becca3783 Posted August 24, 2012 ID:589628 Share Posted August 24, 2012 My computer is running really slow. I ran malwarebytes. Cleaned what it told me too.. Had to restart and when I did, a window popped up with C:\Windows\SysWOW64\rundll32.exe missing entry:Fq10. Now I can't even seem to get online Link to post Share on other sites More sharing options...
MrCharlie Posted August 24, 2012 ID:589633 Share Posted August 24, 2012 Welcome to the forum, can you post the log from Malwarebytes.Then please start at the link below:http://forums.malwar...?showtopic=9573Post back the 2 logs here.....DDS.txt and Attach.txt<====><====><====><====><====><====><====><====>Next.......Please remove any usb or external drives from the computer before you run this scan!Please download and run RogueKiller to your desktop.For Windows XP, double-click to start.For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.Click Scan to scan the system.When the scan completes > Close out the program > Don't Fix anything!Don't run any other options, they're not all bad!!!!!!!Post back the report which should be located on your desktop.MrC Link to post Share on other sites More sharing options...
becca3783 Posted August 24, 2012 Author ID:589639 Share Posted August 24, 2012 Malwarebytes' Anti-Malware 1.46www.malwarebytes.orgDatabase version: 4931Windows 6.1.7600Internet Explorer 8.0.7600.1638510/24/2010 12:02:16 AMmbam-log-2010-10-24 (00-02-16).txtScan type: Full scan (C:\|)Objects scanned: 289484Time elapsed: 45 minute(s), 27 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 24Registry Values Infected: 17Registry Data Items Infected: 5Folders Infected: 0Files Infected: 0Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\AppID\{0d82acd6-a652-4496-a298-2bde705f4227} (Adware.ClickPotato) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\AppID\{7025e484-d4b0-441a-9f0b-69063bd679ce} (Adware.ClickPotato) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\AppID\{8258b35c-05b8-4c0e-9525-9bccc70f8f2d} (Adware.ClickPotato) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\AppID\{a89256ad-ec17-4a83-bef5-4b8bc4f39306} (Adware.ClickPotato) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.Registry Values Infected:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\5 (Security.Hijack) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\11 (Security.Hijack) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\13 (Security.Hijack) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\14 (Security.Hijack) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\12 (Security.Hijack) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\7 (Security.Hijack) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\4 (Security.Hijack) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\10 (Security.Hijack) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\9 (Security.Hijack) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\8 (Security.Hijack) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\15 (Security.Hijack) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\6 (Security.Hijack) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\3 (Security.Hijack) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\2 (Security.Hijack) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\1 (Security.Hijack) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\0 (Security.Hijack) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\srs_it_e8790571bc765f573ea893 (Malware.Trace) -> Quarantined and deleted successfully.Registry Data Items Infected:HKEY_CLASSES_ROOT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\URL (Hijack.SearchPage) -> Bad: (http://findgala.com/?&uid=302&q={searchTerms}) Good: (http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}) -> Quarantined and deleted successfully.HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\URL (Hijack.SearchPage) -> Bad: (http://findgala.com/?&uid=302&q={searchTerms}) Good: (http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}) -> Quarantined and deleted successfully.HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\URL (Hijack.SearchPage) -> Bad: (http://findgala.com/?&uid=302&q={searchTerms}) Good: (http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}) -> Quarantined and deleted successfully.HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\URL (Hijack.SearchPage) -> Bad: (http://findgala.com/?&uid=302&q={searchTerms}) Good: (http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}) -> Quarantined and deleted successfully.HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\URL (Hijack.SearchPage) -> Bad: (http://findgala.com/?&uid=302&q={searchTerms}) Good: (http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}) -> Quarantined and deleted successfully.Folders Infected:(No malicious items detected)Files Infected:(No malicious items detected) Link to post Share on other sites More sharing options...
becca3783 Posted August 24, 2012 Author ID:589640 Share Posted August 24, 2012 Malwarebytes' Anti-Malware 1.46www.malwarebytes.orgDatabase version: 4943Windows 6.1.7600Internet Explorer 8.0.7600.1638510/25/2010 12:40:54 PMmbam-log-2010-10-25 (12-40-54).txtScan type: Full scan (C:\|)Objects scanned: 294511Time elapsed: 48 minute(s), 42 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:(No malicious items detected) Link to post Share on other sites More sharing options...
becca3783 Posted August 24, 2012 Author ID:589643 Share Posted August 24, 2012 I have no internet access on my computer right now, So it won't let me do the other things. I've had to copy the reports and post them on another computer Link to post Share on other sites More sharing options...
MrCharlie Posted August 24, 2012 ID:589647 Share Posted August 24, 2012 Do you have a good system restore point, you can try that.If not......Please download Farbar Service Scanner and run it on the computer with the issue.Make sure the following options are checked:Internet ServicesWindows FirewallSystem RestoreSecurity CenterWindows UpdateWindows Defender[*]Press "Scan".[*]It will create a log (FSS.txt) in the same directory the tool is run.[*]Please copy and paste the log to your reply.MrC Link to post Share on other sites More sharing options...
becca3783 Posted August 24, 2012 Author ID:589648 Share Posted August 24, 2012 I tried restoring it. That didn't work. And I can't get it online to download that scanner. Link to post Share on other sites More sharing options...
becca3783 Posted August 24, 2012 Author ID:589651 Share Posted August 24, 2012 Farbar Service Scanner Version: 06-08-2012Ran by Becky (administrator) on 24-08-2012 at 14:30:49Running from "D:\Download"Microsoft Windows 7 Home Premium (X64)Boot Mode: Normal****************************************************************Internet Services:============Connection Status:==============Localhost is accessible.LAN connected.Google IP is accessible.Google.com is accessible.Yahoo IP is accessible.Yahoo.com is accessible.Windows Firewall:=============Firewall Disabled Policy:==================System Restore:============System Restore Disabled Policy:========================Action Center:============Windows Update:============Windows Autoupdate Disabled Policy:============================Windows Defender:==============WinDefend Service is not running. Checking service configuration:The start type of WinDefend service is set to Demand. The default start type is Auto.The ImagePath of WinDefend service is OK.The ServiceDll of WinDefend service is OK.Windows Defender Disabled Policy:==========================[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]"DisableAntiSpyware"=DWORD:1Other Services:==============File Check:========C:\Windows\System32\nsisvc.dll => MD5 is legitC:\Windows\System32\drivers\nsiproxy.sys => MD5 is legitC:\Windows\System32\dhcpcore.dll => MD5 is legitC:\Windows\System32\drivers\afd.sys[2012-02-17 00:54] - [2011-12-27 22:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422EC:\Windows\System32\drivers\tdx.sys => MD5 is legitC:\Windows\System32\Drivers\tcpip.sys[2012-05-09 03:51] - [2012-03-30 06:09] - 1895280 ____A (Microsoft Corporation) 624C5B3AA4C99B3184BB922D9ECE3FF0C:\Windows\System32\dnsrslvr.dll => MD5 is legitC:\Windows\System32\mpssvc.dll[2009-07-13 19:09] - [2009-07-13 20:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3C:\Windows\System32\bfe.dll => MD5 is legitC:\Windows\System32\drivers\mpsdrv.sys => MD5 is legitC:\Windows\System32\SDRSVC.dll[2009-07-13 18:36] - [2009-07-13 20:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5C:\Windows\System32\vssvc.exe => MD5 is legitC:\Windows\System32\wscsvc.dll => MD5 is legitC:\Windows\System32\wbem\WMIsvc.dll => MD5 is legitC:\Windows\System32\wuaueng.dll => MD5 is legitC:\Windows\System32\qmgr.dll => MD5 is legitC:\Windows\System32\es.dll => MD5 is legitC:\Windows\System32\cryptsvc.dll[2012-06-13 15:13] - [2012-04-24 00:59] - 0182272 ____A (Microsoft Corporation) F02786B66375292E58C8777082D4396DC:\Program Files\Windows Defender\MpSvc.dll => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\System32\rpcss.dll => MD5 is legit**** End of log **** Link to post Share on other sites More sharing options...
becca3783 Posted August 24, 2012 Author ID:589654 Share Posted August 24, 2012 RogueKiller V7.6.6 [08/10/2012] by Tigzymail: tigzyRK<at>gmail<dot>comFeedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/Blog: http://tigzyrk.blogspot.comOperating System: Windows 7 (6.1.7600 ) 64 bits versionStarted in : Normal modeUser: Becky [Admin rights]Mode: Scan -- Date: 08/24/2012 13:06:39¤¤¤ Bad processes: 0 ¤¤¤¤¤¤ Registry Entries: 7 ¤¤¤[sUSP PATH] CandyUpdater.job @ : C:\Users\Becky\AppData\Local\ArcadeCandy\candyUpdater.exe -> FOUND[sUSP PATH] CandyUpdater.job @ : C:\Users\Becky\AppData\Local\ArcadeCandy\candyUpdater.exe -> FOUND[HJPOL] HKCU\[...]\Policies\Explorer\Explorer : DisallowRun (1) -> FOUND[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND¤¤¤ Particular Files / Folders: ¤¤¤¤¤¤ Driver: [NOT LOADED] ¤¤¤¤¤¤ Infection : ¤¤¤¤¤¤ HOSTS File: ¤¤¤98.142.243.60 google.com98.142.243.60 google.com.au98.142.243.60 www.google.com.au98.142.243.60 google.be98.142.243.60 www.google.be98.142.243.60 google.com.br98.142.243.60 www.google.com.br98.142.243.60 google.ca98.142.243.60 www.google.ca98.142.243.60 google.ch98.142.243.60 www.google.ch98.142.243.60 google.de98.142.243.60 www.google.de98.142.243.60 google.dk98.142.243.60 www.google.dk98.142.243.60 google.fr98.142.243.60 www.google.fr98.142.243.60 google.ie98.142.243.60 www.google.ie98.142.243.60 google.it[...] Link to post Share on other sites More sharing options...
becca3783 Posted August 24, 2012 Author ID:589657 Share Posted August 24, 2012 .DDS (Ver_2011-08-26.01) - NTFSAMD64Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31Run by Becky at 14:45:26 on 2012-08-24Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.6111.3852 [GMT -5:00].AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}.============== Running Processes ===============.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSc:\Program Files\Microsoft Security Client\MsMpEng.exeC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exeC:\Windows\system32\atieclxx.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exeC:\Program Files (x86)\Bonjour\mDNSResponder.exeC:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exeC:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exeC:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exeC:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exeC:\Windows\SysWOW64\PnkBstrA.exeC:\Windows\system32\taskhost.exeC:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXEC:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exeC:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exeC:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exeC:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exeC:\Windows\system32\Dwm.exeC:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exeC:\Windows\system32\taskeng.exeC:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exeC:\Windows\SysWOW64\DllHost.exeC:\Windows\Explorer.EXEC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files (x86)\Motorola\MotoConnectService\MotoConnect.exeC:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exeC:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exeC:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exeC:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exeC:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXEC:\Windows\system32\SearchIndexer.exeC:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exeC:\Windows\system32\svchost.exe -k bthsvcsC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\WUDFHost.exeC:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Windows\System32\ico.exeC:\Program Files\Microsoft Security Client\msseces.exeC:\Windows\System32\FSRremoS.EXEC:\Program Files (x86)\uTorrent\uTorrent.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\System32\spool\drivers\x64\3\E_YATIHWA.EXEC:\Users\Becky\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exeC:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\Sony\VAIO Care\VCsystray.exeC:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exeC:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exeC:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exeC:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exeC:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exeC:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files\Windows NT\Accessories\wordpad.exeC:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exeC:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exeC:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exeC:\Windows\system32\DllHost.exeC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files\Sony\VAIO Power Management\SPMService.exeC:\Program Files\Sony\VAIO Power Management\SPMgr.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Windows\system32\wuauclt.exeC:\Users\Becky\Downloads\RogueKiller.exeC:\Windows\system32\svchost.exe -k SDRSVCC:\Windows\system32\vssvc.exec:\windows\SysWOW64\notepad.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\DllHost.exeC:\Windows\system32\DllHost.exeC:\Windows\SysWOW64\cmd.exeC:\Windows\system32\conhost.exeC:\Windows\SysWOW64\cscript.exe.============== Pseudo HJT Report ===============.uSearch Page =uStart Page = hxxp://www.google.com/uSearch Bar = PreservemDefault_Page_URL = hxxp://www.yahoo.commSearchAssistant =mCustomizeSearch = hxxp://toolbar.inbox.com/help/sa_customize.aspx?tbid=80229uURLSearchHooks: H - No FileuURLSearchHooks: PageRage Toolbar: {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files (x86)\PageRage\prxtbPage.dllmURLSearchHooks: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyn0.dllmURLSearchHooks: PageRage Toolbar: {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files (x86)\PageRage\prxtbPage.dllBHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\yt.dllBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: Gamers Unite! Snag Bar BHO: {26a7ca19-7d58-411d-b2da-f1b0324cbffc} - C:\Program Files (x86)\Gamers Unite! Snag Bar\Toolbar.dllBHO: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dllBHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dllBHO: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyn0.dllBHO: Partner BHO Class: {83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} - C:\ProgramData\Partner\Partner.dllBHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: PageRage Toolbar: {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files (x86)\PageRage\prxtbPage.dllBHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dllBHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllBHO: ArcadeCandy Games: {ab6bd08c-db6b-4f02-8a22-4bd343e990ff} - C:\Users\Becky\AppData\Local\ArcadeCandy\candyEX.dllBHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dllBHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllBHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dllBHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dllTB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\yt.dllTB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllTB: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyn0.dllTB: Gamers Unite! Snag Bar: {25515a79-c1c7-4b97-97f8-31a711694487} - C:\Program Files (x86)\Gamers Unite! Snag Bar\Toolbar.dllTB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"TB: PageRage Toolbar: {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files (x86)\PageRage\prxtbPage.dllTB: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dlluRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exeuRun: [Facebook Update] "C:\Users\Becky\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserveruRun: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHWA.EXE /EPT "EPLTarget\P0000000000000000" /M "WorkForce 545"uRun: [spotify Web Helper] "C:\Users\Becky\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"mRun: [smartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartupmRun: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resumemRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun: [sUPERDVR] "C:\Program Files (x86)\SuperDVR\SuperDVR\SuperDVR.EXE" <AUTORUN>mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"mRun: [FUFAXRCV] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"mRun: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"StartupFolder: C:\Users\Becky\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ctfmon.lnk - C:\Windows\System32\rundll32.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exeuPolicies-explorer: DisallowRun = 1 (0x1)mPolicies-explorer: NoActiveDesktop = 1 (0x1)mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)mPolicies-system: ConsentPromptBehaviorUser = 2 (0x2)mPolicies-system: EnableUIADesktopToggle = 0 (0x0)IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmIE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dllIE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLLTrusted Zone: mozilla.com\wwwTrusted Zone: youtube.com\wwwDPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cabDPF: {195B4BBF-E1E4-4020-9773-0A8C6F65EA35} - hxxp://www.shockwave.com/content/cookingdash/sis/CookingDashWeb.1.0.0.9.cabDPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cabDPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cabDPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cabTCP: DhcpNameServer = 24.159.64.23 24.217.201.67 66.189.0.100TCP: Interfaces\{3BAB5AC4-0DD3-4A44-A593-140DCA105662} : DhcpNameServer = 24.159.64.23 24.217.201.67 66.189.0.100TCP: Interfaces\{3BAB5AC4-0DD3-4A44-A593-140DCA105662}\16474777966696 : DhcpNameServer = 192.168.6.1 64.134.255.2 64.134.255.10TCP: Interfaces\{3BAB5AC4-0DD3-4A44-A593-140DCA105662}\2456C6B696E6E233330364 : DhcpNameServer = 192.168.2.1TCP: Interfaces\{3BAB5AC4-0DD3-4A44-A593-140DCA105662}\3484021405023554 : DhcpNameServer = 192.168.1.1TCP: Interfaces\{3BAB5AC4-0DD3-4A44-A593-140DCA105662}\671627E61646F6 : DhcpNameServer = 24.159.64.23 97.81.22.195 66.189.0.100TCP: Interfaces\{5DBFBD58-DD01-4EFB-BBA9-EB13D11E42A6} : DhcpNameServer = 24.159.64.23 24.217.201.67 66.189.0.100Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllNotify: VESWinlogon - VESWinlogon.dllmASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCacheIFEO: image file execution options - svchost.exeBHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\yt.dllBHO-X64: 0x1 - No FileBHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO-X64: AcroIEHelperStub - No FileBHO-X64: Gamers Unite! Snag Bar BHO: {26A7CA19-7D58-411D-B2DA-F1B0324CBFFC} - C:\Program Files (x86)\Gamers Unite! Snag Bar\Toolbar.dllBHO-X64: FCTBPos00Pos - No FileBHO-X64: Conduit Engine : {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dllBHO-X64: Conduit Engine - No FileBHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dllBHO-X64: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyn0.dllBHO-X64: Partner BHO Class: {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dllBHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO-X64: PageRage Toolbar: {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files (x86)\PageRage\prxtbPage.dllBHO-X64: PageRage - No FileBHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dllBHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllBHO-X64: ArcadeCandy Games: {AB6BD08C-DB6B-4F02-8A22-4BD343E990FF} - C:\Users\Becky\AppData\Local\ArcadeCandy\candyEX.dllBHO-X64: ArcadeCandy Games - No FileBHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dllBHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllBHO-X64: Yontoo Layers: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dllBHO-X64: Yontoo Layers - No FileBHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dllTB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\yt.dllTB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllTB-X64: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyn0.dllTB-X64: Gamers Unite! Snag Bar: {25515A79-C1C7-4B97-97F8-31A711694487} - C:\Program Files (x86)\Gamers Unite! Snag Bar\Toolbar.dllTB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"TB-X64: PageRage Toolbar: {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files (x86)\PageRage\prxtbPage.dllTB-X64: Conduit Engine : {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dllmRun-x64: [smartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartupmRun-x64: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resumemRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun-x64: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimemRun-x64: [sUPERDVR] "C:\Program Files (x86)\SuperDVR\SuperDVR\SuperDVR.EXE" <AUTORUN>mRun-x64: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"mRun-x64: [FUFAXRCV] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"mRun-x64: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htmIFEO-X64: image file execution options - svchost.exeHosts: 98.142.243.60 google.comHosts: 98.142.243.60 google.com.auHosts: 98.142.243.60 www.google.com.auHosts: 98.142.243.60 google.beHosts: 98.142.243.60 www.google.be.Note: multiple HOSTS entries found. Please refer to Attach.txt.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Becky\AppData\Roaming\Mozilla\Firefox\Profiles\yg91zfvj.default\FF - prefs.js: browser.search.selectedEngine - Search the WebFF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/home.php?ref=hpFF - prefs.js: keyword.URL - hxxp://ws.infospace.com/gamers_tbar/ws/redir?_iceUrl=true&user_id=70848433&tool_id=62781&qkw=FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLLFF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dllFF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dllFF - plugin: C:\Program Files (x86)\LivingPlay\nplplaypop.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\Users\Becky\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dllFF - plugin: C:\Users\Becky\AppData\Roaming\Facebook\npfbplugin_1_0_3.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll.---- FIREFOX POLICIES ----FF - user.js: yahoo.ytff.general.dontshowhpoffer - true============= SERVICES / DRIVERS ===============.R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-5-14 759048]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]R2 EpsonCustomerParticipation;EpsonCustomerParticipation;C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [2011-6-9 555392]R2 MotoConnect Service;MotoConnect Service;C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe [2010-9-22 91456]R2 regi;regi;\??\C:\Windows\system32\drivers\regi.sys --> C:\Windows\system32\drivers\regi.sys [?]R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2009-9-4 189984]R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]R2 TeamViewer5;TeamViewer 5;C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-7-6 173352]R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2009-9-8 104960]R2 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2009-9-8 411496]R2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-7-22 642920]R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys --> C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [?]R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]R3 pneteth;PdaNet Broadband;C:\Windows\system32\DRIVERS\pneteth.sys --> C:\Windows\system32\DRIVERS\pneteth.sys [?]R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\DRIVERS\SFEP.sys --> C:\Windows\system32\DRIVERS\SFEP.sys [?]R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-6-26 362992]S3 androidusb;ADB Interface Driver;C:\Windows\system32\Drivers\androidusb.sys --> C:\Windows\system32\Drivers\androidusb.sys [?]S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\system32\DRIVERS\motfilt.sys --> C:\Windows\system32\DRIVERS\motfilt.sys [?]S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\system32\DRIVERS\motccgp.sys --> C:\Windows\system32\DRIVERS\motccgp.sys [?]S3 motccgpfl;MotCcgpFlService;C:\Windows\system32\DRIVERS\motccgpfl.sys --> C:\Windows\system32\DRIVERS\motccgpfl.sys [?]S3 Motousbnet;Motorola USB Networking Driver Service;C:\Windows\system32\DRIVERS\Motousbnet.sys --> C:\Windows\system32\DRIVERS\Motousbnet.sys [?]S3 motport;Motorola USB Diagnostic Port;C:\Windows\system32\DRIVERS\motport.sys --> C:\Windows\system32\DRIVERS\motport.sys [?]S3 motusbdevice;Motorola USB Dev Driver;C:\Windows\system32\DRIVERS\motusbdevice.sys --> C:\Windows\system32\DRIVERS\motusbdevice.sys [?]S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-26 113120]S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]S3 Partner Service;Partner Service;C:\ProgramData\Partner\Partner.exe [2009-9-8 332272]S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-6-26 313840]S3 SampleCollector;Intel® Sample Collector;C:\Program Files\Sony\VAIO Care\collsvc.exe [2009-9-8 167424]S3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-9-8 120104]S3 SOHDBSvr;VAIO Media plus Database Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-9-8 70952]S3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-9-8 427304]S3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-9-8 75048]S3 SOHPlMgr;VAIO Media plus Playlist Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-9-8 91432]S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-9-8 468264]S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-9-8 357672]S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2009-9-8 110888]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184].=============== Created Last 30 ================.2012-08-24 17:56:28 9133488 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{49A2F6C1-CA6A-4B45-9B88-500E35A21D0F}\mpengine.dll2012-08-20 13:28:03 9133488 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2012-08-16 08:01:12 552448 ----a-w- C:\Windows\System32\drivers\bthport.sys2012-08-15 07:29:15 483328 ----a-w- C:\Users\Becky\AppData\Local\muslch.exe2012-08-15 04:22:01 503808 ----a-w- C:\Windows\System32\srcore.dll2012-08-15 04:22:01 43008 ----a-w- C:\Windows\SysWow64\srclient.dll2012-08-15 04:21:58 58880 ----a-w- C:\Windows\System32\browcli.dll2012-08-15 04:21:58 41472 ----a-w- C:\Windows\SysWow64\browcli.dll2012-08-15 04:21:57 136704 ----a-w- C:\Windows\System32\browser.dll2012-08-15 04:21:56 751104 ----a-w- C:\Windows\System32\win32spl.dll2012-08-15 04:21:56 67584 ----a-w- C:\Windows\splwow64.exe2012-08-15 04:21:55 559104 ----a-w- C:\Windows\System32\spoolsv.exe2012-08-15 04:21:55 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll2012-08-15 04:21:53 3146752 ----a-w- C:\Windows\System32\win32k.sys2012-08-15 04:21:51 956416 ----a-w- C:\Windows\System32\localspl.dll.==================== Find3M ====================.2012-07-03 18:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb2012-06-07 01:59:42 1070152 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX2012-06-06 05:50:50 2003968 ----a-w- C:\Windows\System32\msxml6.dll2012-06-06 05:50:50 1880064 ----a-w- C:\Windows\System32\msxml3.dll2012-06-06 05:09:46 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll2012-06-06 05:09:46 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll2012-06-02 20:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll2012-06-02 20:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe2012-06-02 05:38:26 95088 ----a-w- C:\Windows\System32\drivers\ksecdd.sys2012-06-02 05:38:24 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys2012-06-02 05:37:45 459216 ----a-w- C:\Windows\System32\drivers\cng.sys2012-06-02 05:27:02 340992 ----a-w- C:\Windows\System32\schannel.dll2012-06-02 05:27:00 307200 ----a-w- C:\Windows\System32\ncrypt.dll2012-06-02 04:48:39 22016 ----a-w- C:\Windows\SysWow64\secur32.dll2012-06-02 04:48:35 225280 ----a-w- C:\Windows\SysWow64\schannel.dll2012-06-02 04:47:31 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll2012-06-02 04:42:51 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll.============= FINISH: 14:46:15.91 =============== Link to post Share on other sites More sharing options...
MrCharlie Posted August 24, 2012 ID:589662 Share Posted August 24, 2012 If you still can't get online.......Give this a try.........Download and install Complete Internet Repair (it will just install to a folder)http://www.datum-for...ownloads/?did=4Open up the folder and run CIntRep.exePut check marks in the first 4 boxesNow Hit GoWhen done > RebootSee if it works now.MrC Link to post Share on other sites More sharing options...
becca3783 Posted August 24, 2012 Author ID:589674 Share Posted August 24, 2012 Did that. Rebooted, A window popped up again saying I'm missing FQ10. And it still won't go online Link to post Share on other sites More sharing options...
MrCharlie Posted August 24, 2012 ID:589694 Share Posted August 24, 2012 Try safe mode with network support, let me know.....MrC Link to post Share on other sites More sharing options...
becca3783 Posted August 25, 2012 Author ID:589808 Share Posted August 25, 2012 I'm in safe mode with networking. and it's online. Link to post Share on other sites More sharing options...
MrCharlie Posted August 25, 2012 ID:589888 Share Posted August 25, 2012 Read through this and see if any of it works:http://answers.micro...c0-662a70543bc2........also is there any reason you're using an old version of Malwarebytes? MrC Link to post Share on other sites More sharing options...
becca3783 Posted August 25, 2012 Author ID:589950 Share Posted August 25, 2012 Honestly, I didn't realize it was an older version. I haven't been prompted to update it. Link to post Share on other sites More sharing options...
MrCharlie Posted August 25, 2012 ID:589957 Share Posted August 25, 2012 Well don't update it now....I may want you to restore everything.Did you look through the link I gave you?MrC Link to post Share on other sites More sharing options...
becca3783 Posted August 25, 2012 Author ID:589971 Share Posted August 25, 2012 Scan showed nothing. Everything else is fine Link to post Share on other sites More sharing options...
MrCharlie Posted August 25, 2012 ID:589973 Share Posted August 25, 2012 You can get online now?? MrC Link to post Share on other sites More sharing options...
becca3783 Posted August 25, 2012 Author ID:589994 Share Posted August 25, 2012 Only in safe mode Link to post Share on other sites More sharing options...
MrCharlie Posted August 25, 2012 ID:590002 Share Posted August 25, 2012 Did you look through the link I gave you and try the suggestions??MrC Link to post Share on other sites More sharing options...
MrCharlie Posted August 28, 2012 ID:590794 Share Posted August 28, 2012 How are we doing??Do you still need help or can I close this post??MrC Link to post Share on other sites More sharing options...
becca3783 Posted August 28, 2012 Author ID:590976 Share Posted August 28, 2012 Sorry. I did all of that. Ended up taking it somewhere yesterday and got it fixed. Thank you very much. Link to post Share on other sites More sharing options...
Maurice Naggar Posted August 29, 2012 ID:591207 Share Posted August 29, 2012 Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you. Link to post Share on other sites More sharing options...
Recommended Posts