Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected and Now Internet doesnt work after cleaning


  • This topic is locked This topic is locked
7 replies to this topic

#1 jhazel

jhazel

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:56 PM

Posted 10 September 2010 - 08:59 PM

Hello, My name is Jhazel, and I had a nasty bit of malware that I cleaned out using Malwarebytes' Anti-Malware and then I used SUPERAntiSpyware Free Edition followed by installing and running Avira AntiVir. It cleaned it up as far as I can tell because I'm using the same computer to post this, but I can only access the internet using Firefox, and when I try to update my software to make sure all of my definitions are up to date it will not connect. When I try to use Internet Explorer I can't even connect to the internet. Any help would be very appreciated. I diagnosed the connection problem and this is the log that comes up:

Windows Network Diagnostics Publisher details

Issues found
The remote device or resource won't accept the connectionThe remote device or resource won't accept the connection
The device or resource (www.google.com) is not set up to accept connections on port "The World Wide Web service (HTTP)". Detected
Contact your network administrator Completed


Issues found Detection details

5 The remote device or resource won't accept the connection Detected

The device or resource (www.google.com) is not set up to accept connections on port "The World Wide Web service (HTTP)".
Contact your network administrator Completed

The computer or device you are trying to reach is available, but it doesn’t support what you’re trying to do. This might be a configuration issue or a limitation of the device.


Detection details

Network Diagnostics Log
File Name: D928FD82-DC13-4C20-A0E3-E018BDF31839.Diagnose.0.etl

Other Networking Configuration and Logs
File Name: NetworkConfiguration.cab

Collection information
Computer Name: OWNER-PC
Windows Version: 6.1
Architecture: amd64
Time: Friday, September 10, 2010 1:15:39 AM

Publisher details

Windows Network Diagnostics
Detects problems with network connectivity.
Package Version: 1.0
Publisher: Microsoft Windows



This was my original Malawar Log although when I run it now it says there are no infections:


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4586

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

9/9/2010 11:05:39 PM
mbam-log-2010-09-09 (23-05-39).txt

Scan type: Full scan (C:\|)
Objects scanned: 222052
Time elapsed: 39 minute(s), 46 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
C:\Users\Owner\AppData\Local\lvnpebmrn\hawtxdcuqiw.exe (Rogue.SecuritySuite) -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\wnxmal (Rogue.SecuritySuite) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\biuxarbf (Rogue.SecuritySuite) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Users\Owner\AppData\Local\lvnpebmrn\hawtxdcuqiw.exe (Rogue.SecuritySuite) -> Quarantined and deleted successfully.
C:\Users\Owner\AppData\Local\Temp\google.exe (Rogue.SecuritySuite) -> Quarantined and deleted successfully.


This was my log from the original scan with SuperAntiSpyware although like the previous log now it shows no infections:


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 09/10/2010 at 00:00 AM

Application Version : 4.41.1000

Core Rules Database Version : 5347
Trace Rules Database Version: 3159

Scan type : Complete Scan
Total Scan Time : 00:32:07

Memory items scanned : 734
Memory threats detected : 0
Registry items scanned : 12999
Registry threats detected : 0
File items scanned : 24740
File threats detected : 246

Adware.Tracking Cookie
cdn4.specificclick.net [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BW55DXYE ]
core.insightexpressai.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BW55DXYE ]
media.scanscout.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BW55DXYE ]
media2.myfoxdc.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BW55DXYE ]
msnbcmedia.msn.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BW55DXYE ]
objects.tremormedia.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BW55DXYE ]
s0.2mdn.net [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BW55DXYE ]
secure-us.imrworldwide.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BW55DXYE ]
C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\owner@msnportal.112.2o7[2].txt
C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\owner@imrworldwide[2].txt
C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\Low\owner@kontera[1].txt
.perf.overture.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.liveperson.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.liveperson.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.atdmt.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.atdmt.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.doubleclick.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.advertising.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.advertising.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.advertising.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.advertising.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.advertising.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.edgeadx.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.yieldmanager.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.247realmedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.oasn04.247realmedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.adbrite.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.adbrite.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.apmebf.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.fastclick.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.fastclick.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.fastclick.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.revsci.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.casalemedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.casalemedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.casalemedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.casalemedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.adxpose.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.chitika.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.casalemedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.casalemedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.examinercom.122.2o7.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.overture.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.overture.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.content.yieldmanager.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.advertising.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.interclick.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.interclick.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.a1.interclick.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.a1.interclick.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.a1.interclick.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.interclick.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.realmedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.mediaplex.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.bluestreak.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.zedo.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.zedo.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.zedo.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.adserver.adtechus.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.bs.serving-sys.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.adecn.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
r.unicornmedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
dc.tremormedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.allbritton.122.2o7.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.tribalfusion.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.collective-media.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.collective-media.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.collective-media.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.tracking.foxnews.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.imrworldwide.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.imrworldwide.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.tracking.foxnews.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.tracking.foxnews.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.revsci.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.kontera.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.kontera.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.kontera.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.247realmedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.ru4.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.ru4.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.cbs.112.2o7.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.pointroll.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.pointroll.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.interclick.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.questionmarket.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
platform.revenuestreet.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.realmedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.network.realmedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.realmedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.realmedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.lucidmedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.lucidmedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.lucidmedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.adserver.adtechus.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.revsci.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.mediaplex.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.overture.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.2o7.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.tacoda.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.tacoda.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.tacoda.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.tacoda.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.advertising.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.at.atwola.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.at.atwola.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.specificclick.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.specificclick.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.specificclick.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.specificclick.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.specificmedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.ru4.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.ru4.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.at.atwola.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.atwola.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
ar.atwola.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.ar.atwola.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.atwola.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.casalemedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.adbrite.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.eyewonder.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.www.burstnet.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
www.burstnet.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.burstnet.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.collective-media.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.lucidmedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.zillow.adbureau.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.zillow.adbureau.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
statse.webtrendslive.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.oasn04.247realmedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.zillow.adbureau.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
www.mlsfinder.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
www.mlsfinder.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.www.mlsfinder.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
www.mlsfinder.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
www.mlsfinder.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
www.mlsfinder.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.mlsfinder.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
affiliate.gwmtracker.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
affiliate.immstracker.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.intermundomedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.intermundomedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.intermundomedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.fastclick.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.realmedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.realmedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.trafficmp.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.trafficmp.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.trafficmp.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.adbrite.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.videoegg.adbureau.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.mediabrandsww.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.ru4.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.ru4.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.ru4.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.ru4.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.peoplefinders.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.peoplefinders.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.a1.interclick.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.2o7.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
www.burstbeacon.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.burstbeacon.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.2o7.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.2o7.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
www.googleadservices.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
www.googleadservices.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.atdmt.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.2o7.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.revsci.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.revsci.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.adtech.de [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.associatedcontent.112.2o7.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
jra.advertserve.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.revsci.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.collective-media.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.statcounter.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.revsci.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.fastclick.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
www.hbatrack.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.revsci.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.revsci.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.revsci.net [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.questionmarket.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
stat.onestat.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
stat.onestat.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.andomedia.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\cookies.sqlite ]



Here's the OTL Log, I just ran it:


OTL logfile created on: 9/10/2010 8:54:02 PM - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Owner\Desktop\PC Health
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 64.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287.61 Gb Total Space | 259.27 Gb Free Space | 90.14% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: OWNER-PC
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/09/06 11:22:26 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\PC Health\OTL.exe
PRC - [2010/08/25 17:01:28 | 000,323,944 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files (x86)\Uniblue\DriverScanner\driverscanner.exe
PRC - [2010/06/26 03:41:17 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010/06/26 03:41:08 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/03/02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2009/08/11 13:37:50 | 002,446,648 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
PRC - [2009/07/28 22:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009/07/14 21:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
PRC - [2009/07/13 17:24:00 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2009/07/13 00:35:58 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009/03/10 20:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe


========== Modules (SafeList) ==========

MOD - [2010/09/06 11:22:26 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\PC Health\OTL.exe
MOD - [2009/07/13 20:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/13 20:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/06/29 12:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2009/08/21 11:31:06 | 000,488,800 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2009/08/11 18:10:48 | 000,252,272 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2009/08/04 13:15:06 | 000,826,224 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2009/08/03 21:17:56 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/07/30 01:54:22 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/28 18:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/08/17 12:48:42 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/08/10 21:55:58 | 000,248,688 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2009/07/14 21:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe -- (ConfigFree Gadget Service)
SRV - [2009/03/10 20:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV:64bit: - [2010/03/02 13:35:01 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2010/02/17 13:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2010/02/17 13:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2010/02/16 14:24:00 | 000,081,072 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2009/09/09 13:11:58 | 000,943,616 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)
DRV:64bit: - [2009/08/05 21:04:06 | 000,222,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/07/30 23:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/30 21:58:42 | 000,236,544 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/30 14:07:12 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/07/24 17:57:08 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2009/07/20 19:48:32 | 000,274,480 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/14 17:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 05:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/07/07 10:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2009/06/22 19:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009/06/19 21:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/19 21:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/06/10 16:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/05 02:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?br...A&bmod=TSNA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?br...A&bmod=TSNA


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3250631313-659605060-4246142799-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig?brand=TSNA&bmod=TSNA
IE - HKU\S-1-5-21-3250631313-659605060-4246142799-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3250631313-659605060-4246142799-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig?brand=TSNA&bmod=TSNA
IE - HKU\S-1-5-21-3250631313-659605060-4246142799-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-3250631313-659605060-4246142799-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-3250631313-659605060-4246142799-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6092

========== FireFox ==========

FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/07/04 10:13:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/07/07 15:19:57 | 000,000,000 | ---D | M]

[2010/07/04 10:14:28 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2010/07/07 15:20:54 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ufdg6rz1.default\extensions
[2010/09/10 00:48:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - MRI_DISABLED - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3250631313-659605060-4246142799-1000..\Run: [DriverScanner] C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe (Uniblue Systems Limited)
O4 - HKU\S-1-5-21-3250631313-659605060-4246142799-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\windows\SysWow64\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy Software Installer.lnk = C:\Program Files (x86)\Best Buy Software Installer\Best Buy Software Installer.exe File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy Software Installer.lnk = C:\Program Files (x86)\Best Buy Software Installer\Best Buy Software Installer.exe File not found
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MRI_DISABLED [2010/06/12 12:05:30 | 000,000,000 | -H-D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3250631313-659605060-4246142799-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\S-1-5-21-3250631313-659605060-4246142799-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 33554432
O7 - HKU\S-1-5-21-3250631313-659605060-4246142799-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/09/10 01:15:54 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Diagnostics
[2010/09/10 00:55:32 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Avira
[2010/09/10 00:53:42 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\windows\SysNative\drivers\avipbb.sys
[2010/09/10 00:53:42 | 000,081,072 | ---- | C] (Avira GmbH) -- C:\windows\SysNative\drivers\avgntflt.sys
[2010/09/10 00:53:42 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\windows\SysWow64\drivers\avgntdd.sys
[2010/09/10 00:53:42 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\windows\SysWow64\drivers\avgntmgr.sys
[2010/09/10 00:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010/09/10 00:53:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2010/09/10 00:41:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
[2010/09/10 00:41:47 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Uniblue
[2010/09/10 00:41:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uniblue
[2010/09/09 23:21:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\SUPERAntiSpyware.com
[2010/09/09 23:21:59 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/09/09 23:21:50 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE
[2010/09/09 23:21:48 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/09/06 11:32:05 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Malwarebytes
[2010/09/06 11:31:58 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysWow64\drivers\mbamswissarmy.sys
[2010/09/06 11:31:57 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2010/09/06 11:31:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/09/06 11:31:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/09/06 11:30:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\PC Health
[2010/09/06 11:03:55 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\lvnpebmrn
[2010/08/25 19:26:40 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleaut32.dll
[2010/08/12 09:44:50 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2010/08/12 09:44:49 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2010/08/12 09:44:49 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2010/08/12 09:44:40 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2010/08/12 09:44:39 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2010/08/12 09:44:39 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2010/08/12 09:44:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2010/08/12 09:44:38 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2010/08/12 09:44:38 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2010/08/12 09:44:36 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rtutils.dll
[2010/08/12 09:44:36 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rtutils.dll
[2010/08/12 09:44:35 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\windows\SysWow64\iccvid.dll
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/09/10 20:54:18 | 001,310,720 | -HS- | M] () -- C:\Users\Owner\NTUSER.DAT
[2010/09/10 20:14:23 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2010/09/10 00:58:19 | 000,015,792 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/10 00:58:19 | 000,015,792 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/10 00:56:31 | 000,713,888 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2010/09/10 00:56:31 | 000,615,360 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2010/09/10 00:56:31 | 000,103,702 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2010/09/10 00:53:51 | 000,002,077 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010/09/10 00:51:05 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
[2010/09/10 00:50:49 | 3016,884,224 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/10 00:49:58 | 002,105,615 | -H-- | M] () -- C:\Users\Owner\AppData\Local\IconCache.db
[2010/09/10 00:41:44 | 000,001,109 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\DriverScanner.lnk
[2010/09/10 00:41:44 | 000,001,085 | ---- | M] () -- C:\Users\Public\Desktop\DriverScanner.lnk
[2010/09/09 23:28:43 | 000,000,824 | ---- | M] () -- C:\windows\SysNative\drivers\etc\tmvsthfud.bin
[2010/09/09 23:28:28 | 000,000,824 | ---- | M] () -- C:\windows\SysNative\drivers\etc\tmvsthfss.bin
[2010/09/09 23:21:50 | 000,001,819 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/09/06 11:32:01 | 000,001,020 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/13 08:58:06 | 000,343,552 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/09/10 00:53:51 | 000,002,077 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010/09/10 00:41:44 | 000,001,109 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\DriverScanner.lnk
[2010/09/10 00:41:44 | 000,001,085 | ---- | C] () -- C:\Users\Public\Desktop\DriverScanner.lnk
[2010/09/09 23:21:50 | 000,001,819 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/09/06 11:32:01 | 000,001,020 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/07/04 10:24:44 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/05/09 19:47:47 | 000,000,000 | ---- | C] () -- C:\windows\NDSTray.INI
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
< End of report >


BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,648 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:56 PM

Posted 21 September 2010 - 11:00 AM

Hello there, and sorry for the delay. I'll move this topic to the right forum.

Please run the fix below and let me know how things are afterwards.

OTL FIX
------------
We need to run an OTL Fix
  1. Please reopen on your desktop.
  2. Copy and Paste the following code into the textbox. Do not include the word "Code"
    CODE
    :otl
    IE - HKU\S-1-5-21-3250631313-659605060-4246142799-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
    IE - HKU\S-1-5-21-3250631313-659605060-4246142799-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
    IE - HKU\S-1-5-21-3250631313-659605060-4246142799-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6092

    :commands
    [emptytemp]
  3. Push
  4. OTL may ask to reboot the machine. Please do so if asked.
  5. Click .
  6. A report will open. Copy and Paste that report in your next reply.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#3 jhazel

jhazel
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:56 PM

Posted 21 September 2010 - 12:47 PM

Thank you so very much for getting back to me. I was now able to update my software. smile.gif Here is the log that was generated:

All processes killed
========== OTL ==========
HKU\S-1-5-21-3250631313-659605060-4246142799-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-21-3250631313-659605060-4246142799-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
HKU\S-1-5-21-3250631313-659605060-4246142799-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Owner
->Temp folder emptied: 141554706 bytes
->Temporary Internet Files folder emptied: 20335653 bytes
->Java cache emptied: 14715 bytes
->FireFox cache emptied: 38505169 bytes
->Flash cache emptied: 20809 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 15166280 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50333 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 206.00 mb


OTL by OldTimer - Version 3.2.11.0 log created on 09212010_123530

Files\Folders moved on Reboot...
C:\Users\Owner\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...


#4 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,648 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:56 PM

Posted 21 September 2010 - 01:22 PM

I'm glad to hear that. smile.gif

Please rerun OTL, click the NONE button, then change the value under Extra Registry back to "use safelist" and click Run Scan. Post me the resultin extra.txt together with a description of any remaining problems.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#5 jhazel

jhazel
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:56 PM

Posted 21 September 2010 - 02:34 PM

Here's the log:

OTL logfile created on: 9/21/2010 2:31:35 PM - Run 2
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Owner\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 71.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 287.61 Gb Total Space | 259.01 Gb Free Space | 90.05% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: OWNER-PC
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
< End of report >


#6 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,648 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:56 PM

Posted 21 September 2010 - 02:35 PM

Sorry, I need to see extra.txt. This is created when you run OTL with the Extra Registry Value set to Use Safelist.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#7 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,648 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:56 PM

Posted 27 September 2010 - 05:40 AM

Hello, are you still there?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#8 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,648 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:56 PM

Posted 04 October 2010 - 05:20 AM

Due to lack of feedback, this topic is now closed.

If you are the original topic starter and you need this topic reopened, please send me a PM.

Everyone else, please start a new topic.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users