Jump to content

Firefox injury


Recommended Posts

Hi there and thanks for the help.

I posted an earlier topic 2 days ago but have since updated firefox and an few other things so please just ignore the old one.

The main problem I am experiencing is that streaming content from Netfix and internet radio will load and play for about a minute then stop. If I reload the page it will continue to play but then again stops after a minute.

Other pages on Firefox, like Yahoo.com and others will either take a long long time to load or just stall and never load.

When I tried to download the newest version of Firefox, it would download 99% of it but never finish. I tried giving the download file a different name and was able to complete the download and install Firefox 5.0.1. I found this fishy and still am having the trouble with streaming playback.

The Malware bytes scan and the GMER rootkit scan both show 0 infected files.

I hope someone can look at this and maybe offer some advice.

Thank you

DDS (Ver_2011-07-14.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16421

Run by Honeybush at 8:00:19 on 2011-07-15

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1787.436 [GMT -10:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: PC Tools Firewall Plus *Enabled* {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}

.

============== Running Processes ===============

.

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\windows\system32\atiesrxx.exe

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE

C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe

C:\Program Files (x86)\PC Tools Firewall Plus\FWService.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\TODDSrv.exe

C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\windows\system32\atieclxx.exe

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\windows\system32\taskhost.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe

C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Users\Honeybush\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe

C:\Program Files (x86)\Freecorder\FLVSrvc.exe

C:\Windows\lightsource\lightSourceTray.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\PC Tools Firewall Plus\FirewallGUI.exe

C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\Program Files (x86)\Kodak\MediaImpression\ArcMonitor.exe

C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac

C:\Program Files\iPod\bin\iPodService.exe

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\agcp.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\windows\explorer.exe

C:\windows\system32\SearchProtocolHost.exe

C:\windows\System32\svchost.exe -k WerSvcGroup

C:\windows\system32\SearchFilterHost.exe

C:\windows\system32\conhost.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.yahoo.com

uSearch Bar = hxxp://www.google.com/ie

uSearch Page = hxxp://www.google.com

uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

uDefault_Search_URL = hxxp://www.google.com/ie

mStart Page = hxxp://www.yahoo.com

mDefault_Page_URL = hxxp://www.yahoo.com

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

uURLSearchHooks: FreeSoundRecorder Toolbar: {32b29df0-2237-4370-9a29-37cebb730e9b} - C:\Program Files (x86)\FreeSoundRecorder\tbFree.dll

mURLSearchHooks: FreeSoundRecorder Toolbar: {32b29df0-2237-4370-9a29-37cebb730e9b} - C:\Program Files (x86)\FreeSoundRecorder\tbFree.dll

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: FreeSoundRecorder Toolbar: {32b29df0-2237-4370-9a29-37cebb730e9b} - C:\Program Files (x86)\FreeSoundRecorder\tbFree.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Somoto Toolbar: {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - C:\Program Files (x86)\somototoolbar\vmntemplateX.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

TB: FreeSoundRecorder Toolbar: {32B29DF0-2237-4370-9A29-37CEBB730E9B} - C:\Program Files (x86)\FreeSoundRecorder\tbFree.dll

TB: Somoto Toolbar: {c3721e85-f0ac-4b7e-ae4c-3e738011dc9d} - C:\Program Files (x86)\somototoolbar\vmntemplateX.dll

TB: FreeSoundRecorder Toolbar: {32b29df0-2237-4370-9a29-37cebb730e9b} - C:\Program Files (x86)\FreeSoundRecorder\tbFree.dll

uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

uRun: [Google Update] "C:\Users\Honeybush\AppData\Local\Google\Update\GoogleUpdate.exe" /c

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60

mRun: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [00PCTFW] "C:\Program Files (x86)\PC Tools Firewall Plus\FirewallGUI.exe" -s

mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun: [Hercules DJ Series] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe /boot

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot

mRun: [ArcSoft MediaImpression Monitor] C:\Program Files (x86)\Kodak\MediaImpression\ArcMonitor.exe

mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

StartupFolder: C:\Users\HONEYB~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Honeybush\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\Users\HONEYB~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LAUNCH~1.LNK - C:\Windows\lightsource\lightSourceTray.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx

DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

TCP: NameServer = 192.168.200.1

TCP: Interfaces\{055175FB-9CEC-4BEA-A59A-7A4897DBCDB3} : DHCPNameServer = 192.168.200.1

TCP: Interfaces\{055175FB-9CEC-4BEA-A59A-7A4897DBCDB3}\452554E444E65647 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{055175FB-9CEC-4BEA-A59A-7A4897DBCDB3}\C696E6B6379737 : DHCPNameServer = 24.25.227.55 209.18.47.61 24.25.227.53

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp

x64-mSearchAssistant = hxxp://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MX6441

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE

x64-Run: [smoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe

x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe

x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe

x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe

x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe

x64-Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon

x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Honeybush\AppData\Roaming\Mozilla\Firefox\Profiles\3ywwx8rc.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2704262&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig

FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll

FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordlegacyext.dll

FF - component: C:\Users\Honeybush\AppData\Roaming\Mozilla\Firefox\Profiles\3ywwx8rc.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\components\RadioWMPCoreGecko19.dll

FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

FF - plugin: C:\Users\Honeybush\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll

FF - plugin: C:\Users\Honeybush\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

FF - plugin: C:\Users\Honeybush\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

============= SERVICES / DRIVERS ===============

.

R1 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2010-10-24 188928]

R1 pctgntdi;pctgntdi;C:\windows\System32\drivers\pctgntdi64.sys [2010-12-11 331368]

R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]

R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360]

R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\System32\drivers\vwififlt.sys [2009-7-13 59904]

R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2010-6-29 128752]

R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2010-8-15 202752]

R2 HerculesDJControlMP3;Hercules DJ Control MP3;C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [2011-1-22 20480]

R2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe [2010-8-15 123320]

R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe [2010-8-15 126392]

R2 PCToolsFirewallPlus;PC Tools Firewall Plus;C:\Program Files (x86)\PC Tools Firewall Plus\FWService.exe [2010-12-11 287024]

R3 amdkmdag;amdkmdag;C:\windows\System32\drivers\atipmdag.sys [2010-8-15 6403072]

R3 amdkmdap;amdkmdap;C:\windows\System32\drivers\atikmpag.sys [2010-8-15 188928]

R3 FwLnk;FwLnk Driver;C:\windows\System32\drivers\FwLnk.sys [2010-8-15 9216]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2010-3-4 75816]

R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\windows\System32\drivers\MpNWMon.sys [2010-10-24 40832]

R3 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2010-10-24 72064]

R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]

R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;C:\windows\System32\drivers\pctNdis-PacketFilter64.sys [2010-12-11 119688]

R3 pctNdisMP;PC Tools Driver;C:\windows\System32\drivers\pctNdis64.sys [2010-12-11 79000]

R3 pctplfw;pctplfw;C:\windows\System32\drivers\pctplfw64.sys [2010-12-11 179464]

R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-8-15 51512]

R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\System32\drivers\vwifimp.sys [2009-7-13 17920]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-17 135664]

S2 NIHardwareService;NIHardwareService;C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2011-3-9 5352960]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-17 135664]

S3 HDJCtrl;Hercules DJ Control MP3 Service;C:\windows\System32\drivers\HDJCtrl.sys [2011-1-22 28160]

S3 HDJMidi;Hercules DJ Control MP3 MIDI;C:\windows\System32\drivers\HDJMidi.sys [2011-1-22 221184]

S3 NMRKUSBA;Numark USB2 WDM;C:\windows\System32\drivers\nmrkusba.sys [2011-5-2 50240]

S3 NMRKUSBU;Numark USB2 driver;C:\windows\System32\drivers\nmrkusbu.sys [2011-5-2 398912]

S3 pctNdis;PC Tools Firewall Intermediate Filter Service;C:\windows\System32\drivers\pctNdis64.sys [2010-12-11 79000]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2010-8-15 232992]

S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2011-7-7 59392]

S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2011-2-18 51712]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2010-9-19 1255736]

.

=============== Created Last 30 ================

.

2011-07-15 07:33:58 8873296 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5E3767C0-8828-483A-B3B6-82AE4F25CB19}\mpengine.dll

2011-07-15 07:27:02 601424 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7C9972D6-F1DB-4088-AAA7-5587857FB11A}\gapaengine.dll

2011-07-15 06:47:59 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client

2011-07-15 06:47:41 -------- d-----w- C:\Program Files\Microsoft Security Client

2011-07-15 06:41:55 8873296 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1017CF3D-FF32-45BF-8ED2-C34C4B4DEB06}\mpengine.dll

2011-07-15 06:38:38 3137536 ----a-w- C:\windows\System32\win32k.sys

2011-07-15 06:38:00 362496 ----a-w- C:\windows\System32\wow64win.dll

2011-07-15 06:38:00 338944 ----a-w- C:\windows\System32\conhost.exe

2011-07-15 06:37:59 7680 ----a-w- C:\windows\SysWow64\instnm.exe

2011-07-15 06:37:59 5120 ----a-w- C:\windows\SysWow64\wow32.dll

2011-07-15 06:37:59 25600 ----a-w- C:\windows\SysWow64\setup16.exe

2011-07-15 06:37:59 243200 ----a-w- C:\windows\System32\wow64.dll

2011-07-15 06:37:59 214528 ----a-w- C:\windows\System32\winsrv.dll

2011-07-15 06:37:59 16384 ----a-w- C:\windows\System32\ntvdm64.dll

2011-07-15 06:37:59 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll

2011-07-15 06:37:59 13312 ----a-w- C:\windows\System32\wow64cpu.dll

2011-07-15 06:37:58 2048 ----a-w- C:\windows\SysWow64\user.exe

2011-07-10 16:50:38 -------- d-----w- C:\windows\System32\SPReview

2011-07-10 16:48:56 -------- d-----w- C:\windows\System32\EventProviders

2011-07-07 20:31:59 3650560 ----a-w- C:\windows\System32\MSVidCtl.dll

2011-07-07 20:30:59 551936 ----a-w- C:\windows\System32\localsec.dll

2011-07-07 20:29:59 82432 ----a-w- C:\windows\SysWow64\dot3cfg.dll

2011-07-07 20:28:58 4608 ----a-w- C:\windows\System32\drivers\en-US\kbdclass.sys.mui

2011-07-07 20:28:57 6144 ----a-w- C:\windows\System32\drivers\en-US\IPMIDrv.sys.mui

2011-07-07 20:28:45 209920 ----a-w- C:\windows\SysWow64\PkgMgr.exe

2011-07-07 20:28:45 189952 ----a-w- C:\windows\SysWow64\wdscore.dll

2011-07-07 20:28:35 323072 ----a-w- C:\windows\SysWow64\drvstore.dll

2011-07-07 20:28:35 257024 ----a-w- C:\windows\SysWow64\dpx.dll

2011-07-07 20:28:32 606208 ----a-w- C:\windows\SysWow64\wbem\fastprox.dll

2011-07-07 20:28:32 363008 ----a-w- C:\windows\SysWow64\wbemcomn.dll

2011-07-07 20:25:31 529408 ----a-w- C:\windows\System32\wbemcomn.dll

2011-07-07 20:25:31 524288 ----a-w- C:\windows\System32\wmicmiplugin.dll

2011-07-07 20:25:31 1225216 ----a-w- C:\windows\System32\wbem\wbemcore.dll

2011-07-07 20:25:17 933376 ----a-w- C:\windows\System32\SmiEngine.dll

2011-07-07 20:25:11 199168 ----a-w- C:\windows\System32\PkgMgr.exe

2011-07-07 20:24:41 422912 ----a-w- C:\windows\System32\drvstore.dll

2011-07-07 20:24:41 399872 ----a-w- C:\windows\System32\dpx.dll

2011-06-25 17:15:13 -------- d-----w- C:\Users\Honeybush\AppData\Local\{62AFD825-F634-433E-8716-4EC7395EE65F}

2011-06-20 01:21:56 11776 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll

2011-06-20 01:21:27 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared

2011-06-20 01:21:08 150712 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll

2011-06-20 01:20:56 105472 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll

.

==================== Find3M ====================

.

2011-07-10 17:05:56 152576 ----a-w- C:\windows\SysWow64\msclmd.dll

2011-07-10 17:05:55 175616 ----a-w- C:\windows\System32\msclmd.dll

2011-07-07 05:52:42 41272 ----a-w- C:\windows\SysWow64\drivers\mbamswissarmy.sys

2011-07-07 05:52:42 25912 ----a-w- C:\windows\System32\drivers\mbam.sys

2011-07-06 17:10:13 404640 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-06-03 06:56:38 421888 ----a-w- C:\windows\System32\KernelBase.dll

2011-06-03 05:57:52 44032 ----a-w- C:\windows\apppatch\acwow64.dll

2011-06-03 05:56:11 272384 ----a-w- C:\windows\SysWow64\KernelBase.dll

2011-06-03 03:48:32 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

2011-06-03 03:48:31 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

2011-06-03 03:48:31 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

2011-06-03 03:48:31 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

2011-05-24 11:42:55 404480 ----a-w- C:\windows\System32\umpnpmgr.dll

2011-05-24 10:40:05 64512 ----a-w- C:\windows\SysWow64\devobj.dll

2011-05-24 10:40:05 44544 ----a-w- C:\windows\SysWow64\devrtl.dll

2011-05-24 10:39:38 145920 ----a-w- C:\windows\SysWow64\cfgmgr32.dll

2011-05-24 10:37:54 252928 ----a-w- C:\windows\SysWow64\drvinst.exe

2011-05-12 06:18:31 286720 ----a-w- C:\windows\iun506.exe

2011-05-04 05:25:03 2315776 ----a-w- C:\windows\System32\tquery.dll

2011-05-04 05:22:25 778752 ----a-w- C:\windows\System32\mssvp.dll

2011-05-04 05:22:25 2223616 ----a-w- C:\windows\System32\mssrch.dll

2011-05-04 05:22:24 75264 ----a-w- C:\windows\System32\msscntrs.dll

2011-05-04 05:22:24 491520 ----a-w- C:\windows\System32\mssph.dll

2011-05-04 05:22:24 288256 ----a-w- C:\windows\System32\mssphtb.dll

2011-05-04 05:19:28 591872 ----a-w- C:\windows\System32\SearchIndexer.exe

2011-05-04 05:19:28 249856 ----a-w- C:\windows\System32\SearchProtocolHost.exe

2011-05-04 05:19:28 113664 ----a-w- C:\windows\System32\SearchFilterHost.exe

2011-05-04 04:34:43 1549312 ----a-w- C:\windows\SysWow64\tquery.dll

2011-05-04 04:32:02 666624 ----a-w- C:\windows\SysWow64\mssvp.dll

2011-05-04 04:32:01 337408 ----a-w- C:\windows\SysWow64\mssph.dll

2011-05-04 04:32:01 197120 ----a-w- C:\windows\SysWow64\mssphtb.dll

2011-05-04 04:32:01 1401344 ----a-w- C:\windows\SysWow64\mssrch.dll

2011-05-04 04:32:00 59392 ----a-w- C:\windows\SysWow64\msscntrs.dll

2011-05-04 04:28:31 86528 ----a-w- C:\windows\SysWow64\SearchFilterHost.exe

2011-05-04 04:28:31 427520 ----a-w- C:\windows\SysWow64\SearchIndexer.exe

2011-05-04 04:28:31 164352 ----a-w- C:\windows\SysWow64\SearchProtocolHost.exe

2011-05-03 05:29:29 976896 ----a-w- C:\windows\System32\inetcomm.dll

2011-05-03 04:30:02 741376 ----a-w- C:\windows\SysWow64\inetcomm.dll

2011-04-29 03:06:10 467456 ----a-w- C:\windows\System32\drivers\srv.sys

2011-04-29 03:05:49 410112 ----a-w- C:\windows\System32\drivers\srv2.sys

2011-04-29 03:05:37 168448 ----a-w- C:\windows\System32\drivers\srvnet.sys

2011-04-27 02:40:40 158208 ----a-w- C:\windows\System32\drivers\mrxsmb.sys

2011-04-27 02:39:40 289280 ----a-w- C:\windows\System32\drivers\mrxsmb10.sys

2011-04-27 02:39:37 128000 ----a-w- C:\windows\System32\drivers\mrxsmb20.sys

2011-04-25 05:33:51 1923968 ----a-w- C:\windows\System32\drivers\tcpip.sys

2011-04-25 02:34:03 499200 ----a-w- C:\windows\System32\drivers\afd.sys

2011-04-22 22:15:29 27520 ----a-w- C:\windows\System32\drivers\Diskdump.sys

.

============= FINISH: 8:02:36.40 ===============

Link to post
Share on other sites

  • Staff

Hi,

Keep in mind that malware doesn't just interrupt streaming for no reason. People who create malware have financial objectives in mind...

Please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

-screen317

Link to post
Share on other sites

OK,

downloading Combofix and doing some back-up now.

I'll post the logs as soon as I can.

The problem persists with youtube, real player, radio streams and netflix only playing for 30 sec then stopping and generally slow browsing on firefox.

thanks

Link to post
Share on other sites

OK

here is the ComboFix log and new DDS log:

ComboFix 11-07-21.04 - Honeybush 22/07/2011 10:59:27.1.1 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1787.796 [GMT -10:00]

Running from: c:\users\Honeybush\Downloads\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

FW: PC Tools Firewall Plus *Disabled* {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}

SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\somototoolbar\vmNTemplatex.dll

c:\users\Administrator\WINDOWS

c:\users\Honeybush\WINDOWS

.

.

((((((((((((((((((((((((( Files Created from 2011-06-22 to 2011-07-22 )))))))))))))))))))))))))))))))

.

.

2011-07-22 21:09 . 2011-07-22 21:09 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-07-22 21:09 . 2011-07-22 21:09 -------- d-----w- c:\users\Owner\AppData\Local\temp

2011-07-22 21:09 . 2011-07-22 21:09 -------- d-----w- c:\users\Owner.Pooter\AppData\Local\temp

2011-07-22 21:09 . 2011-07-22 21:09 -------- d-----w- c:\users\owner.Pooter.005\AppData\Local\temp

2011-07-22 21:09 . 2011-07-22 21:09 -------- d-----w- c:\users\owner.Pooter.004\AppData\Local\temp

2011-07-22 21:09 . 2011-07-22 21:09 -------- d-----w- c:\users\owner.Pooter.003\AppData\Local\temp

2011-07-22 21:09 . 2011-07-22 21:09 -------- d-----w- c:\users\owner.Pooter.002\AppData\Local\temp

2011-07-22 21:09 . 2011-07-22 21:09 -------- d-----w- c:\users\Owner.Pooter.000\AppData\Local\temp

2011-07-22 21:09 . 2011-07-22 21:09 -------- d-----w- c:\users\Administrator\AppData\Local\temp

2011-07-22 20:54 . 2011-07-22 20:55 -------- d-----w- C:\32788R22FWJFW

2011-07-22 18:28 . 2011-07-13 04:53 8578896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7B876381-B8AC-4B63-8AD0-9299D9EEC5F3}\mpengine.dll

2011-07-20 20:07 . 2011-05-04 14:52 476904 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

2011-07-20 20:07 . 2011-05-04 14:52 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll

2011-07-16 17:23 . 2011-06-07 20:10 8873296 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2011-07-15 07:27 . 2010-11-30 21:43 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7C9972D6-F1DB-4088-AAA7-5587857FB11A}\gapaengine.dll

2011-07-15 06:47 . 2011-07-15 06:47 -------- d-----w- c:\program files (x86)\Microsoft Security Client

2011-07-15 06:47 . 2011-07-15 06:48 -------- d-----w- c:\program files\Microsoft Security Client

2011-07-15 06:41 . 2011-06-07 17:10 8873296 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1017CF3D-FF32-45BF-8ED2-C34C4B4DEB06}\mpengine.dll

2011-07-15 06:38 . 2011-06-11 03:07 3137536 ----a-w- c:\windows\system32\win32k.sys

2011-07-15 06:38 . 2011-06-03 06:57 362496 ----a-w- c:\windows\system32\wow64win.dll

2011-07-15 06:38 . 2011-06-03 06:53 338944 ----a-w- c:\windows\system32\conhost.exe

2011-07-15 06:37 . 2011-06-03 06:57 243200 ----a-w- c:\windows\system32\wow64.dll

2011-07-15 06:37 . 2011-06-03 06:57 13312 ----a-w- c:\windows\system32\wow64cpu.dll

2011-07-15 06:37 . 2011-06-03 06:57 214528 ----a-w- c:\windows\system32\winsrv.dll

2011-07-15 06:37 . 2011-06-03 06:57 16384 ----a-w- c:\windows\system32\ntvdm64.dll

2011-07-15 06:37 . 2011-06-03 06:00 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll

2011-07-15 06:37 . 2011-06-03 05:57 25600 ----a-w- c:\windows\SysWow64\setup16.exe

2011-07-15 06:37 . 2011-06-03 05:56 5120 ----a-w- c:\windows\SysWow64\wow32.dll

2011-07-15 06:37 . 2011-06-03 03:53 7680 ----a-w- c:\windows\SysWow64\instnm.exe

2011-07-15 06:37 . 2011-06-03 03:53 2048 ----a-w- c:\windows\SysWow64\user.exe

2011-07-14 17:53 . 2011-07-14 17:53 -------- d-----w- c:\program files (x86)\Common Files\Java

2011-07-10 16:50 . 2011-07-10 16:50 -------- d-----w- c:\windows\system32\SPReview

2011-07-10 16:48 . 2011-07-10 16:48 -------- d-----w- c:\windows\system32\EventProviders

2011-07-07 21:25 . 2011-07-07 21:25 -------- d-----w- c:\program files (x86)\Apple Software Update

2011-07-07 20:31 . 2010-11-20 13:27 3650560 ----a-w- c:\windows\system32\MSVidCtl.dll

2011-07-07 20:30 . 2010-11-20 13:28 298104 ----a-w- c:\windows\system32\bcryptprimitives.dll

2011-07-07 20:29 . 2010-11-20 13:27 189952 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll

2011-07-07 20:28 . 2010-11-20 13:10 4608 ----a-w- c:\windows\system32\drivers\en-US\kbdclass.sys.mui

2011-07-07 20:28 . 2010-11-20 13:11 6144 ----a-w- c:\windows\system32\drivers\en-US\IPMIDrv.sys.mui

2011-07-07 20:28 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\wdscore.dll

2011-07-07 20:28 . 2010-11-20 12:17 209920 ----a-w- c:\windows\SysWow64\PkgMgr.exe

2011-07-07 20:28 . 2010-11-20 12:18 323072 ----a-w- c:\windows\SysWow64\drvstore.dll

2011-07-07 20:28 . 2010-11-20 12:18 257024 ----a-w- c:\windows\SysWow64\dpx.dll

2011-07-07 20:28 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll

2011-07-07 20:28 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll

2011-07-07 20:25 . 2010-11-20 13:27 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll

2011-07-07 20:25 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll

2011-07-07 20:25 . 2010-11-20 13:27 1225216 ----a-w- c:\windows\system32\wbem\wbemcore.dll

2011-07-07 20:25 . 2010-11-20 13:27 933376 ----a-w- c:\windows\system32\SmiEngine.dll

2011-07-07 20:25 . 2010-11-20 13:25 199168 ----a-w- c:\windows\system32\PkgMgr.exe

2011-07-07 20:24 . 2010-11-20 13:26 422912 ----a-w- c:\windows\system32\drvstore.dll

2011-07-07 20:24 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-07-20 19:57 . 2011-05-25 16:54 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-07-10 17:05 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll

2011-07-10 17:05 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll

2011-07-07 05:52 . 2010-11-19 16:05 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys

2011-07-07 05:52 . 2010-11-19 16:05 25912 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-06-03 05:57 . 2011-07-15 06:37 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2011-05-12 06:18 . 2011-05-12 06:17 286720 ----a-w- c:\windows\iun506.exe

2011-05-03 05:29 . 2011-06-14 19:39 976896 ----a-w- c:\windows\system32\inetcomm.dll

2011-05-03 04:30 . 2011-06-14 19:39 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll

2011-04-29 03:06 . 2011-06-14 19:39 467456 ----a-w- c:\windows\system32\drivers\srv.sys

2011-04-29 03:05 . 2011-06-14 19:39 410112 ----a-w- c:\windows\system32\drivers\srv2.sys

2011-04-29 03:05 . 2011-06-14 19:39 168448 ----a-w- c:\windows\system32\drivers\srvnet.sys

2011-04-27 02:40 . 2011-06-14 19:40 158208 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2011-04-27 02:39 . 2011-06-14 19:40 289280 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

2011-04-27 02:39 . 2011-06-14 19:40 128000 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys

2011-04-26 17:16 . 2011-04-26 17:16 159080 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10138.bin

2011-04-25 05:33 . 2011-06-14 19:40 1923968 ----a-w- c:\windows\system32\drivers\tcpip.sys

2011-04-25 02:34 . 2011-06-14 19:40 499200 ----a-w- c:\windows\system32\drivers\afd.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{32b29df0-2237-4370-9a29-37cebb730e9b}"= "c:\program files (x86)\FreeSoundRecorder\tbFree.dll" [2010-06-14 2734688]

.

[HKEY_CLASSES_ROOT\clsid\{32b29df0-2237-4370-9a29-37cebb730e9b}]

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{32b29df0-2237-4370-9a29-37cebb730e9b}]

2010-06-14 05:10 2734688 ----a-w- c:\program files (x86)\FreeSoundRecorder\tbFree.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{32b29df0-2237-4370-9a29-37cebb730e9b}"= "c:\program files (x86)\FreeSoundRecorder\tbFree.dll" [2010-06-14 2734688]

.

[HKEY_CLASSES_ROOT\clsid\{32b29df0-2237-4370-9a29-37cebb730e9b}]

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36 94208 ----a-w- c:\users\Honeybush\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36 94208 ----a-w- c:\users\Honeybush\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36 94208 ----a-w- c:\users\Honeybush\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-09-10 2988784]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-15 98304]

"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-10-06 1294136]

"Freecorder FLV Service"="c:\program files (x86)\Freecorder\FLVSrvc.exe" [2010-06-26 167936]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-30 421888]

"00PCTFW"="c:\program files (x86)\PC Tools Firewall Plus\FirewallGUI.exe" [2010-11-29 2676696]

"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]

"Hercules DJ Series"="c:\program files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe" [2010-09-14 1667368]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-06-08 421160]

"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2011-06-20 273544]

"ArcSoft MediaImpression Monitor"="c:\program files (x86)\Kodak\MediaImpression\ArcMonitor.exe" [2010-12-16 80448]

"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]

.

c:\users\Honeybush\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\Honeybush\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-5-25 24176560]

Launch tray.lnk - c:\windows\lightsource\lightSourceTray.exe [2004-8-26 439808]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-9-22 113664]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"midi1"=myokent.dll

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-19 138576]

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-18 135664]

R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-18 135664]

R3 HDJCtrl;Hercules DJ Control MP3 Service;c:\windows\system32\Drivers\HDJCtrl.sys [x]

R3 HDJMidi;Hercules DJ Control MP3 MIDI;c:\windows\system32\DRIVERS\HDJMidi.sys [x]

R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]

R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-12 282616]

R3 pctNdis;PC Tools Firewall Intermediate Filter Service;c:\windows\system32\DRIVERS\pctNdis64.sys [x]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]

R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]

R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-06 137560]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S1 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi64.sys [x]

S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]

S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 HerculesDJControlMP3;Hercules DJ Control MP3;c:\program files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [2010-12-23 20480]

S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2011-03-09 5352960]

S2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;c:\program files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe [2011-06-06 123320]

S2 PCCUJobMgr;Common Client Job Manager Service;c:\program files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe [2009-08-24 126392]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]

S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [x]

S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]

S3 NMRKUSBA;Numark USB2 WDM;c:\windows\system32\drivers\nmrkusba.sys [x]

S3 NMRKUSBU;Numark USB2 driver;c:\windows\system32\Drivers\nmrkusbu.sys [x]

S3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter64.sys [x]

S3 pctNdisMP;PC Tools Driver;c:\windows\system32\DRIVERS\pctNdis64.sys [x]

S3 pctplfw;pctplfw;c:\windows\System32\drivers\pctplfw64.sys [x]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

.

.

--- Other Services/Drivers In Memory ---

.

*Deregistered* - pctESPInject

.

Contents of the 'Scheduled Tasks' folder

.

2011-07-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-18 07:39]

.

2011-07-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-18 07:39]

.

2011-07-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2112743503-2679535884-373589343-1000Core.job

- c:\users\Honeybush\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-03 19:17]

.

2011-07-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2112743503-2679535884-373589343-1000UA.job

- c:\users\Honeybush\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-03 19:17]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36 97792 ----a-w- c:\users\Honeybush\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36 97792 ----a-w- c:\users\Honeybush\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36 97792 ----a-w- c:\users\Honeybush\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36 97792 ----a-w- c:\users\Honeybush\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]

"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]

"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-06 709976]

"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2007-10-26 652624]

"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-07 2114376]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 1436224]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x1

.

------- Supplementary Scan -------

.

uDefault_Search_URL = hxxp://www.google.com/ie

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.yahoo.com

mStart Page = hxxp://www.yahoo.com

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

TCP: DhcpNameServer = 192.168.200.1

FF - ProfilePath - c:\users\Honeybush\AppData\Roaming\Mozilla\Firefox\Profiles\3ywwx8rc.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig

FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=2&q=

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

Toolbar-Locked - (no file)

WebBrowser-{32B29DF0-2237-4370-9A29-37CEBB730E9B} - (no file)

HKLM-Run-(Default) - (no file)

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE

HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe

HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe

HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe

AddRemove-dBpowerAMP Musepack Codec - c:\windows\system32\SpoonUninstall.exe

AddRemove-dBpowerAMP Music Converter - c:\windows\system32\SpoonUninstall.exe

AddRemove-dBpowerAMP WMA V9 Codec - c:\windows\system32\SpoonUninstall.exe

AddRemove-Timewave Calculator - c:\windows\system32\javaws.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCCUJobMgr]

"ImagePath"="\"c:\program files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files (x86)\Norton PC Checkup\Engine\2.0.3.198\diMaster.dll\" /prefetch:1"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-2112743503-2679535884-373589343-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-2112743503-2679535884-373589343-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Bonjour\mDNSResponder.exe

c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE

c:\program files (x86)\PC Tools Firewall Plus\FWService.exe

.

**************************************************************************

.

Completion time: 2011-07-22 11:20:00 - machine was rebooted

ComboFix-quarantined-files.txt 2011-07-22 21:19

.

Pre-Run: 176,579,665,920 bytes free

Post-Run: 176,878,399,488 bytes free

.

- - End Of File - - 711940835CC943CC655BE57B86E75034

and the DDS log :

DDS (Ver_2011-07-14.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26

Run by Honeybush at 11:56:01 on 2011-07-22

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1787.684 [GMT -10:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: PC Tools Firewall Plus *Enabled* {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}

.

============== Running Processes ===============

.

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\windows\system32\atiesrxx.exe

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\atieclxx.exe

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE

C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe

C:\windows\system32\taskhost.exe

C:\windows\Explorer.EXE

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe

C:\windows\system32\Dwm.exe

C:\Program Files (x86)\PC Tools Firewall Plus\FWService.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\TODDSrv.exe

C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\windows\system32\SearchIndexer.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe

C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe

C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Users\Honeybush\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Windows\lightsource\lightSourceTray.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe

C:\Program Files (x86)\Freecorder\FLVSrvc.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\PC Tools Firewall Plus\FirewallGUI.exe

C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\Program Files (x86)\Kodak\MediaImpression\ArcMonitor.exe

C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\windows\system32\wbem\wmiprvse.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe

C:\windows\system32\sppsvc.exe

c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

C:\windows\system32\conhost.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.yahoo.com

uDefault_Search_URL = hxxp://www.google.com/ie

mStart Page = hxxp://www.yahoo.com

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

uURLSearchHooks: FreeSoundRecorder Toolbar: {32b29df0-2237-4370-9a29-37cebb730e9b} - C:\Program Files (x86)\FreeSoundRecorder\tbFree.dll

mURLSearchHooks: FreeSoundRecorder Toolbar: {32b29df0-2237-4370-9a29-37cebb730e9b} - C:\Program Files (x86)\FreeSoundRecorder\tbFree.dll

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: FreeSoundRecorder Toolbar: {32b29df0-2237-4370-9a29-37cebb730e9b} - C:\Program Files (x86)\FreeSoundRecorder\tbFree.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

TB: FreeSoundRecorder Toolbar: {32B29DF0-2237-4370-9A29-37CEBB730E9B} - C:\Program Files (x86)\FreeSoundRecorder\tbFree.dll

TB: FreeSoundRecorder Toolbar: {32b29df0-2237-4370-9a29-37cebb730e9b} - C:\Program Files (x86)\FreeSoundRecorder\tbFree.dll

uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60

mRun: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [00PCTFW] "C:\Program Files (x86)\PC Tools Firewall Plus\FirewallGUI.exe" -s

mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun: [Hercules DJ Series] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe /boot

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot

mRun: [ArcSoft MediaImpression Monitor] C:\Program Files (x86)\Kodak\MediaImpression\ArcMonitor.exe

mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

StartupFolder: C:\Users\HONEYB~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Honeybush\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\Users\HONEYB~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LAUNCH~1.LNK - C:\Windows\lightsource\lightSourceTray.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

TCP: NameServer = 192.168.200.1

TCP: Interfaces\{055175FB-9CEC-4BEA-A59A-7A4897DBCDB3} : DHCPNameServer = 192.168.200.1

TCP: Interfaces\{055175FB-9CEC-4BEA-A59A-7A4897DBCDB3}\452554E444E65647 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{055175FB-9CEC-4BEA-A59A-7A4897DBCDB3}\C696E6B6379737 : DHCPNameServer = 24.25.227.55 209.18.47.61 24.25.227.53

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE

x64-Run: [smoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe

x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe

x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe

x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe

x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe

x64-Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon

x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Honeybush\AppData\Roaming\Mozilla\Firefox\Profiles\3ywwx8rc.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig

FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=2&q=

FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

FF - plugin: C:\Users\Honeybush\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll

FF - plugin: C:\Users\Honeybush\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

FF - plugin: C:\Users\Honeybush\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

.

============= SERVICES / DRIVERS ===============

.

R1 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2010-10-24 188928]

R1 pctgntdi;pctgntdi;C:\windows\System32\drivers\pctgntdi64.sys [2010-12-11 331368]

R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]

R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360]

R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\System32\drivers\vwififlt.sys [2009-7-13 59904]

R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2010-6-29 128752]

R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2010-8-15 202752]

R2 HerculesDJControlMP3;Hercules DJ Control MP3;C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [2011-1-22 20480]

R2 NIHardwareService;NIHardwareService;C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2011-3-9 5352960]

R2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe [2010-8-15 123320]

R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe [2010-8-15 126392]

R2 PCToolsFirewallPlus;PC Tools Firewall Plus;C:\Program Files (x86)\PC Tools Firewall Plus\FWService.exe [2010-12-11 287024]

R3 amdkmdag;amdkmdag;C:\windows\System32\drivers\atipmdag.sys [2010-8-15 6403072]

R3 amdkmdap;amdkmdap;C:\windows\System32\drivers\atikmpag.sys [2010-8-15 188928]

R3 FwLnk;FwLnk Driver;C:\windows\System32\drivers\FwLnk.sys [2010-8-15 9216]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2010-3-4 75816]

R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\windows\System32\drivers\MpNWMon.sys [2010-10-24 40832]

R3 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2010-10-24 72064]

R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]

R3 NMRKUSBA;Numark USB2 WDM;C:\windows\System32\drivers\nmrkusba.sys [2011-5-2 50240]

R3 NMRKUSBU;Numark USB2 driver;C:\windows\System32\drivers\nmrkusbu.sys [2011-5-2 398912]

R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;C:\windows\System32\drivers\pctNdis-PacketFilter64.sys [2010-12-11 119688]

R3 pctNdisMP;PC Tools Driver;C:\windows\System32\drivers\pctNdis64.sys [2010-12-11 79000]

R3 pctplfw;pctplfw;C:\windows\System32\drivers\pctplfw64.sys [2010-12-11 179464]

R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-8-15 51512]

R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\System32\drivers\vwifimp.sys [2009-7-13 17920]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-17 135664]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-17 135664]

S3 HDJCtrl;Hercules DJ Control MP3 Service;C:\windows\System32\drivers\HDJCtrl.sys [2011-1-22 28160]

S3 HDJMidi;Hercules DJ Control MP3 MIDI;C:\windows\System32\drivers\HDJMidi.sys [2011-1-22 221184]

S3 pctNdis;PC Tools Firewall Intermediate Filter Service;C:\windows\System32\drivers\pctNdis64.sys [2010-12-11 79000]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2010-8-15 232992]

S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2011-7-7 59392]

S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2011-2-18 51712]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2010-9-19 1255736]

.

=============== Created Last 30 ================

.

2011-07-22 21:52:29 8578896 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F90647E0-179B-4CF7-8C77-7CA64E0E3822}\mpengine.dll

2011-07-22 20:55:21 98816 ----a-w- C:\windows\sed.exe

2011-07-22 20:55:21 256000 ----a-w- C:\windows\PEV.exe

2011-07-22 20:55:21 208896 ----a-w- C:\windows\MBR.exe

2011-07-22 20:55:10 -------- d-----w- C:\ComboFix

2011-07-20 20:07:35 476904 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

2011-07-20 20:07:35 472808 ----a-w- C:\windows\SysWow64\deployJava1.dll

2011-07-20 19:24:02 -------- d-----w- C:\Users\Honeybush\AppData\Local\{526E9B6D-F44A-4F7B-9520-4053504E2FBE}

2011-07-18 05:52:20 -------- d-----w- C:\Users\Honeybush\AppData\Local\{10EF739E-F247-4A50-B668-63001731C5A5}

2011-07-17 17:51:43 -------- d-----w- C:\Users\Honeybush\AppData\Local\{961F19E9-4B54-4853-9048-55A86BCBFFC9}

2011-07-16 17:23:22 8873296 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2011-07-15 07:27:02 601424 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7C9972D6-F1DB-4088-AAA7-5587857FB11A}\gapaengine.dll

2011-07-15 06:47:59 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client

2011-07-15 06:47:41 -------- d-----w- C:\Program Files\Microsoft Security Client

2011-07-15 06:41:55 8873296 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1017CF3D-FF32-45BF-8ED2-C34C4B4DEB06}\mpengine.dll

2011-07-15 06:38:38 3137536 ----a-w- C:\windows\System32\win32k.sys

2011-07-15 06:38:00 362496 ----a-w- C:\windows\System32\wow64win.dll

2011-07-15 06:38:00 338944 ----a-w- C:\windows\System32\conhost.exe

2011-07-15 06:37:59 7680 ----a-w- C:\windows\SysWow64\instnm.exe

2011-07-15 06:37:59 5120 ----a-w- C:\windows\SysWow64\wow32.dll

2011-07-15 06:37:59 25600 ----a-w- C:\windows\SysWow64\setup16.exe

2011-07-15 06:37:59 243200 ----a-w- C:\windows\System32\wow64.dll

2011-07-15 06:37:59 214528 ----a-w- C:\windows\System32\winsrv.dll

2011-07-15 06:37:59 16384 ----a-w- C:\windows\System32\ntvdm64.dll

2011-07-15 06:37:59 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll

2011-07-15 06:37:59 13312 ----a-w- C:\windows\System32\wow64cpu.dll

2011-07-15 06:37:58 2048 ----a-w- C:\windows\SysWow64\user.exe

2011-07-10 16:50:38 -------- d-----w- C:\windows\System32\SPReview

2011-07-10 16:48:56 -------- d-----w- C:\windows\System32\EventProviders

2011-07-07 20:31:59 3650560 ----a-w- C:\windows\System32\MSVidCtl.dll

2011-07-07 20:30:59 551936 ----a-w- C:\windows\System32\localsec.dll

2011-07-07 20:29:59 82432 ----a-w- C:\windows\SysWow64\dot3cfg.dll

2011-07-07 20:28:58 4608 ----a-w- C:\windows\System32\drivers\en-US\kbdclass.sys.mui

2011-07-07 20:28:57 6144 ----a-w- C:\windows\System32\drivers\en-US\IPMIDrv.sys.mui

2011-07-07 20:28:45 209920 ----a-w- C:\windows\SysWow64\PkgMgr.exe

2011-07-07 20:28:45 189952 ----a-w- C:\windows\SysWow64\wdscore.dll

2011-07-07 20:28:35 323072 ----a-w- C:\windows\SysWow64\drvstore.dll

2011-07-07 20:28:35 257024 ----a-w- C:\windows\SysWow64\dpx.dll

2011-07-07 20:28:32 606208 ----a-w- C:\windows\SysWow64\wbem\fastprox.dll

2011-07-07 20:28:32 363008 ----a-w- C:\windows\SysWow64\wbemcomn.dll

2011-07-07 20:25:31 529408 ----a-w- C:\windows\System32\wbemcomn.dll

2011-07-07 20:25:31 524288 ----a-w- C:\windows\System32\wmicmiplugin.dll

2011-07-07 20:25:31 1225216 ----a-w- C:\windows\System32\wbem\wbemcore.dll

2011-07-07 20:25:17 933376 ----a-w- C:\windows\System32\SmiEngine.dll

2011-07-07 20:25:11 199168 ----a-w- C:\windows\System32\PkgMgr.exe

2011-07-07 20:24:41 422912 ----a-w- C:\windows\System32\drvstore.dll

2011-07-07 20:24:41 399872 ----a-w- C:\windows\System32\dpx.dll

2011-06-25 17:15:13 -------- d-----w- C:\Users\Honeybush\AppData\Local\{62AFD825-F634-433E-8716-4EC7395EE65F}

.

==================== Find3M ====================

.

2011-07-20 19:57:58 404640 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-07-10 17:05:56 152576 ----a-w- C:\windows\SysWow64\msclmd.dll

2011-07-10 17:05:55 175616 ----a-w- C:\windows\System32\msclmd.dll

2011-07-07 05:52:42 41272 ----a-w- C:\windows\SysWow64\drivers\mbamswissarmy.sys

2011-07-07 05:52:42 25912 ----a-w- C:\windows\System32\drivers\mbam.sys

2011-06-03 06:56:38 421888 ----a-w- C:\windows\System32\KernelBase.dll

2011-06-03 05:57:52 44032 ----a-w- C:\windows\apppatch\acwow64.dll

2011-06-03 05:56:11 272384 ----a-w- C:\windows\SysWow64\KernelBase.dll

2011-06-03 03:48:32 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

2011-06-03 03:48:31 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

2011-06-03 03:48:31 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

2011-06-03 03:48:31 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

2011-05-24 11:42:55 404480 ----a-w- C:\windows\System32\umpnpmgr.dll

2011-05-24 10:40:05 64512 ----a-w- C:\windows\SysWow64\devobj.dll

2011-05-24 10:40:05 44544 ----a-w- C:\windows\SysWow64\devrtl.dll

2011-05-24 10:39:38 145920 ----a-w- C:\windows\SysWow64\cfgmgr32.dll

2011-05-24 10:37:54 252928 ----a-w- C:\windows\SysWow64\drvinst.exe

2011-05-12 06:18:31 286720 ----a-w- C:\windows\iun506.exe

2011-05-04 05:25:03 2315776 ----a-w- C:\windows\System32\tquery.dll

2011-05-04 05:22:25 778752 ----a-w- C:\windows\System32\mssvp.dll

2011-05-04 05:22:25 2223616 ----a-w- C:\windows\System32\mssrch.dll

2011-05-04 05:22:24 75264 ----a-w- C:\windows\System32\msscntrs.dll

2011-05-04 05:22:24 491520 ----a-w- C:\windows\System32\mssph.dll

2011-05-04 05:22:24 288256 ----a-w- C:\windows\System32\mssphtb.dll

2011-05-04 05:19:28 591872 ----a-w- C:\windows\System32\SearchIndexer.exe

2011-05-04 05:19:28 249856 ----a-w- C:\windows\System32\SearchProtocolHost.exe

2011-05-04 05:19:28 113664 ----a-w- C:\windows\System32\SearchFilterHost.exe

2011-05-04 04:34:43 1549312 ----a-w- C:\windows\SysWow64\tquery.dll

2011-05-04 04:32:02 666624 ----a-w- C:\windows\SysWow64\mssvp.dll

2011-05-04 04:32:01 337408 ----a-w- C:\windows\SysWow64\mssph.dll

2011-05-04 04:32:01 197120 ----a-w- C:\windows\SysWow64\mssphtb.dll

2011-05-04 04:32:01 1401344 ----a-w- C:\windows\SysWow64\mssrch.dll

2011-05-04 04:32:00 59392 ----a-w- C:\windows\SysWow64\msscntrs.dll

2011-05-04 04:28:31 86528 ----a-w- C:\windows\SysWow64\SearchFilterHost.exe

2011-05-04 04:28:31 427520 ----a-w- C:\windows\SysWow64\SearchIndexer.exe

2011-05-04 04:28:31 164352 ----a-w- C:\windows\SysWow64\SearchProtocolHost.exe

2011-05-03 05:29:29 976896 ----a-w- C:\windows\System32\inetcomm.dll

2011-05-03 04:30:02 741376 ----a-w- C:\windows\SysWow64\inetcomm.dll

2011-04-29 03:06:10 467456 ----a-w- C:\windows\System32\drivers\srv.sys

2011-04-29 03:05:49 410112 ----a-w- C:\windows\System32\drivers\srv2.sys

2011-04-29 03:05:37 168448 ----a-w- C:\windows\System32\drivers\srvnet.sys

2011-04-27 02:40:40 158208 ----a-w- C:\windows\System32\drivers\mrxsmb.sys

2011-04-27 02:39:40 289280 ----a-w- C:\windows\System32\drivers\mrxsmb10.sys

2011-04-27 02:39:37 128000 ----a-w- C:\windows\System32\drivers\mrxsmb20.sys

2011-04-25 05:33:51 1923968 ----a-w- C:\windows\System32\drivers\tcpip.sys

2011-04-25 02:34:03 499200 ----a-w- C:\windows\System32\drivers\afd.sys

.

============= FINISH: 11:58:10.59 ===============

Link to post
Share on other sites

  • Staff

Hi,

What graphics card are you currently running?

Next, please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the ActiveX control to install
  4. Click Start
  5. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  6. Click Scan
    Wait for the scan to finish
  7. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  8. Copy and paste that log as a reply to this topic

Next, download my Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Let me know how things are running now and what issues remain.

-screen317

Link to post
Share on other sites

Graphics card is:

ATI MOBILITY RADEON HD 4200 SERIES (on a toshiba laptop)

The ESET Online Scannner wouldn't run for some reason. It only gets as far as clicking yes to agree to terms and conditions and clicking start, then it opens a new window that is blank. I am running it in Explorer.

here is the log from the checkup:

Results of screen317's Security Check version 0.99.18

Windows 7 (UAC is enabled)

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

PC Tools Firewall Plus 7.0

WMI entry may not exist for antivirus; attempting automatic update.

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

Java 6 Update 26

Adobe Flash Player 10.3.181.34

Mozilla Firefox (x86 en-US..)

````````````````````````````````

Process Check:

objlist.exe by Laurent

Norton ccSvcHst.exe

Windows Defender MSMpEng.exe

Microsoft Security Essentials msseces.exe

PC Tools Firewall Plus FirewallGUI.exe

``````````End of Log````````````

same issues remain with the interruptions

ugh.......

Hi,

What graphics card are you currently running?

Next, please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the ActiveX control to install
  4. Click Start
  5. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  6. Click Scan
    Wait for the scan to finish
  7. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  8. Copy and paste that log as a reply to this topic

Next, download my Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Let me know how things are running now and what issues remain.

-screen317

Link to post
Share on other sites

  • Staff

Download the latest graphics card driver from here:

http://support.amd.com/us/gpudownload/windows/Pages/radeonmob_win7-64.aspx#1

Reboot and see if the issues persists.

If so, click start and type in Windows Update; click on it when it appears.

Download and install all available updates, including Internet Explorer 9. After it is installed, reboot, and see if the issue persists.

Link to post
Share on other sites

OK

I don't feel like I'm getting anywhere with this.

Graphics card driver update fails to install. It says the version of my graphics adapter is not supported.

I did the AMD Driver Autodetect to make sure it is the correct driver, but it wouldn't install.

Windows update has an update for "Microsoft Security Essentials Client Update Package" but fails to install. I've tried a couple times.

Also,

When running Super Anti Spyware program, I am getting 20-30 adware tracking cookies a day. I didn't have this before the streaming issues began.

In addition, the auto upadate from Firefox gives me a message from time to time that says "something is preventing Firefox from updating."

Link to post
Share on other sites

  • Staff

Is this only with Firefox? What happens in Internet Explorer?

Click Start --> Run, enter cmd.exe, and press Enter

In the black box that appears, enter this command exactly as shown:

chkdsk>"%userprofile%\desktop\chkdsk.txt"

Press Enter.

When it finishes, open chkdsk.txt on your Desktop and post its contents here.

-screen317

Link to post
Share on other sites

Hi,

the the problem is the same with IE. Things play for 45sec-1min then halt.

I've also tried google chrome and Safari and its the same.

sorry,

when I try to run the chkdsk cmd, this is the message I get:

Access Denied as you do not have sufficient privileges.

You have to invoke this utility running in elevated mode.

I'm guessing I need to run that as administrator?? which is confusing to me on windows 7.

I seem to have 5 different user accounts:

Owner, Guest, Administrator, Public, and Honeybush (the only one I use).

I don't know how to log on as administrator, I am always getting messages like this when running programs.

can you help please?

Link to post
Share on other sites

Chksdk txt:

The type of the file system is NTFS.

Volume label is TI105846W0F.

WARNING! F parameter not specified.

Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...

0 percent complete. (0 of 289280 file records processed)

0 percent complete. (18177 of 289280 file records processed)

0 percent complete. (21919 of 289280 file records processed)

1 percent complete. (28928 of 289280 file records processed)

1 percent complete. (42681 of 289280 file records processed)

2 percent complete. (57856 of 289280 file records processed)

2 percent complete. (86653 of 289280 file records processed)

3 percent complete. (86784 of 289280 file records processed)

3 percent complete. (102450 of 289280 file records processed)

4 percent complete. (115712 of 289280 file records processed)

4 percent complete. (140564 of 289280 file records processed)

5 percent complete. (144640 of 289280 file records processed)

5 percent complete. (170497 of 289280 file records processed)

6 percent complete. (173568 of 289280 file records processed)

7 percent complete. (202496 of 289280 file records processed)

8 percent complete. (231424 of 289280 file records processed)

9 percent complete. (260352 of 289280 file records processed)

289280 file records processed.

File verification completed.

1083 large file records processed.

0 bad file records processed.

0 EA records processed.

193 reparse records processed.

CHKDSK is verifying indexes (stage 2 of 3)...

11 percent complete. (6073 of 373634 index entries processed)

12 percent complete. (12570 of 373634 index entries processed)

13 percent complete. (19068 of 373634 index entries processed)

14 percent complete. (25565 of 373634 index entries processed)

15 percent complete. (32063 of 373634 index entries processed)

16 percent complete. (38560 of 373634 index entries processed)

17 percent complete. (45058 of 373634 index entries processed)

18 percent complete. (51555 of 373634 index entries processed)

19 percent complete. (58053 of 373634 index entries processed)

20 percent complete. (64550 of 373634 index entries processed)

21 percent complete. (71048 of 373634 index entries processed)

22 percent complete. (77545 of 373634 index entries processed)

23 percent complete. (84043 of 373634 index entries processed)

24 percent complete. (90540 of 373634 index entries processed)

25 percent complete. (97038 of 373634 index entries processed)

26 percent complete. (103535 of 373634 index entries processed)

27 percent complete. (110033 of 373634 index entries processed)

28 percent complete. (116530 of 373634 index entries processed)

29 percent complete. (123028 of 373634 index entries processed)

30 percent complete. (129525 of 373634 index entries processed)

31 percent complete. (136023 of 373634 index entries processed)

32 percent complete. (142520 of 373634 index entries processed)

33 percent complete. (149018 of 373634 index entries processed)

34 percent complete. (155515 of 373634 index entries processed)

35 percent complete. (162013 of 373634 index entries processed)

36 percent complete. (168510 of 373634 index entries processed)

37 percent complete. (175008 of 373634 index entries processed)

38 percent complete. (181505 of 373634 index entries processed)

39 percent complete. (188003 of 373634 index entries processed)

40 percent complete. (194500 of 373634 index entries processed)

41 percent complete. (200998 of 373634 index entries processed)

42 percent complete. (207495 of 373634 index entries processed)

43 percent complete. (213993 of 373634 index entries processed)

44 percent complete. (220490 of 373634 index entries processed)

45 percent complete. (226988 of 373634 index entries processed)

46 percent complete. (233485 of 373634 index entries processed)

47 percent complete. (239983 of 373634 index entries processed)

48 percent complete. (246480 of 373634 index entries processed)

49 percent complete. (252978 of 373634 index entries processed)

50 percent complete. (259475 of 373634 index entries processed)

51 percent complete. (265973 of 373634 index entries processed)

52 percent complete. (272470 of 373634 index entries processed)

53 percent complete. (278968 of 373634 index entries processed)

54 percent complete. (285465 of 373634 index entries processed)

54 percent complete. (289782 of 373634 index entries processed)

54 percent complete. (290077 of 373634 index entries processed)

54 percent complete. (290552 of 373634 index entries processed)

54 percent complete. (291241 of 373634 index entries processed)

54 percent complete. (291815 of 373634 index entries processed)

55 percent complete. (291963 of 373634 index entries processed)

55 percent complete. (292597 of 373634 index entries processed)

55 percent complete. (293145 of 373634 index entries processed)

55 percent complete. (293296 of 373634 index entries processed)

55 percent complete. (294193 of 373634 index entries processed)

55 percent complete. (294810 of 373634 index entries processed)

55 percent complete. (295860 of 373634 index entries processed)

55 percent complete. (296498 of 373634 index entries processed)

55 percent complete. (296953 of 373634 index entries processed)

55 percent complete. (297436 of 373634 index entries processed)

55 percent complete. (298173 of 373634 index entries processed)

56 percent complete. (298460 of 373634 index entries processed)

56 percent complete. (299176 of 373634 index entries processed)

56 percent complete. (299490 of 373634 index entries processed)

56 percent complete. (300249 of 373634 index entries processed)

56 percent complete. (300897 of 373634 index entries processed)

56 percent complete. (302655 of 373634 index entries processed)

56 percent complete. (303558 of 373634 index entries processed)

56 percent complete. (304124 of 373634 index entries processed)

56 percent complete. (304330 of 373634 index entries processed)

56 percent complete. (304494 of 373634 index entries processed)

56 percent complete. (304748 of 373634 index entries processed)

57 percent complete. (304958 of 373634 index entries processed)

57 percent complete. (305174 of 373634 index entries processed)

57 percent complete. (305908 of 373634 index entries processed)

57 percent complete. (308371 of 373634 index entries processed)

57 percent complete. (308600 of 373634 index entries processed)

57 percent complete. (308903 of 373634 index entries processed)

57 percent complete. (309213 of 373634 index entries processed)

57 percent complete. (309741 of 373634 index entries processed)

57 percent complete. (310319 of 373634 index entries processed)

57 percent complete. (310672 of 373634 index entries processed)

57 percent complete. (311041 of 373634 index entries processed)

57 percent complete. (311306 of 373634 index entries processed)

58 percent complete. (311455 of 373634 index entries processed)

58 percent complete. (311704 of 373634 index entries processed)

58 percent complete. (311775 of 373634 index entries processed)

58 percent complete. (312106 of 373634 index entries processed)

58 percent complete. (312270 of 373634 index entries processed)

58 percent complete. (312456 of 373634 index entries processed)

58 percent complete. (312621 of 373634 index entries processed)

58 percent complete. (312756 of 373634 index entries processed)

58 percent complete. (312954 of 373634 index entries processed)

58 percent complete. (313119 of 373634 index entries processed)

58 percent complete. (313571 of 373634 index entries processed)

58 percent complete. (314046 of 373634 index entries processed)

58 percent complete. (314332 of 373634 index entries processed)

58 percent complete. (314655 of 373634 index entries processed)

58 percent complete. (315163 of 373634 index entries processed)

58 percent complete. (315864 of 373634 index entries processed)

58 percent complete. (316299 of 373634 index entries processed)

58 percent complete. (316467 of 373634 index entries processed)

58 percent complete. (316861 of 373634 index entries processed)

58 percent complete. (317052 of 373634 index entries processed)

58 percent complete. (317104 of 373634 index entries processed)

58 percent complete. (317174 of 373634 index entries processed)

58 percent complete. (317303 of 373634 index entries processed)

58 percent complete. (317870 of 373634 index entries processed)

59 percent complete. (317953 of 373634 index entries processed)

59 percent complete. (318365 of 373634 index entries processed)

59 percent complete. (318632 of 373634 index entries processed)

59 percent complete. (318878 of 373634 index entries processed)

59 percent complete. (319177 of 373634 index entries processed)

59 percent complete. (319550 of 373634 index entries processed)

59 percent complete. (319665 of 373634 index entries processed)

59 percent complete. (319778 of 373634 index entries processed)

59 percent complete. (320025 of 373634 index entries processed)

59 percent complete. (320514 of 373634 index entries processed)

59 percent complete. (320859 of 373634 index entries processed)

59 percent complete. (321044 of 373634 index entries processed)

59 percent complete. (321121 of 373634 index entries processed)

59 percent complete. (321253 of 373634 index entries processed)

59 percent complete. (321653 of 373634 index entries processed)

59 percent complete. (321993 of 373634 index entries processed)

59 percent complete. (322312 of 373634 index entries processed)

59 percent complete. (322819 of 373634 index entries processed)

59 percent complete. (323891 of 373634 index entries processed)

59 percent complete. (324076 of 373634 index entries processed)

59 percent complete. (324241 of 373634 index entries processed)

59 percent complete. (324344 of 373634 index entries processed)

60 percent complete. (324450 of 373634 index entries processed)

60 percent complete. (324666 of 373634 index entries processed)

60 percent complete. (324894 of 373634 index entries processed)

60 percent complete. (325382 of 373634 index entries processed)

60 percent complete. (325912 of 373634 index entries processed)

60 percent complete. (326003 of 373634 index entries processed)

60 percent complete. (326211 of 373634 index entries processed)

60 percent complete. (326458 of 373634 index entries processed)

60 percent complete. (327701 of 373634 index entries processed)

60 percent complete. (327859 of 373634 index entries processed)

60 percent complete. (328229 of 373634 index entries processed)

60 percent complete. (328252 of 373634 index entries processed)

60 percent complete. (328341 of 373634 index entries processed)

60 percent complete. (329102 of 373634 index entries processed)

60 percent complete. (330016 of 373634 index entries processed)

60 percent complete. (330671 of 373634 index entries processed)

60 percent complete. (330910 of 373634 index entries processed)

61 percent complete. (330948 of 373634 index entries processed)

61 percent complete. (331047 of 373634 index entries processed)

61 percent complete. (331191 of 373634 index entries processed)

61 percent complete. (331319 of 373634 index entries processed)

373634 index entries processed.

Index verification completed.

67 percent complete. (1 of 0 unindexed files scanned)

0 unindexed files scanned.

0 unindexed files recovered.

CHKDSK is verifying security descriptors (stage 3 of 3)...

67 percent complete. (0 of 289280 file SDs/SIDs processed)

68 percent complete. (8388 of 289280 file SDs/SIDs processed)

69 percent complete. (27881 of 289280 file SDs/SIDs processed)

69 percent complete. (46593 of 289280 file SDs/SIDs processed)

70 percent complete. (47373 of 289280 file SDs/SIDs processed)

70 percent complete. (52993 of 289280 file SDs/SIDs processed)

71 percent complete. (66866 of 289280 file SDs/SIDs processed)

72 percent complete. (86358 of 289280 file SDs/SIDs processed)

73 percent complete. (105851 of 289280 file SDs/SIDs processed)

74 percent complete. (125343 of 289280 file SDs/SIDs processed)

75 percent complete. (144836 of 289280 file SDs/SIDs processed)

76 percent complete. (164328 of 289280 file SDs/SIDs processed)

77 percent complete. (183821 of 289280 file SDs/SIDs processed)

78 percent complete. (203313 of 289280 file SDs/SIDs processed)

79 percent complete. (222806 of 289280 file SDs/SIDs processed)

80 percent complete. (242298 of 289280 file SDs/SIDs processed)

81 percent complete. (261791 of 289280 file SDs/SIDs processed)

82 percent complete. (281283 of 289280 file SDs/SIDs processed)

289280 file SDs/SIDs processed.

Security descriptor verification completed.

42178 data files processed.

CHKDSK is verifying Usn Journal...

99 percent complete. (0 of 36589960 USN bytes processed)

100 percent complete. (36585472 of 36589960 USN bytes processed)

36589960 USN bytes processed.

Usn Journal verification completed.

Windows has checked the file system and found no problems.

301600767 KB total disk space.

135740592 KB in 206932 files.

112532 KB in 42179 indexes.

0 KB in bad sectors.

407783 KB in use by the system.

65536 KB occupied by the log file.

165339860 KB available on disk.

4096 bytes in each allocation unit.

75400191 total allocation units on disk.

41334965 allocation units available on disk.

Link to post
Share on other sites

Hi,

thanks for the help, I appreciate it.

I've tried updating the graphics driver and it made no difference. Still stalling out, so at this point I'm just going to do reinstall of Windows and start over.

You are right in that it doesn't look like an infection at all, yet I couldn't see what was the matter.

oh well

thanks again

Link to post
Share on other sites

Ok I'm back again with a clean system after a re-install of everything and the previous connection issues are resolved. However, I seem to be getting a large amount of tracking cookies that appear everyday. I remove them and they show up again the next day.

Is there a way of getting to the source of these cookies and keeping them away?

Link to post
Share on other sites

  • Staff

Hi,

Cookies are cookies. If you are connected to the Internet, you get cookies. They aren't harmful..

You can use CCleaner to remove them but there's no reason to "block" them:

Please download CCleaner and save it to your desktop.

  • Run the CCleaner installer.
  • During installation process, please UNCHECK "Add CCleaner Yahoo! Toolbar".
  • Please do NOT run a scan yet!

Now, open CCleaner:

  • Click the "Windows" tab.
  • Select the following:
    • Check everything under the "Internet Explorer" section.
    • Check everything under the "Windows Explorer" section.
    • Check everything under the "System" section.
    • Check ONLY "Old Prefetch data" under the "Advanced" section.

    [*]Then, click the "Applications" tab:

    • CHECK everything there.

    [*]Next, click the "Options" button in the left pane, then click the "Advanced" button:

    • CHECK : "Only delete files in Windows Temp folders older than 48 hours".

    [*]Next, click the "Cleaner" button in the left pane, then click the "Run Cleaner" button (bottom right), click "OK" at the prompt.

    [*]When done, please exit CCleaner.

CAUTION: Please do NOT use the "Issues" button in the left pane. This is a built-in registry cleaner. If you don’t know how to use it, you may cause irreparable damage to your system.

Link to post
Share on other sites

  • 2 weeks later...
  • 3 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.