\singleplus.gifc:\windows\SysWow64\Packet.dllc:\windows\SysWow64\pthreadVC.dllc:\windows\SysWow64\URTTempc:\windows\SysWow64\URTTemp\regtlib.exec:\windows\SysWow64\wpcap.dllc:\windows\TEMP\jna8753694720409624291.dll.Infected copy of c:\windows\system32\Services.exe was found and disinfected Restored copy from - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe ..((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))..-------\Legacy_NPF-------\Service_npf..((((((((((((((((((((((((( Files Created from 2012-07-08 to 2012-08-08 )))))))))))))))))))))))))))))))..2012-08-08 18:55 . 2012-08-08 18:55 -------- d-----w- c:\users\Default\AppData\Local\temp2012-07-22 06:02 . 2012-07-22 06:02 30496 ----a-w- c:\windows\system32\drivers\hitmanpro36.sys2012-07-22 05:47 . 2012-07-22 06:00 -------- d-----w- c:\programdata\HitmanPro2012-07-22 05:46 . 2012-07-22 05:46 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%2012-07-22 02:43 . 2012-07-22 02:45 -------- d-----w- c:\programdata\225932DF004DBD4017751010F875F0022012-07-15 21:31 . 2012-07-15 21:34 -------- d-----w- c:\users\James\AppData\Roaming\ts3overlay2012-07-15 21:30 . 2012-07-15 21:49 -------- d-----w- c:\users\James\AppData\Roaming\TS3Client2012-07-15 21:27 . 2012-07-15 21:27 -------- d-----w- c:\users\James\AppData\Local\TeamSpeak 3 Client2012-07-13 16:07 . 2012-07-13 16:07 -------- d-----w- c:\users\James\AppData\Local\Macromedia2012-07-12 15:35 . 2012-07-12 15:35 -------- d-----w- c:\programdata\ALM2012-07-12 15:19 . 2006-09-29 11:56 28248 ----a-r- c:\windows\SysWow64\AdobePDF.dll2012-07-12 06:32 . 2012-07-12 06:32 -------- d-----w- c:\program files (x86)\Common Files\Macrovision Shared2012-07-12 06:17 . 2012-07-12 06:17 -------- d-----w- c:\program files (x86)\NCH Software2012-07-11 20:58 . 2012-08-08 06:14 -------- d-----w- c:\programdata\FLEXnet2012-07-11 08:14 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys2012-07-11 05:22 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll2012-07-11 05:21 . 2012-06-02 04:40 22016 ----a-w- c:\windows\SysWow64\secur32.dll2012-07-11 05:21 . 2012-06-02 04:34 96768 ----a-w- c:\windows\SysWow64\sspicli.dll2012-07-11 05:21 . 2012-06-06 06:05 1499136 ----a-w- c:\program files\Common Files\System\ado\msado15.dll2012-07-11 05:21 . 2012-06-06 05:05 1019904 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll2012-07-11 05:21 . 2012-06-06 06:05 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll2012-07-11 05:21 . 2012-06-06 06:05 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll2012-07-11 05:21 . 2012-06-06 05:03 805376 ----a-w- c:\windows\SysWow64\cdosys.dll2012-07-11 05:21 . 2012-06-06 06:05 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll2012-07-11 05:21 . 2012-06-06 06:05 61440 ----a-w- c:\program files\Common Files\System\ado\msador15.dll2012-07-11 05:21 . 2012-06-06 05:05 352256 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll2012-07-11 05:21 . 2012-06-06 05:05 57344 ----a-w- c:\program files (x86)\Common Files\System\ado\msador15.dll2012-07-11 05:21 . 2012-06-06 05:05 212992 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll2012-07-11 05:20 . 2012-06-06 05:05 143360 ----a-w- c:\program files (x86)\Common Files\System\ado\msjro.dll2012-07-11 05:20 . 2012-06-06 05:05 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll2012-07-11 05:20 . 2012-06-06 06:02 1133568 ----a-w- c:\windows\system32\cdosys.dll2012-07-11 04:26 . 2012-07-11 16:48 -------- d-----w- c:\users\James\AdobeLicensingFilesBackup2012-07-10 05:33 . 2012-07-10 05:33 -------- d-----w- c:\windows\en2012-07-10 05:29 . 2012-07-10 05:28 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll2012-07-10 05:27 . 2012-07-10 05:27 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a165685d1cd5e5c03\DSETUP.dll2012-07-10 05:27 . 2012-07-10 05:27 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a165685d1cd5e5c03\DXSETUP.exe2012-07-10 05:27 . 2012-07-10 05:27 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a165685d1cd5e5c03\dsetup32.dll2012-07-10 04:05 . 2012-07-10 04:05 -------- d-----w- c:\users\James\AppData\Local\MPlayer2012-07-10 03:59 . 2012-07-10 04:05 -------- d-----w- c:\users\James\.dvdcss2012-07-10 03:59 . 2012-07-10 03:59 -------- d-----w- c:\users\James\fontconfig2012-07-10 03:58 . 2012-07-10 03:58 -------- d-----w- c:\program files (x86)\SnowFox Software...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2012-08-03 07:22 . 2012-06-05 19:52 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2012-08-03 07:22 . 2011-09-12 04:18 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2012-07-11 08:08 . 2010-03-30 22:38 59701280 ----a-w- c:\windows\system32\MRT.exe2012-07-03 18:46 . 2010-10-27 07:12 24904 ----a-w- c:\windows\system32\drivers\mbam.sys2012-06-02 22:19 . 2012-06-21 10:25 38424 ----a-w- c:\windows\system32\wups.dll2012-06-02 22:19 . 2012-06-21 10:26 2428952 ----a-w- c:\windows\system32\wuaueng.dll2012-06-02 22:19 . 2012-06-21 10:26 57880 ----a-w- c:\windows\system32\wuauclt.exe2012-06-02 22:19 . 2012-06-21 10:26 44056 ----a-w- c:\windows\system32\wups2.dll2012-06-02 22:19 . 2012-06-21 10:25 701976 ----a-w- c:\windows\system32\wuapi.dll2012-06-02 22:15 . 2012-06-21 10:26 2622464 ----a-w- c:\windows\system32\wucltux.dll2012-06-02 22:15 . 2012-06-21 10:25 99840 ----a-w- c:\windows\system32\wudriver.dll2012-06-02 20:19 . 2012-06-21 10:24 186752 ----a-w- c:\windows\system32\wuwebv.dll2012-06-02 20:15 . 2012-06-21 10:24 36864 ----a-w- c:\windows\system32\wuapp.exe2011-09-16 20:12 . 2012-02-23 06:38 143240 ----a-w- c:\program files (x86)\Common Files\ApnStub.exe2010-01-26 16:11 . 2012-02-23 06:38 444283 ----a-w- c:\program files (x86)\Common Files\WinPcapNmap.exe..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2010-03-19 5248312]"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2010-04-15 427328]"Akamai NetSession Interface"="c:\users\James\AppData\Local\Akamai\netsession_win.exe" [2012-05-26 4327744]"MilShieldSlave"="c:\program files (x86)\Mil Incorporated\Mil Shield\ShieldWorker.exe" [2012-01-22 1861120]"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-07-24 5661056]"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-29 39408].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"ShwiconXP9106"="c:\program files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe" [2009-07-17 237568]"VolPanel"="c:\program files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2009-02-03 237693]"SPIRunE"="SPIRunE.dll" [2009-07-27 18432]"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2009-07-07 1779952]"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520]"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]"BounceBack Setup"="c:\program files (x86)\CMS Peripherals\BounceBack Express\AppLaunch.exe" [bU]"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-22 1675160]"RegistryQuick.exe"="c:\program files (x86)\RegQuick\RegistryQuick.exe" [bU]"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]"Wondershare Helper Compact.exe"="c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [bU]"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-23 620152].c:\users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-30 1316192]VDownloader.lnk - c:\program files (x86)\VDownloader\VDownloader.exe [2012-2-23 865280].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe [2012-7-12 295606]Adobe Acrobat Synchronizer.lnk - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-23 734872]BounceBack Launcher.lnk - c:\program files (x86)\CMS Peripherals\BounceBack Express\BBLauncher.exe [2010-4-18 98304]CrashPlan Tray.lnk - c:\program files\CrashPlan\CrashPlanTray.exe [2012-3-26 217088]McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]Monitor Apache Servers.lnk - c:\apache\bin\ApacheMonitor.exe [2010-7-30 41051].c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-30 1316192].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]"mixer5"=wdmaud.drv.[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36Crusader]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36CrusaderBoot]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]@="".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]@="".R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-29 136176]R2 SessionLauncher;SessionLauncher;c:\users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [x]R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-03 250056]R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2009-11-18 79360]R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-11-18 79360]R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-29 136176]R3 hitmanpro36;Hitman Pro 3.5 Support Driver;c:\windows\system32\drivers\hitmanpro36.sys [2012-07-22 30496]R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-02-22 100912]R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]R3 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-26 1124848]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-29 1255736]R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 61976]R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-02-22 289664]S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-07-02 828912]S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2012-02-22 75936]S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-05-14 140672]S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]S2 Apache2.2;Apache2.2;c:\apache\bin\httpd.exe [2010-07-30 24645]S2 CrashPlanService;CrashPlan Backup Service;c:\program files\CrashPlan\CrashPlanService.exe [2012-03-26 222720]S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]S2 Freedom Scientific Kernel Manager {D2B4C7A7-7605-4039-89E4-DE5CC69BBE9D};Freedom Scientific Kernel Manager;c:\windows\system32\fsKMgr.dll [2010-04-13 23584]S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]S2 McciCMService64;McciCMService64;c:\program files\Common Files\Motive\McciCMService.exe [2009-09-03 517632]S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-03-20 210584]S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2012-03-20 162192]S2 MsDtsServer100;SQL Server Integration Services 10.0;c:\program files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [2008-07-10 214040]S2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSRS10.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2009-03-30 2075480]S2 Sentinel64;Sentinel64;c:\windows\System32\Drivers\Sentinel64.sys [2008-07-11 145448]S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-02-22 65264]S3 fsvidmir;fsvidmir;c:\windows\system32\DRIVERS\fsvidmir.sys [2010-04-13 10784]S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-20 317480]S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-02-22 487296]S3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [2008-07-10 34840]S3 t3;Sound Blaster X-Fi Xtreme Audio;c:\windows\system32\drivers\t3.sys [2009-07-27 639512]S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [2010-12-24 29288]S3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [2010-12-24 29288]S3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [2010-12-24 29288]S3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [2010-12-24 29288]S3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [2010-12-24 29288]..--- Other Services/Drivers In Memory ---.*Deregistered* - mfeavfk01.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]Akamai REG_MULTI_SZ Akamai.Contents of the 'Scheduled Tasks' folder.2012-08-08 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-05 07:22].2012-08-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-29 04:59].2012-08-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-29 04:59].2012-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2482222888-3877877194-96238860-1000Core.job- c:\users\James\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-02 06:33].2012-08-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2482222888-3877877194-96238860-1000UA.job- c:\users\James\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-02 06:33].2012-08-08 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 6b76aca1-24e7-4e75-a3c3-b5e5e6079c7b.job- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52].2012-08-08 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task f7bc7068-c2fd-4a47-9975-b63ad374073a.job- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"combofix"="c:\combofix\CF25251.3XE" [2010-11-20 345088].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]"LoadAppInit_DLLs"=0x1.------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmuStart Page = hxxp://google.com/mLocal Page = c:\windows\SysWOW64\blank.htmuInternet Settings,ProxyOverride = <local>;*.localIE: Append to existing PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert link target to Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: Convert link target to existing PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert selected links to Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlIE: Convert selected links to existing PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlIE: Convert selection to Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: Convert selection to existing PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert to Adobe PDF - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000Trusted Zone: mesquiteisd.orgTrusted Zone: mesquiteisd.org\elearn2Trusted Zone: mesquiteisd.org\wwwTrusted Zone: twixt.us\beTCP: DhcpNameServer = 192.168.1.254FF - ProfilePath - c:\users\James\AppData\Roaming\Mozilla\Firefox\Profiles\72zwrn9e.default\FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}FF - prefs.js: browser.search.selectedEngine - Search ResultsFF - prefs.js: browser.startup.homepage - hxxp://www.google.comFF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z045&form=ZGAADF&q=FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}FF - Ext: Java Console: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}FF - Ext: Web Developer: {c45c406e-ab73-11d8-be73-000a95be3b12} - %profile%\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}FF - Ext: Firebug: firebug@software.joehewitt.com - %profile%\extensions\firebug@software.joehewitt.comFF - Ext: MacOSX Theme: {00352F14-3F76-4e4d-ACFF-9972D7E4B3B9} - %profile%\extensions\{00352F14-3F76-4e4d-ACFF-9972D7E4B3B9}FF - Ext: Firefox Accessibility Extension: accessext@cita.uiuc.edu - %profile%\extensions\accessext@cita.uiuc.eduFF - Ext: Fangs: {21D01944-2878-4eb3-A72A-83E8D1E6D4A6} - %profile%\extensions\{21D01944-2878-4eb3-A72A-83E8D1E6D4A6}FF - Ext: Juicy Studio Colour Contrast Analyser: {34c51bf3-5fb2-4799-8cca-d5b8567cf7ef} - %profile%\extensions\{34c51bf3-5fb2-4799-8cca-d5b8567cf7ef}FF - Ext: YSlow: yslow@yahoo-inc.com - %profile%\extensions\yslow@yahoo-inc.comFF - Ext: Firecookie: firecookie@janodvarko.cz - %profile%\extensions\firecookie@janodvarko.czFF - Ext: FirePHP: FirePHPExtension-Build@firephp.org - %profile%\extensions\FirePHPExtension-Build@firephp.orgFF - Ext: Pixel Perfect: pixelperfectplugin@openhouseconcepts.com - %profile%\extensions\pixelperfectplugin@openhouseconcepts.comFF - Ext: FireRainbow: firerainbow@hildebrand.cz - %profile%\extensions\firerainbow@hildebrand.czFF - Ext: CodeBurner for Firebug: firebug@tools.sitepoint.com - %profile%\extensions\firebug@tools.sitepoint.comFF - Ext: Font Finder: fontfinder@bendodson.com - %profile%\extensions\fontfinder@bendodson.comFF - Ext: SomotoToolbar: {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - %profile%\extensions\{c3721e85-f0ac-4b7e-ae4c-3e738011dc9d}FF - Ext: XfireXO Community Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - %profile%\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}FF - Ext: CacheViewer: {71328583-3CA7-4809-B4BA-570A85818FBB} - %profile%\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}FF - Ext: Cache Status: cache@status.org - %profile%\extensions\cache@status.orgFF - Ext: VDownloader: support@vdownloader.com - c:\program files (x86)\VDownloader\Addons\FireFox.- - - - ORPHANS REMOVED - - - -.Toolbar-Locked - (no file)Toolbar-10 - (no file)WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)WebBrowser-{5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - (no file)ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)...[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL]"ImagePath"="\"c:\mysql\bin\mysqld\" --defaults-file=\"c:\mysql\my.ini\" MySQL".--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_USERS\S-1-5-21-2482222888-3877877194-96238860-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]@Denied: (2) (LocalSystem)"Progid"="WindowsLiveMail.Email.1".[HKEY_USERS\S-1-5-21-2482222888-3877877194-96238860-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]@Denied: (2) (LocalSystem)"Progid"="WindowsLiveMail.VCard.1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.11".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]@Denied: (A 2) (Everyone)@="IFlashBroker4".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]@Denied: (A) (Everyone)"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}".[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]@Denied: (A) (Everyone)"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}".[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane]@Denied: (A) (Everyone).[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]"Key"="ActionsPane""Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd".[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]@Denied: (A) (Everyone).[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]"Key"="ActionsPane3""Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).------------------------ Other Running Processes ------------------------.c:\program files (x86)\Creative\Shared Files\CTAudSvc.exec:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exec:\program files (x86)\Common Files\Motive\McciCMService.exec:\program files (x86)\Mil Incorporated\Mil Shield\ShieldService.exec:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exec:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exec:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe.**************************************************************************.Completion time: 2012-08-08 14:04:09 - machine was rebootedComboFix-quarantined-files.txt 2012-08-08 19:04ComboFix2.txt 2012-08-08 06:05.Pre-Run: 369,526,018,048 bytes freePost-Run: 369,375,453,184 bytes free.- - End Of File - - CFCF20F0A4DDA51859904A056BB9D131 Link to post Share on other sites More sharing options...
jamesost Posted August 8, 2012 Author ID:582437 Share Posted August 8, 2012 .DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30Run by James at 14:14:03 on 2012-08-08Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8183.5374 [GMT -5:00].AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}.============== Running Processes ===============.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Program Files\Dell\DellDock\DockLogin.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Program Files\NVIDIA Corporation\Display\NvXDSync.exeC:\Windows\system32\nvvsvc.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\SUPERAntiSpyware\SASCORE64.EXEC:\Windows\SysWOW64\svchost.exe -k AkamaiC:\Apache\bin\httpd.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Apache\bin\httpd.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\CrashPlan\CrashPlanService.exeC:\Program Files (x86)\Common Files\Motive\McciCMService.exeC:\Program Files\Common Files\Motive\McciCMService.exeC:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exeC:\Program Files (x86)\Mil Incorporated\Mil Shield\ShieldService.exeC:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exec:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exeC:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\sqlservr.exeC:\Program Files\Microsoft SQL Server\MSAS10.MSSQLSERVER\OLAP\bin\msmdsrv.exeC:\MYSQL\bin\mysqld.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Program Files\Microsoft SQL Server\MSRS10.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exec:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exeC:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXEC:\Windows\system32\conhost.exec:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exeC:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Program Files\Common Files\McAfee\SystemCore\mcshield.exeC:\Program Files\Common Files\McAfee\SystemCore\mfefire.exeC:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exeC:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exeC:\Users\James\AppData\Local\Akamai\netsession_win.exeC:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXEC:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exeC:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exeC:\Windows\SysWOW64\rundll32.exeC:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exeC:\Program Files (x86)\CMS Peripherals\BounceBack Express\BBLauncher.exeC:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exeC:\Users\James\AppData\Local\Akamai\netsession_win.exeC:\Program Files\McAfee.com\Agent\mcagent.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files\CrashPlan\CrashPlanTray.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exeC:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exeC:\Apache\bin\ApacheMonitor.exeC:\Program Files\Dell\DellDock\DellDock.exeC:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\fdlauncher.exeC:\Windows\System32\svchost.exe -k swprvc:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\fdhost.exeC:\Windows\system32\conhost.exeC:\Windows\system32\WUDFHost.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Windows\system32\sppsvc.exeC:\Windows\system32\svchost.exe -k SDRSVCC:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\DllHost.exeC:\Windows\system32\DllHost.exeC:\Windows\SysWOW64\cmd.exeC:\Windows\system32\conhost.exeC:\Windows\SysWOW64\cscript.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://google.com/uInternet Settings,ProxyOverride = <local>;*.localBHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dllBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dllBHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dllBHO: IEExtension.VDownloaderBHO: {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - mscoree.dllBHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120622015142.dllBHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllBHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dllBHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLLBHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllTB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllTB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dllTB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dllTB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No FileTB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No FileTB: {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - No FileuRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quietuRun: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorunuRun: [Akamai NetSession Interface] "C:\Users\James\AppData\Local\Akamai\netsession_win.exe"uRun: [MilShieldSlave] "C:\Program Files (x86)\Mil Incorporated\Mil Shield\ShieldWorker.exe" -logonuRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeuRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"mRun: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exemRun: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /rmRun: [sPIRunE] Rundll32 SPIRunE.dll,RunDLLEntrymRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /mmRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exemRun: [bounceBack Setup] "C:\Program Files (x86)\CMS Peripherals\BounceBack Express\AppLaunch.exe" /LaunchitmRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkeymRun: [RegistryQuick.exe] C:\Program Files (x86)\RegQuick\RegistryQuick.exemRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttraymRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exemRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"mRun: [Adobe_ID0EYTHM] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXEStartupFolder: C:\Users\James\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exeStartupFolder: C:\Users\James\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\VDOWNL~1.LNK - C:\Program Files (x86)\VDownloader\VDownloader.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEA~1.LNK - C:\Windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEA~2.LNK - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BOUNCE~1.LNK - C:\Program Files (x86)\CMS Peripherals\BounceBack Express\BBLauncher.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CRASHP~1.LNK - C:\Program Files (x86)\CrashPlan\CrashPlanTray.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Apache\bin\ApacheMonitor.exemPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)mPolicies-system: EnableUIADesktopToggle = 0 (0x0)IE: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlIE: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlIE: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLLTrusted Zone: mesquiteisd.orgTrusted Zone: mesquiteisd.org\elearn2Trusted Zone: mesquiteisd.org\wwwTrusted Zone: twixt.us\beDPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cabDPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabDPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cabTCP: DhcpNameServer = 192.168.1.254TCP: Interfaces\{68CF1513-A706-4EF5-A048-F4BDFF7B2011} : DhcpNameServer = 192.168.1.254Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllBHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dllBHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO-X64: AcroIEHelperStub - No FileBHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dllBHO-X64: McAfee Phishing Filter - No FileBHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dllBHO-X64: IEExtension.VDownloaderBHO: {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - mscoree.dllBHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120622015142.dllBHO-X64: scriptproxy - No FileBHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllBHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dllBHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLLBHO-X64: URLRedirectionBHO - No FileBHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllTB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllTB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dllTB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dllTB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No FileTB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No FileTB-X64: {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - No FilemRun-x64: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exemRun-x64: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /rmRun-x64: [sPIRunE] Rundll32 SPIRunE.dll,RunDLLEntrymRun-x64: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /mmRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exemRun-x64: [bounceBack Setup] "C:\Program Files (x86)\CMS Peripherals\BounceBack Express\AppLaunch.exe" /LaunchitmRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkeymRun-x64: [RegistryQuick.exe] C:\Program Files (x86)\RegQuick\RegistryQuick.exemRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttraymRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun-x64: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exemRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"mRun-x64: [Adobe_ID0EYTHM] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE.================= FIREFOX ===================.FF - ProfilePath - C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\72zwrn9e.default\FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}FF - prefs.js: browser.search.selectedEngine - Search ResultsFF - prefs.js: browser.startup.homepage - hxxp://www.google.comFF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z045&form=ZGAADF&q=FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}FF - Ext: Java Console: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}FF - Ext: Web Developer: {c45c406e-ab73-11d8-be73-000a95be3b12} - %profile%\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}FF - Ext: Firebug: firebug@software.joehewitt.com - %profile%\extensions\firebug@software.joehewitt.comFF - Ext: MacOSX Theme: {00352F14-3F76-4e4d-ACFF-9972D7E4B3B9} - %profile%\extensions\{00352F14-3F76-4e4d-ACFF-9972D7E4B3B9}FF - Ext: Firefox Accessibility Extension: accessext@cita.uiuc.edu - %profile%\extensions\accessext@cita.uiuc.eduFF - Ext: Fangs: {21D01944-2878-4eb3-A72A-83E8D1E6D4A6} - %profile%\extensions\{21D01944-2878-4eb3-A72A-83E8D1E6D4A6}FF - Ext: Juicy Studio Colour Contrast Analyser: {34c51bf3-5fb2-4799-8cca-d5b8567cf7ef} - %profile%\extensions\{34c51bf3-5fb2-4799-8cca-d5b8567cf7ef}FF - Ext: YSlow: yslow@yahoo-inc.com - %profile%\extensions\yslow@yahoo-inc.comFF - Ext: Firecookie: firecookie@janodvarko.cz - %profile%\extensions\firecookie@janodvarko.czFF - Ext: FirePHP: FirePHPExtension-Build@firephp.org - %profile%\extensions\FirePHPExtension-Build@firephp.orgFF - Ext: Pixel Perfect: pixelperfectplugin@openhouseconcepts.com - %profile%\extensions\pixelperfectplugin@openhouseconcepts.comFF - Ext: FireRainbow: firerainbow@hildebrand.cz - %profile%\extensions\firerainbow@hildebrand.czFF - Ext: CodeBurner for Firebug: firebug@tools.sitepoint.com - %profile%\extensions\firebug@tools.sitepoint.comFF - Ext: Font Finder: fontfinder@bendodson.com - %profile%\extensions\fontfinder@bendodson.comFF - Ext: SomotoToolbar: {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - %profile%\extensions\{c3721e85-f0ac-4b7e-ae4c-3e738011dc9d}FF - Ext: XfireXO Community Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - %profile%\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}FF - Ext: CacheViewer: {71328583-3CA7-4809-B4BA-570A85818FBB} - %profile%\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}FF - Ext: Cache Status: cache@status.org - %profile%\extensions\cache@status.orgFF - Ext: VDownloader: support@vdownloader.com - C:\Program Files (x86)\VDownloader\Addons\FireFox.============= SERVICES / DRIVERS ===============.R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-7-18 140672]R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 20992]R2 Apache2.2;Apache2.2;C:\Apache\bin\httpd.exe [2010-7-30 24645]R2 CrashPlanService;CrashPlan Backup Service;C:\Program Files\CrashPlan\CrashPlanService.exe [2012-3-26 222720]R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]R2 Freedom Scientific Kernel Manager {D2B4C7A7-7605-4039-89E4-DE5CC69BBE9D};Freedom Scientific Kernel Manager;\??\C:\Windows\system32\fsKMgr.dll --> C:\Windows\system32\fsKMgr.dll [?]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-5-13 655944]R2 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2010-3-25 517632]R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-4 249936]R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-4 249936]R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-4 249936]R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2010-9-1 199272]R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2010-9-1 210584]R2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-9-1 162192]R2 MsDtsServer100;SQL Server Integration Services 10.0;C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [2008-7-10 214040]R2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);C:\Program Files\Microsoft SQL Server\MSRS10.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2009-3-30 2075480]R2 Sentinel64;Sentinel64;C:\Windows\system32\Drivers\Sentinel64.sys --> C:\Windows\system32\Drivers\Sentinel64.sys [?]R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]R3 fsvidmir;fsvidmir;C:\Windows\system32\DRIVERS\fsvidmir.sys --> C:\Windows\system32\DRIVERS\fsvidmir.sys [?]R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]R3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER);C:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [2008-7-10 34840]R3 t3;Sound Blaster X-Fi Xtreme Audio;C:\Windows\system32\drivers\t3.sys --> C:\Windows\system32\drivers\t3.sys [?]R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys --> C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys [?]R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);C:\Windows\system32\drivers\WsAudio_DeviceS(2).sys --> C:\Windows\system32\drivers\WsAudio_DeviceS(2).sys [?]R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);C:\Windows\system32\drivers\WsAudio_DeviceS(3).sys --> C:\Windows\system32\drivers\WsAudio_DeviceS(3).sys [?]R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);C:\Windows\system32\drivers\WsAudio_DeviceS(4).sys --> C:\Windows\system32\drivers\WsAudio_DeviceS(4).sys [?]R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);C:\Windows\system32\drivers\WsAudio_DeviceS(5).sys --> C:\Windows\system32\drivers\WsAudio_DeviceS(5).sys [?]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-28 136176]S2 SessionLauncher;SessionLauncher;c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe --> c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [?]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-5 250056]S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2009-11-18 79360]S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-11-18 79360]S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-28 136176]S3 hitmanpro36;Hitman Pro 3.5 Support Driver;\??\C:\Windows\system32\drivers\hitmanpro36.sys --> C:\Windows\system32\drivers\hitmanpro36.sys [?]S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\RoxMediaDB10.exe [2009-6-26 1124848]S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2008-7-10 61976]S4 RsFx0103;RsFx0103 Driver;C:\Windows\system32\DRIVERS\RsFx0103.sys --> C:\Windows\system32\DRIVERS\RsFx0103.sys [?].=============== File Associations ===============..scr=DWGTrueViewScriptFile.=============== Created Last 30 ================.2012-08-08 18:58:18 -------- d-sh--w- C:\$RECYCLE.BIN2012-08-08 18:45:21 98816 ----a-w- C:\Windows\sed.exe2012-08-08 18:45:21 518144 ----a-w- C:\Windows\SWREG.exe2012-08-08 18:45:21 256000 ----a-w- C:\Windows\PEV.exe2012-08-08 18:45:21 208896 ----a-w- C:\Windows\MBR.exe2012-07-27 04:45:59 -------- d-----w- C:\Users\James\AppData\Local\{FCFA949C-1AB2-4A3C-9465-AC141C3969D6}2012-07-27 04:45:45 -------- d-----w- C:\Users\James\AppData\Local\{DC044F9B-11F0-47A9-AC72-2CEB4ADF6435}2012-07-22 06:02:38 30496 ----a-w- C:\Windows\System32\drivers\hitmanpro36.sys2012-07-22 05:47:41 -------- d-----w- C:\ProgramData\HitmanPro2012-07-22 05:46:29 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%2012-07-22 02:43:16 -------- d-----w- C:\ProgramData\225932DF004DBD4017751010F875F0022012-07-15 21:31:51 -------- d-----w- C:\Users\James\AppData\Roaming\ts3overlay2012-07-15 21:30:11 -------- d-----w- C:\Users\James\AppData\Roaming\TS3Client2012-07-15 21:27:12 -------- d-----w- C:\Users\James\AppData\Local\TeamSpeak 3 Client2012-07-13 16:07:47 -------- d-----w- C:\Users\James\AppData\Local\Macromedia2012-07-12 15:35:10 -------- d-----w- C:\ProgramData\ALM2012-07-12 15:19:45 28248 ----a-r- C:\Windows\SysWow64\AdobePDF.dll2012-07-12 06:32:52 -------- d-----w- C:\Program Files (x86)\Common Files\Macrovision Shared2012-07-12 06:17:33 -------- d-----w- C:\Program Files (x86)\NCH Software2012-07-11 08:14:42 3148800 ----a-w- C:\Windows\System32\win32k.sys2012-07-11 05:22:50 2004480 ----a-w- C:\Windows\System32\msxml6.dll2012-07-11 05:21:57 22016 ----a-w- C:\Windows\SysWow64\secur32.dll2012-07-11 05:21:48 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll2012-07-11 05:21:38 1499136 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll2012-07-11 05:21:37 1019904 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll2012-07-11 05:21:34 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll2012-07-11 05:21:33 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll2012-07-11 05:21:31 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll2012-07-11 05:21:26 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll2012-07-11 05:21:19 61440 ----a-w- C:\Program Files\Common Files\System\ado\msador15.dll2012-07-11 05:21:19 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll2012-07-11 05:21:13 57344 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msador15.dll2012-07-11 05:21:05 212992 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll2012-07-11 05:20:59 143360 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msjro.dll2012-07-11 05:20:52 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll2012-07-11 05:20:49 1133568 ----a-w- C:\Windows\System32\cdosys.dll2012-07-11 04:58:36 -------- d-----w- C:\ProgramData\FLEXnetold22012-07-11 04:26:20 -------- d-----w- C:\Users\James\AdobeLicensingFilesBackup2012-07-10 05:42:55 -------- d-----w- C:\Users\James\AppData\Local\{C755F6FD-F53B-4054-960A-771076AA9730}2012-07-10 05:42:32 -------- d-----w- C:\Users\James\AppData\Local\{F117CB5E-8EB0-4552-8049-05BFA61F9077}2012-07-10 05:33:44 -------- d-----w- C:\Windows\en2012-07-10 05:29:08 19736 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll2012-07-10 05:27:01 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a165685d1cd5e5c03\DSETUP.dll2012-07-10 05:27:01 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a165685d1cd5e5c03\DXSETUP.exe2012-07-10 05:27:01 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\a165685d1cd5e5c03\dsetup32.dll2012-07-10 04:05:46 -------- d-----w- C:\Users\James\AppData\Local\MPlayer2012-07-10 03:59:31 -------- d-----w- C:\Users\James\.dvdcss2012-07-10 03:59:30 -------- d-----w- C:\Users\James\fontconfig2012-07-10 03:58:05 -------- d-----w- C:\Program Files (x86)\SnowFox Software.==================== Find3M ====================.2012-08-03 07:22:15 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2012-08-03 07:22:15 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2012-07-03 18:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll2012-06-02 20:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll2012-06-02 20:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll2011-09-16 20:12:04 143240 ----a-w- C:\Program Files (x86)\Common Files\ApnStub.exe2010-01-26 16:11:08 444283 ----a-w- C:\Program Files (x86)\Common Files\WinPcapNmap.exe.============= FINISH: 14:14:48.67 =============== Link to post Share on other sites More sharing options...
jamesost Posted August 8, 2012 Author ID:582438 Share Posted August 8, 2012 Not sure you need the attach file but just in case here you go! Thank you for the help!.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2011-08-26.01).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2Install Date: 11/21/2009 10:45:59 PMSystem Uptime: 8/8/2012 2:05:43 PM (0 hours ago).Motherboard: Dell Inc. | | 0X231RProcessor: Intel® Core i7 CPU 860 @ 2.80GHz | CPU 1 | 2793/133mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 684 GiB total, 344.111 GiB free.D: is CDROM ()E: is CDROM ()F: is RemovableG: is RemovableH: is RemovableI: is RemovableN: is RemovableO: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP438: 8/8/2012 12:36:59 AM - ComboFix created restore pointRP439: 8/8/2012 1:10:06 AM - Restore Operation.==== Installed Programs ======================. Update for Microsoft Office 2007 (KB2508958)Acrobat.comAdd or Remove Adobe Creative Suite 3 Web PremiumAdobe Acrobat 8 ProfessionalAdobe AIRAdobe Anchor Service CS3Adobe Asset Services CS3Adobe Bridge CS3Adobe Bridge Start MeetingAdobe BridgeTalk Plugin CS3Adobe Camera Raw 4.0Adobe CMapsAdobe Color - Photoshop SpecificAdobe Color Common SettingsAdobe Color EU Extra SettingsAdobe Color JA Extra SettingsAdobe Color NA Recommended SettingsAdobe Contribute CS3Adobe Creative Suite 3 Web PremiumAdobe Default Language CS3Adobe Device Central CS3Adobe Dreamweaver CS3Adobe ExtendScript Toolkit 2Adobe Extension Manager CS3Adobe Fireworks CS3Adobe Flash CS3Adobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Flash Video EncoderAdobe Fonts AllAdobe Help Viewer CS3Adobe Illustrator CS3Adobe Linguistics CS3Adobe MotionPicture Color FilesAdobe PDF Library FilesAdobe Photoshop CS3Adobe Reader 9.3Adobe SetupAdobe Shockwave Player 11.5Adobe Stock Photos CS3Adobe Type SupportAdobe Update Manager CS3Adobe Version Cue CS3 ClientAdobe Version Cue CS3 ServerAdobe WAS CS3Adobe WinSoft Linguistics PluginAdobe XMP Panels CS3AHV content for Acrobat and FlashAimersoft DRM Media Converter(Build 1.4.7.2)AimOne Video Joiner 1.35AimOne Video Splitter 1.42Akamai NetSession InterfaceAkamai NetSession Interface ServiceApache HTTP Server 2.2.16Apple Application SupportApple Software UpdateAT&T U-verse SetupAutoBookmark Standard Plug-In, v. 4.0 (TRIAL VERSION)BookSmart® 2.9.4 2.9.4Camtasia Studio 7Consumer In-Home Service AgreementCopyTrans Suite Remove OnlyCoupon Printer for WindowsCreative Audio Control PanelCreative Software AutoUpdateCreative Sound Blaster Properties x64 EditionCrystal Reports Basic for Visual Studio 2008D3DX10Definition Update for Microsoft Office 2010 (KB982726) 32-Bit EditionDell DataSafe OnlineDell Getting Started GuideDirectXInstallServiceDoxillion Document ConverterEMC 10 ContentFileZilla Client 3.5.3Font Management SystemFormatFactory 2.60FrapsFreedom Scientific Synthesizer EloquenceGameSpy ArcadeGoogle ChromeGoogle Toolbar for Internet ExplorerGoogle Update HelperHandBrake 0.9.5Host OpenALHotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB2538241)Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB971091)Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB971092)Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB973674)Java Auto UpdaterJava 6 Update 30Junk Mail filter updateLet's Clean Up! PlusMalwarebytes Anti-Malware version 1.62.0.1300Market SamuraiMcAfee Security Scan PlusMcAfee SecurityCenterMicrosoft .NET Compact Framework 2.0 SP2Microsoft .NET Compact Framework 3.5Microsoft .NET Framework 1.1Microsoft Access 2010 Runtime Service Pack 1 (SP1)Microsoft Access Runtime 2010Microsoft Document Explorer 2008Microsoft HaloMicrosoft Office 2003 Web ComponentsMicrosoft Office 2007 Service Pack 3 (SP3)Microsoft Office Access MUI (English) 2007Microsoft Office Access Runtime 2010Microsoft Office Access Runtime MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2007Microsoft Office Excel MUI (English) 2007Microsoft Office File Validation Add-InMicrosoft Office Groove MUI (English) 2007Microsoft Office Groove Setup Metadata MUI (English) 2007Microsoft Office Home and Student 2007Microsoft Office InfoPath MUI (English) 2007Microsoft Office OneNote MUI (English) 2007Microsoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Publisher MUI (English) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)Microsoft Office Ultimate 2007Microsoft Office Visual Web Developer 2007Microsoft Office Visual Web Developer MUI (English) 2007Microsoft Office Word MUI (English) 2007Microsoft SilverlightMicrosoft SQL Server 2005Microsoft SQL Server 2005 Compact Edition [ENU]Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)Microsoft SQL Server 2005 Tools Express EditionMicrosoft SQL Server 2008 Books Online (English)Microsoft SQL Server 2008 BrowserMicrosoft SQL Server 2008 Management ObjectsMicrosoft SQL Server 2008 PoliciesMicrosoft SQL Server Compact 3.5 for Devices ENUMicrosoft SQL Server Compact 3.5 SP1 Design Tools EnglishMicrosoft SQL Server Compact 3.5 SP1 EnglishMicrosoft SQL Server Compact 3.5 SP1 Query Tools EnglishMicrosoft SQL Server Database Publishing Wizard 1.3Microsoft SQL Server Setup Support Files (English)Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual Studio 2005 Tools for Office RuntimeMicrosoft Visual Studio 2008 Professional Edition - ENUMicrosoft Visual Studio 2008 Professional Edition - ENU Service Pack 1 (KB945140)Microsoft Visual Studio 2008 Remote Debugger - ENU Service Pack 1 (KB945140)Microsoft Visual Studio 2008 Shell (integrated mode) - ENUMicrosoft Visual Studio Tools for Applications 2.0 - ENUMicrosoft Visual Studio Web Authoring ComponentMil ShieldMozilla Firefox (3.6.25)MSDN Library for Visual Studio 2008 - ENUMSVCRTMSVCRT_amd64MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML 4.0 SP2 Parser and SDKMultimedia Card ReaderNCH FileBulldog ToolbarNotepad++NVIDIA PhysXNVIDIA Stereoscopic 3D DriverOctoshape add-in for Adobe Flash PlayerOpera 12.00PDF SettingsPowerDVD DXQuickTimeRoxio Activation ModuleRoxio BackOnTrackRoxio Central AudioRoxio Central CopyRoxio Central CoreRoxio Central DataRoxio Central ToolsRoxio Easy CD and DVD BurningRoxio Express Labeler 3Roxio Update ManagerSafariSecurity Update for 2007 Microsoft Office System (KB2288621)Security Update for 2007 Microsoft Office System (KB2584063)Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2656351)Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596792) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2598041) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553091)Security Update for Microsoft Office 2010 (KB2553371) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553447) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2589320) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2598039) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2598243) 32-Bit EditionSecurity Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSecurity Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit EditionSecurity Update for Microsoft Office system 2007 (KB974234)Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)Security Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB2251487)Security Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB2669970)Security Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB972222)Security Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB973675)Sentinel System Driver Installer 7.5.0SmartFTP Client Setup Files 4.0 (x64) (remove only)SnowFox DVD & Video Converter 3.0.1.0Sonic CinePlayer Decoder PackSound Blaster X-FiSQL Server System CLR TypesSwitch Sound File ConverterTeamSpeak 3 ClientTotal Validator ToolTune4win M4V Converter 1.0.4Update for 2007 Microsoft Office System (KB2284654)Update for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2600217)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office 2007 System (KB2539530)Update for Microsoft Office 2010 (KB2553181) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553310) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2596964) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2597091) 32-Bit EditionUpdate for Microsoft Office Access 2007 Help (KB963663)Update for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office Infopath 2007 Help (KB963662)Update for Microsoft Office OneNote 2007 Help (KB963670)Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit EditionUpdate for Microsoft Office Outlook 2007 Help (KB963677)Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit EditionUpdate for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Publisher 2007 Help (KB963667)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)Update for Microsoft OneNote 2010 (KB2589345) 32-Bit EditionUpdate for Microsoft Visual Studio 2008 Professional Edition - ENU (KB972221)Update for Microsoft Visual Studio Web Authoring Component (KB945140)VC Runtimes MSIVDownloader 3.8.985Visual C++ 2008 IA64 Runtime - (v9.0.30729)Visual C++ 2008 IA64 Runtime - v9.0.30729.01Visual C++ 2008 x64 Runtime - (v9.0.30729)Visual C++ 2008 x64 Runtime - (v9.0.30729.4148)Visual C++ 2008 x64 Runtime - (v9.0.30729.6161)Visual C++ 2008 x64 Runtime - v9.0.30729.01Visual C++ 2008 x64 Runtime - v9.0.30729.4148Visual C++ 2008 x64 Runtime - v9.0.30729.6161Visual C++ 2008 x86 Runtime - (v9.0.30729)Visual C++ 2008 x86 Runtime - (v9.0.30729.4148)Visual C++ 2008 x86 Runtime - (v9.0.30729.6161)Visual C++ 2008 x86 Runtime - v9.0.30729.01Visual C++ 2008 x86 Runtime - v9.0.30729.4148Visual C++ 2008 x86 Runtime - v9.0.30729.6161Visual Studio 2005 Tools for Office Second Edition RuntimeVisual Studio Tools for the Office system 3.0 RuntimeVisual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258)WavePad Sound EditorWinAce ArchiverWindows Live Communications PlatformWindows Live EssentialsWindows Live InstallerWindows Live MailWindows Live MessengerWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live SOXEWindows Live SOXE DefinitionsWindows Live SyncWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWindows Mobile 5.0 SDK R2 for Pocket PCWindows Mobile 5.0 SDK R2 for SmartphoneWindows Movie Maker 2.6WinPcap 4.1.1WinSCP 4.2.8WinZip 15.5Xfire (remove only)Yahoo! MessengerYahoo! Software UpdateZinio Reader 4.==== Event Viewer Messages From Past Week ========.8/8/2012 2:08:20 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: RxFilter8/8/2012 2:06:28 PM, Error: Service Control Manager [7000] - The SessionLauncher service failed to start due to the following error: The system cannot find the file specified.8/8/2012 12:53:52 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\c:\windows\erdnt\subs\software' was corrupted and it has been recovered. Some data might have been lost.8/8/2012 1:57:35 PM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found.8/8/2012 1:55:42 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.8/8/2012 1:54:48 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.8/8/2012 1:46:02 PM, Error: Service Control Manager [7034] - The MilShieldCleaner service terminated unexpectedly. It has done this 1 time(s).8/8/2012 1:45:06 PM, Error: Service Control Manager [7031] - The Akamai NetSession Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.8/8/2012 1:34:15 PM, Error: Service Control Manager [7003] - The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.8/8/2012 1:19:57 AM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-21470248918/8/2012 1:19:57 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-21470248918/8/2012 1:18:58 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.8/8/2012 1:18:55 AM, Error: Service Control Manager [7022] - The IPsec Policy Agent service hung on starting.8/8/2012 1:16:44 AM, Error: Service Control Manager [7016] - The IPsec Policy Agent service has reported an invalid current state 0.8/8/2012 1:09:42 AM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: 490@010100048/5/2012 9:18:14 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user James-PC\James SID (S-1-5-21-2482222888-3877877194-96238860-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.8/5/2012 9:18:13 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user James-PC\James SID (S-1-5-21-2482222888-3877877194-96238860-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.8/5/2012 8:39:42 AM, Error: Service Control Manager [7001] - The SQL Server Agent (MSSQLSERVER) service depends on the SQL Server (MSSQLSERVER) service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.8/5/2012 8:39:34 AM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.8/5/2012 8:39:26 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SQL Server (MSSQLSERVER) service to connect.8/5/2012 8:39:26 AM, Error: Service Control Manager [7000] - The SQL Server (MSSQLSERVER) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.8/5/2012 8:38:52 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SQL Server Integration Services 10.0 service to connect.8/5/2012 8:38:52 AM, Error: Service Control Manager [7000] - The SQL Server Integration Services 10.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.8/5/2012 8:38:14 AM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed..==== End Of File =========================== Link to post Share on other sites More sharing options...
jamesost Posted August 9, 2012 Author ID:582582 Share Posted August 9, 2012 Ok nm my dell dock bar came back after another reboot. Also, the game connection problem seems to have stopped and another problem I forgot to mention (my mcafee firewall wouldnt turn on) has also stopped. I can turn it on now. Link to post Share on other sites More sharing options...
Staff screen317 Posted August 10, 2012 Staff ID:583416 Share Posted August 10, 2012 Great news!Run TFC by OldTimer to clear temporary files:Please download TFC from here and save it to your desktop.Close any open programs and Internet browsers.Double click TFC.exe to run it and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.Please be patient as clearing out temp files may take a while.Once it completes you may be prompted to restart your computer, please do so.Once it's finished you may delete TFC.exe from your Desktop or save it for later use for the cleaning of temporary files.Download the file TDSSKiller.zip and extract it into a folder on the infected PC.Execute the file TDSSKiller.exe by double-clicking on it.Wait for the scan and disinfection process to be over.When its work is over, the utility prompts for a reboot to complete the disinfection.By default, the utility outputs runtime log into the system disk root directory (the disk where the operating system is installed, C:\ as a rule).The log is like UtilityName.Version_Date_Time_log.txt.for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt.Please post that log here.Next, please run a free online scan with the ESET Online ScannerNote: You will need to use Internet Explorer for this scan.Tick the box next to YES, I accept the Terms of Use.Click StartWhen asked, allow the ActiveX control to installClick StartMake sure that the options Remove found threats and the option Scan unwanted applications is checkedClick ScanWait for the scan to finishExport the threats found (if any), and post them here.Next, please download AdwCleaner by Xplode onto your Desktop.Double click on AdwCleaner.exe to run the tool.Click on Search.A logfile will automatically open after the scan has finished.Please post the content of that logfile in your reply.You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.Next, download my Security Check from here or here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document.Let me know how things are running now and what issues remain.-screen317 Link to post Share on other sites More sharing options...
jamesost Posted August 14, 2012 Author ID:585072 Share Posted August 14, 2012 I havent forgotten about you! haha. I'm just dealing with a litter of 13 german shepherd puppies at the moment and will put up these logs as soon as I can do them....sometime this week. Thank you very much. Link to post Share on other sites More sharing options...
Staff screen317 Posted August 17, 2012 Staff ID:586390 Share Posted August 17, 2012 Wow cool! Congratulations! Take your time with the logs. Link to post Share on other sites More sharing options...
Staff screen317 Posted August 30, 2012 Staff ID:591507 Share Posted August 30, 2012 Are you still with us? This topic will be closed in a few days if we do not hear back from you. Link to post Share on other sites More sharing options...
Maurice Naggar Posted September 9, 2012 ID:595251 Share Posted September 9, 2012 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts