Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ClickPotato lite and a ton of malware


  • This topic is locked This topic is locked
18 replies to this topic

#1 kattalksalot

kattalksalot

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Oceanside, CA
  • Local time:09:03 AM

Posted 12 December 2010 - 07:03 PM

I bought this new computer--Inspiron One--and I've been trying to follow the guides on the computer to get it running up to par, using the online backup, all the Windows updates, I did remove the McAffee security suite they had installed and instead downloaded and installed AVG 10.0.1170free edition. Well, yesterday I noticed a couple weird things--a couple programs I never added are on this, Clickpotato lite and Smart Shopper? I can't seem to uninstall or delete them. Also, I have a ton of ads on my computer, like a screen-saver, and a program called Blinkx? Is that normal? I don't want a bunch of retarded ads on my computer I did not ask for. I am paying an awful lot of money to have a good computer--I don't want ads on it, you know what I mean. Oh, and now my AVG says there is 3 entries called liveperson which are potentially dangerous, but it cannot do anything about it. And, my spybot found 36 entries in red (baaaaaaad!) but could not fix but 2, cause they weren't accessible?

I am using Windows 7 64 bit preinstalled on this All in One computer. I am so frustrated, I almost wish I'd never bought it. So far I have only been on facebook but my son was doing some kind of gaming he said was "streamed".


According to AVG: on the 9th (I got this computer delivered on the 8th): 19 spyware.. on the 12th (today), 4 separate scans showed 88/88 warnings in one, 6/3 in another, 6/6 in another, and 15/15 in another. The day is only half over.

I would be so grateful if someone could help me. Thank you, kindly.

~Kat~


DDS (Ver_10-12-12.02) - NTFS_AMD64
Run by Kat at 15:09:19.99 on Sun 12/12/2010
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.8188.5883 [GMT -8:00]

AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\PROGRA~2\AVG\AVG10\avgchsva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Dell\OSD\DellOSDservice.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
C:\Program Files (x86)\AVG\AVG10\avgemca.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files (x86)\Multimedia Card Reader(6366)\ShwiconXP6366.exe
C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\PROGRA~2\AVG\AVG10\avgrsa.exe
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\components\scheduler\stservice.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe
C:\Program Files (x86)\Cobian Backup 10\Cobian.exe
C:\Program Files (x86)\Cobian Backup 10\cbInterface.exe
C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Kat\Desktop\Defogger.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Kat\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_Mp3Tube_homepage&prt=pinballtb04ie&clid=8177b6fbaf7c4a9c87bf10ac7d0bf250
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
mWinlogon: Userinit=userinit.exe
BHO: ShopperReports: {100eb1fd-d03e-47fd-81f3-ee91287f9465} - C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\ShopperReports.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: FAIESSOHelper Class: {a2f122da-055f-4df7-8f24-7354dbdba85b} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {46897C77-E7A6-4C33-BFFB-E9C2E2718942} - No File
EB: ShopperReports Price Comparison: {a7cddcdc-beeb-4685-a062-978f5e07ceee} - C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\ShopperReports.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
mRun: [ShwiconXP6366] c:\Program Files (x86)\Multimedia Card Reader(6366)\ShwiconXP6366.exe
mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [UCam_Menu] "C:\Program Files (x86)\Dell\Dell TouchCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Dell\Dell TouchCam" UpdateWithCreateOnce "Software\CyberLink\Dell TouchCam\1.1"
mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
mRun: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun: [BDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
mRun: [FAStartup]
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
mRunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
mRunOnce: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} - {7A3D6D17-9DD5-4C60-8076-D1784DABAF8C} - C:\Program Files (x86)\ClickPotatoLite\bin\10.0.627.0\ClickPotatoLiteSABHO.dll
IE: {C5428486-50A0-4a02-9D20-520B59A9F9B2} - {C9CCBB35-D123-4a31-AFFC-9B2933132116} - C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\ShopperReports.dll
IE: {C5428486-50A0-4a02-9D20-520B59A9F9B3} - {A16AD1E9-F69A-45af-9462-B1C286708842} - C:\Program Files (x86)\ShopperReports3\bin\3.0.517.0\ShopperReports.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: FastAccess - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll
LSA: Notification Packages = scecli FAPassSync
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB-X64: {46897C77-E7A6-4C33-BFFB-E9C2E2718942} - No File
EB-X64: {A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} - No File
mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
mRun-x64: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe
mRun-x64: [RunDLLEntry_THXCfg] C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
mRun-x64: [RunDLLEntry_EptMon] C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64
mRun-x64: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj"
Hosts: 127.0.0.1 www.spywareinfo.com

================= FIREFOX ===================

FF - ProfilePath - C:\Users\Kat\AppData\Roaming\Mozilla\Firefox\Profiles\ze07d082.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig
FF - prefs.js: keyword.URL - hxxp://mp3tubetoolbarsearch.com/?prt=pinballtb02ff&Keywords=
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox\components\avgssff.dll
FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: C:\Users\Kat\AppData\Roaming\Mozilla\Firefox\Profiles\ze07d082.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: C:\Users\Kat\AppData\Roaming\Mozilla\Firefox\Profiles\ze07d082.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npclntax_ClickPotatoLiteSA.dll
FF - plugin: C:\Program Files (x86)\Virtual Earth 3D\npVE3D.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - C:\Program Files (x86)\AVG\AVG10\Firefox
FF - Ext: AVG Security Toolbar em:version=6.010.023.001 em:displayname=AVG Security Toolbar em:iconURL=chrome://tavgp/skin/logo.ico em:creator=AVG Technologies em:description=AVG Security Toolbar em:homepageURL=http://www.avg.com >: avg@igeared - C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared
FF - Ext: FoxTab: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} - %profile%\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Screengrab: {02450954-cdd9-410f-b1da-db804e18c671} - %profile%\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
FF - Ext: StumbleUpon: {AE93811A-5C9A-4d34-8462-F7B864FC4696} - %profile%\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
FF - Ext: FacePAD: Facebook Photo Album Downloader: facepad@lazyrussian.com - %profile%\extensions\facepad@lazyrussian.com
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

---- FIREFOX POLICIES ----
FF - user.js: keyword.URL - hxxp://mp3tubetoolbarsearch.com/?prt=pinballtb02ff&Keywords=
FF - user.js: keyword.enabled - 1

============= SERVICES / DRIVERS ===============

R0 AVGIDSEH;AVGIDSEH;C:\Windows\System32\drivers\AVGIDSEH.sys [2010-9-13 27216]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2010-9-7 30288]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-11-4 55280]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2010-9-7 305232]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2010-9-7 41040]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2010-11-9 382032]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-9-22 203264]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-11-10 6127184]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400]
R2 cbVSCService;Cobian Backup 10 Volume Shadow Copy service;C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe [2010-12-12 67584]
R2 DellOSDservice;DellOSDservice;C:\Program Files\Dell\OSD\DellOSDservice.exe [2010-7-5 7168]
R2 FAService;FAService;C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2010-4-4 2409800]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-12-8 1153368]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-11-4 689472]
R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2010-9-22 6858240]
R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2010-9-22 264192]
R3 AVerPola;AVerMedia USB Polaris Series Capture Service;C:\Windows\System32\drivers\AVerPola.sys [2010-9-22 371072]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\AVGIDSDriver.sys [2010-8-19 157264]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\AVGIDSFilter.sys [2010-8-19 35920]
R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\System32\drivers\bcmvwl64.sys [2010-9-22 20984]
R3 FACAP;facap, FastAccess Video Capture;C:\Windows\System32\drivers\facap.sys [2008-9-24 238848]
R3 nuviocir;Nuvoton W836x7HG CIR Device Driver;C:\Windows\System32\drivers\nuviocir_win7_x64.sys [2010-11-4 33792]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-9-22 344680]
S2 CLKMSVC10_9EC60124;CyberLink Product - 2010/11/04 15:23:22;C:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe [2010-4-26 232944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2010-12-8 517448]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-12-8 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-8 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

=============== Created Last 30 ================

2010-12-12 18:39:05 -------- d-----w- C:\Users\Kat\AppData\Local\Safe mirror
2010-12-12 18:38:36 -------- d-----w- C:\Program Files (x86)\Cobian Backup 10
2010-12-12 06:16:00 -------- d-----w- C:\Users\Kat\AppData\Local\Google
2010-12-10 19:14:52 -------- d-----w- C:\Users\Kat\AppData\Roaming\Macrovision
2010-12-10 18:43:20 -------- d-----w- C:\Users\Kat\AppData\Local\Dell Edoc Viewer
2010-12-10 06:56:00 -------- d-----w- C:\Program Files (x86)\ConvertHelper
2010-12-10 06:50:21 -------- d-----w- C:\Users\Kat\dwhelper
2010-12-09 23:56:54 -------- d--h--w- C:\$AVG
2010-12-09 10:43:47 -------- d-----w- C:\Program Files (x86)\ResultBar
2010-12-09 10:43:47 -------- d-----w- C:\PROGRA~3\ResultBar
2010-12-09 10:43:39 -------- d-----w- C:\Program Files (x86)\Blinkx
2010-12-09 10:43:30 -------- d-----w- C:\Users\Kat\AppData\Roaming\ClickPotatoLite
2010-12-09 10:43:30 -------- d-----w- C:\Program Files (x86)\ClickPotatoLite
2010-12-09 10:43:30 -------- d-----w- C:\PROGRA~3\ClickPotatoLiteSA
2010-12-09 10:43:20 -------- d-----w- C:\Users\Kat\AppData\Roaming\ShopperReports3
2010-12-09 10:43:20 -------- d-----w- C:\Program Files (x86)\ShopperReports3
2010-12-08 22:36:46 -------- d-----w- C:\Windows\en
2010-12-08 22:35:03 48488 ----a-w- C:\Windows\System32\drivers\fssfltr.sys
2010-12-08 22:34:18 -------- d-----w- C:\Program Files (x86)\MSN Toolbar
2010-12-08 22:34:08 -------- d-----w- C:\Program Files (x86)\Bing Bar Installer
2010-12-08 22:34:06 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll
2010-12-08 22:34:06 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll
2010-12-08 22:34:06 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll
2010-12-08 22:34:06 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
2010-12-08 22:34:03 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll
2010-12-08 22:34:03 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll
2010-12-08 22:04:14 469256 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\d8e59b3d1cb97232d\InstallManager_WLE_WLE.exe
2010-12-08 22:03:54 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\cd8d63361cb972322\MeshBetaRemover.exe
2010-12-08 22:03:38 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c3ce20ad1cb97231a\DXSETUP.exe
2010-12-08 22:03:37 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c3ce20ad1cb97231a\DSETUP.dll
2010-12-08 22:03:37 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c3ce20ad1cb97231a\dsetup32.dll
2010-12-08 22:03:36 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c28f81831cb972319\DSETUP.dll
2010-12-08 22:03:36 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c28f81831cb972319\DXSETUP.exe
2010-12-08 22:03:36 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c28f81831cb972319\dsetup32.dll
2010-12-08 22:02:52 -------- d-----w- C:\Users\Kat\AppData\Local\Windows Live
2010-12-08 22:02:32 4068864 ----a-w- C:\Windows\System32\mf.dll
2010-12-08 22:02:32 257024 ----a-w- C:\Windows\System32\mfreadwrite.dll
2010-12-08 22:02:32 206848 ----a-w- C:\Windows\System32\mfps.dll
2010-12-08 22:02:32 196608 ----a-w- C:\Windows\SysWow64\mfreadwrite.dll
2010-12-08 22:02:32 1888256 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2010-12-08 22:02:32 1619456 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2010-12-08 22:02:31 3181568 ----a-w- C:\Windows\SysWow64\mf.dll
2010-12-08 22:02:03 -------- d-----w- C:\Windows\SysWow64\Wat
2010-12-08 22:02:02 -------- d-----w- C:\Windows\System32\Wat
2010-12-08 21:41:37 -------- d-----w- C:\Windows\SysWow64\Adobe
2010-12-08 16:07:00 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2010-12-08 16:07:00 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2010-12-08 16:07:00 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2010-12-08 16:07:00 444752 ----a-w- C:\Windows\System32\mscoree.dll
2010-12-08 16:07:00 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2010-12-08 16:07:00 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2010-12-08 16:07:00 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2010-12-08 16:07:00 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2010-12-08 16:07:00 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2010-12-08 16:07:00 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2010-12-08 16:01:37 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2010-12-08 16:00:40 3123712 ----a-w- C:\Windows\System32\win32k.sys
2010-12-08 13:51:35 -------- d-----w- C:\Users\Kat\AppData\Local\AVG Security Toolbar
2010-12-08 13:40:21 -------- d-----w- C:\Users\Kat\AppData\Roaming\AVG10
2010-12-08 13:39:11 8199504 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{8D928DA0-4FA1-4992-B198-E83B94CA0BC9}\mpengine.dll
2010-12-08 13:39:11 270720 ------w- C:\Windows\System32\MpSigStub.exe
2010-12-08 13:39:07 -------- d--h--w- C:\PROGRA~3\Common Files
2010-12-08 13:39:02 -------- d-----w- C:\PROGRA~3\AVG Security Toolbar
2010-12-08 13:38:52 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
2010-12-08 13:38:35 -------- d-----w- C:\Windows\System32\drivers\AVG
2010-12-08 13:38:35 -------- d-----w- C:\PROGRA~3\AVG10
2010-12-08 13:36:46 -------- d-----w- C:\Program Files (x86)\AVG
2010-12-08 13:20:38 -------- d-----w- C:\PROGRA~3\MFAData
2010-12-08 13:02:07 -------- d-----w- C:\Users\Kat\AppData\Local\Mozilla
2010-12-08 12:44:24 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2010-12-08 12:44:24 -------- d-----w- C:\PROGRA~3\Spybot - Search & Destroy
2010-12-08 12:11:24 -------- d-----w- C:\Users\Kat\My Backup Files
2010-12-08 12:08:17 -------- d-sh--w- C:\System Recovery
2010-12-08 12:07:47 -------- d-----w- C:\Users\Kat\AppData\Local\Dell
2010-12-08 12:06:58 -------- d-----w- C:\Users\Kat\AppData\Roaming\Dell
2010-12-08 12:06:56 -------- d-----w- C:\Users\Kat\AppData\Local\DataSafeOnline
2010-12-08 12:06:52 -------- d-----w- C:\Users\Kat\AppData\Local\ATI
2010-12-08 12:06:51 -------- d-----w- C:\Users\Kat\AppData\Local\SupportSoft
2010-12-08 12:06:48 -------- d-----w- C:\Users\Kat\AppData\Roaming\Dell Touch Zone

==================== Find3M ====================

2010-11-10 06:20:56 382032 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2010-11-04 21:37:54 0 ----a-w- C:\Windows\ativpsrm.bin
2010-11-04 20:22:20 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll
2010-11-04 19:55:27 455680 ----a-w- C:\Windows\System32\deployJava1.dll
2010-09-23 08:47:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll
2010-09-23 08:32:56 301936 ----a-w- C:\Windows\WLXPGSS.SCR
2010-09-21 22:49:02 252800 ----a-w- C:\Windows\System32\LIVESSP.DLL
2010-09-21 22:03:14 208768 ----a-w- C:\Windows\SysWow64\LIVESSP.DLL
2010-09-15 12:50:37 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2010-09-13 23:28:00 27216 ----a-w- C:\Windows\System32\drivers\AVGIDSEH.sys

============= FINISH: 15:09:58.52 ===============


Attached File  Attach.zip   2.11KB   4 downloads

BC AdBot (Login to Remove)

 


#2 oneof4

oneof4

  • Malware Response Team
  • 3,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Collective
  • Local time:12:03 PM

Posted 21 December 2010 - 03:57 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:

We need to create an OTL Report

  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

Best Regards,
oneof4.

Best Regards,
oneof4.


#3 oneof4

oneof4

  • Malware Response Team
  • 3,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Collective
  • Local time:12:03 PM

Posted 24 December 2010 - 10:17 PM

Three day bump...

Are you still with us?

Best Regards,
oneof4.


#4 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:03 AM

Posted 30 December 2010 - 10:42 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#5 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:03 AM

Posted 06 January 2011 - 09:03 AM

Reopened per user request.....

Hi and welcome to the Virus/Trojan/Spyware/Malware Removal forum,

I am thcbytes and I am here to help you!

I ask that you refrain from running tools other than those I suggest to you while I am cleaning up your computer. The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Please perform all steps in the order received and do not proceed if you need clarification.

Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems please stop and tell me about it. When your computer is clean I will alert you of such. I will also provide you with detailed suggestions for prevention.

In the upper right hand corner of the topic you will see a button called Watch this topic. Click on this then choose Immediate E-Mail notification and then Proceed and you will be advised when I respond to your topic by email.

After 5 days if your topic is not replied I we assume it has been abandoned and I will close it.

I would also like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please be courteous and appreciative for the assistance provided!

Again I would like to remind you to make no further changes to your computer unless I direct you to do so. Your computer fix will be based on the current condition of your computer! Any changes might delay my ability to help you.

==========

Uninstall AVG.

This is necessary so that I can get my tools to run. Please limit the use of this computer to only the steps I recommend until we can get another AV installed!

Click "start" on the taskbar and then click on the "Control Panel" icon.
Please doubleclick the "Add or Remove Programs" icon
A list of programs installed will be "populated" this may take a bit of time.
If they exist, uninstall the following by clicking on the following entries and selecting "remove":

AVG

Additional instructions can be found here if needed.

Next...

Download and run AppRemover.
http://www.appremover.com/

==========

Download TDSSKiller.zip
  • Extract it to your desktop
  • Double click TDSSKiller.exe
  • Press Start Scan
    • If Malicious objects are found then ensure Cure is selected
    • Then click Continue > Reboot now
  • Copy and paste the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)

==========



Please download ComboFix from one of these locations:

Link 1
Link 2

Save it to your Desktop <-- Important!!!

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Please refer to this link for instructions.

  • Right click it and run as admin & follow the prompts.

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own.
This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper


How is your computer running now? What problems remain?

Regards,
thcbytes
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#6 kattalksalot

kattalksalot
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Oceanside, CA
  • Local time:09:03 AM

Posted 08 January 2011 - 11:42 PM

Oh geeze, I thought I already posted this. okay, well, I thank you, first of all, for your help, all who are helpful on this site which is just awesome! :thumbup2: And I did run the programs and delete my anti-virus, etc, as instructed and in the order instructed. I hope I did everything right. My computer, right now, is in a disturbing state, for me. Seeing as it is one month old, today, this sucks. How did this happen to me? (Redundant, N/M) But, according to Spybot this morning and yesterday, I also have virtumonde virus in it's workings... and all the other stuff like ShopperReports3, click potato, etc.. Anyway, here are the logs from the programs I ran today. Thank you, again for your patience with me and here we go:

2011/01/08 09:42:20.0452 TDSS rootkit removing tool 2.4.12.0 Dec 16 2010 09:46:46
2011/01/08 09:42:20.0452 ================================================================================
2011/01/08 09:42:20.0452 SystemInfo:
2011/01/08 09:42:20.0452
2011/01/08 09:42:20.0452 OS Version: 6.1.7600 ServicePack: 0.0
2011/01/08 09:42:20.0452 Product type: Workstation
2011/01/08 09:42:20.0452 ComputerName: KAT-PC
2011/01/08 09:42:20.0452 UserName: Kat
2011/01/08 09:42:20.0452 Windows directory: C:\Windows
2011/01/08 09:42:20.0452 System windows directory: C:\Windows
2011/01/08 09:42:20.0452 Running under WOW64
2011/01/08 09:42:20.0452 Processor architecture: Intel x64
2011/01/08 09:42:20.0453 Number of processors: 4
2011/01/08 09:42:20.0453 Page size: 0x1000
2011/01/08 09:42:20.0453 Boot type: Normal boot
2011/01/08 09:42:20.0453 ================================================================================
2011/01/08 09:42:20.0453 Utility is running under WOW64
2011/01/08 09:42:20.0799 Initialize success
2011/01/08 09:42:29.0722 ================================================================================
2011/01/08 09:42:29.0722 Scan started
2011/01/08 09:42:29.0722 Mode: Manual;
2011/01/08 09:42:29.0722 ================================================================================
2011/01/08 09:42:30.0136 1394ohci (969c91060cbb5d17cb8440b5f78b4c51) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/01/08 09:42:30.0178 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
2011/01/08 09:42:30.0202 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/01/08 09:42:30.0245 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/01/08 09:42:30.0275 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/01/08 09:42:30.0292 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/01/08 09:42:30.0349 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
2011/01/08 09:42:30.0378 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
2011/01/08 09:42:30.0414 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
2011/01/08 09:42:30.0456 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
2011/01/08 09:42:30.0486 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/01/08 09:42:30.0617 amdkmdag (3e84ad6af9f4194807fc56813f0bc100) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/01/08 09:42:30.0736 amdkmdap (04e712dc9cb5e951d9ffacb5412b50e8) C:\Windows\system32\DRIVERS\atikmpag.sys
2011/01/08 09:42:30.0753 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/01/08 09:42:30.0778 amdsata (cc3021d064eb6d3c2f949530e2b0ba47) C:\Windows\system32\DRIVERS\amdsata.sys
2011/01/08 09:42:30.0793 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/01/08 09:42:30.0815 amdxata (ffc5a0f6263574ef0d5467496b721f77) C:\Windows\system32\DRIVERS\amdxata.sys
2011/01/08 09:42:30.0836 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2011/01/08 09:42:30.0871 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/01/08 09:42:30.0897 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/01/08 09:42:30.0932 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/01/08 09:42:30.0962 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
2011/01/08 09:42:31.0015 AtiPcie (e82e61f46d1336447f4deff8c074f13e) C:\Windows\system32\DRIVERS\AtiPcie64.sys
2011/01/08 09:42:31.0299 AVerPola (da2f7699f8f10b4cd18374017163f39c) C:\Windows\system32\DRIVERS\AVerPola.sys
2011/01/08 09:42:31.0370 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/01/08 09:42:31.0397 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/01/08 09:42:31.0448 BCM42RLY (ac4e2d84de54cd3a013aeff0cc56095c) C:\Windows\system32\drivers\BCM42RLY.sys
2011/01/08 09:42:31.0505 BCM43XX (8b5d16d20774fc3727f44e161be2c0ac) C:\Windows\system32\DRIVERS\bcmwl664.sys
2011/01/08 09:42:31.0554 BcmVWL (d224b2e6bb543f1d8f1177d57fec2950) C:\Windows\system32\DRIVERS\bcmvwl64.sys
2011/01/08 09:42:31.0581 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/01/08 09:42:31.0619 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/01/08 09:42:31.0638 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
2011/01/08 09:42:31.0651 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/01/08 09:42:31.0676 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/01/08 09:42:31.0695 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/01/08 09:42:31.0716 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/01/08 09:42:31.0733 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/01/08 09:42:31.0756 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/01/08 09:42:31.0785 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/01/08 09:42:31.0835 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/01/08 09:42:31.0858 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2011/01/08 09:42:31.0880 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/01/08 09:42:31.0917 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/01/08 09:42:31.0963 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/01/08 09:42:31.0981 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
2011/01/08 09:42:32.0007 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2011/01/08 09:42:32.0023 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/01/08 09:42:32.0049 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/01/08 09:42:32.0081 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/01/08 09:42:32.0145 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
2011/01/08 09:42:32.0162 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/01/08 09:42:32.0183 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/01/08 09:42:32.0235 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/01/08 09:42:32.0278 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
2011/01/08 09:42:32.0347 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/01/08 09:42:32.0443 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/01/08 09:42:32.0470 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
2011/01/08 09:42:32.0506 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/01/08 09:42:32.0530 FACAP (2c1d443e14f376e8331f52f135dca9ef) C:\Windows\system32\DRIVERS\facap.sys
2011/01/08 09:42:32.0559 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/01/08 09:42:32.0584 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/01/08 09:42:32.0618 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/01/08 09:42:32.0643 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/01/08 09:42:32.0661 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/01/08 09:42:32.0682 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2011/01/08 09:42:32.0706 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/01/08 09:42:32.0744 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
2011/01/08 09:42:32.0770 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/01/08 09:42:32.0800 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/01/08 09:42:32.0829 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/01/08 09:42:32.0879 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/01/08 09:42:32.0903 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/01/08 09:42:32.0916 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/01/08 09:42:32.0944 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/01/08 09:42:32.0971 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/01/08 09:42:33.0003 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
2011/01/08 09:42:33.0029 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/01/08 09:42:33.0061 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2011/01/08 09:42:33.0084 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2011/01/08 09:42:33.0098 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/01/08 09:42:33.0127 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
2011/01/08 09:42:33.0156 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/01/08 09:42:33.0250 IntcAzAudAddService (235362d403d9d677514649d88db31914) C:\Windows\system32\drivers\RTKVHD64.sys
2011/01/08 09:42:33.0281 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
2011/01/08 09:42:33.0302 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/01/08 09:42:33.0320 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/01/08 09:42:33.0340 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/01/08 09:42:33.0356 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/01/08 09:42:33.0384 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/01/08 09:42:33.0413 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
2011/01/08 09:42:33.0442 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/01/08 09:42:33.0469 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/01/08 09:42:33.0484 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/01/08 09:42:33.0509 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2011/01/08 09:42:33.0545 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
2011/01/08 09:42:33.0568 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/01/08 09:42:33.0617 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/01/08 09:42:33.0663 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/01/08 09:42:33.0688 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/01/08 09:42:33.0708 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/01/08 09:42:33.0729 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/01/08 09:42:33.0757 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/01/08 09:42:33.0774 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/01/08 09:42:33.0803 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/01/08 09:42:33.0822 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/01/08 09:42:33.0845 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/01/08 09:42:33.0863 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/01/08 09:42:33.0881 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/01/08 09:42:33.0904 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2011/01/08 09:42:33.0926 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
2011/01/08 09:42:33.0952 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/01/08 09:42:33.0998 MQAC (cd22d2563039dda6793f7624719363a7) C:\Windows\system32\drivers\mqac.sys
2011/01/08 09:42:34.0024 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2011/01/08 09:42:34.0062 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/01/08 09:42:34.0086 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/01/08 09:42:34.0106 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/01/08 09:42:34.0127 msahci (bccf16d5fb1109162380e3e28dc9e4e5) C:\Windows\system32\DRIVERS\msahci.sys
2011/01/08 09:42:34.0150 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
2011/01/08 09:42:34.0177 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/01/08 09:42:34.0204 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/01/08 09:42:34.0223 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/01/08 09:42:34.0264 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/01/08 09:42:34.0290 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/01/08 09:42:34.0305 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/01/08 09:42:34.0329 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2011/01/08 09:42:34.0356 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/01/08 09:42:34.0376 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/01/08 09:42:34.0399 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/01/08 09:42:34.0415 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/01/08 09:42:34.0457 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/01/08 09:42:34.0504 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
2011/01/08 09:42:34.0530 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/01/08 09:42:34.0557 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/01/08 09:42:34.0579 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/01/08 09:42:34.0599 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/01/08 09:42:34.0621 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2011/01/08 09:42:34.0644 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/01/08 09:42:34.0669 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
2011/01/08 09:42:34.0728 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/01/08 09:42:34.0754 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/01/08 09:42:34.0778 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/01/08 09:42:34.0826 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
2011/01/08 09:42:34.0860 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/01/08 09:42:34.0899 nuviocir (be29aa3cba78480ab8591873197cb56a) C:\Windows\system32\DRIVERS\nuviocir_win7_x64.sys
2011/01/08 09:42:34.0924 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
2011/01/08 09:42:34.0946 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
2011/01/08 09:42:34.0966 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/01/08 09:42:34.0989 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/01/08 09:42:35.0051 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/01/08 09:42:35.0073 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2011/01/08 09:42:35.0137 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
2011/01/08 09:42:35.0178 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
2011/01/08 09:42:35.0204 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
2011/01/08 09:42:35.0229 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/01/08 09:42:35.0258 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/01/08 09:42:35.0282 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/01/08 09:42:35.0370 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
2011/01/08 09:42:35.0395 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/01/08 09:42:35.0427 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2011/01/08 09:42:35.0464 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
2011/01/08 09:42:35.0512 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/01/08 09:42:35.0560 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/01/08 09:42:35.0587 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/01/08 09:42:35.0611 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/01/08 09:42:35.0639 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/01/08 09:42:35.0665 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/01/08 09:42:35.0688 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/01/08 09:42:35.0709 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/01/08 09:42:35.0736 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
2011/01/08 09:42:35.0751 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/01/08 09:42:35.0784 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/01/08 09:42:35.0807 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/01/08 09:42:35.0830 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/01/08 09:42:35.0859 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2011/01/08 09:42:35.0891 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
2011/01/08 09:42:35.0937 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/01/08 09:42:35.0975 RTL8167 (4b42bc58294e83a6a92ec8b88c14c4a3) C:\Windows\system32\DRIVERS\Rt64win7.sys
2011/01/08 09:42:36.0002 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/01/08 09:42:36.0029 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2011/01/08 09:42:36.0069 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/01/08 09:42:36.0106 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/01/08 09:42:36.0129 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/01/08 09:42:36.0150 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/01/08 09:42:36.0189 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/01/08 09:42:36.0205 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/01/08 09:42:36.0217 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/01/08 09:42:36.0247 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/01/08 09:42:36.0288 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/01/08 09:42:36.0311 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/01/08 09:42:36.0354 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/01/08 09:42:36.0389 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/01/08 09:42:36.0424 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys
2011/01/08 09:42:36.0462 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys
2011/01/08 09:42:36.0485 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys
2011/01/08 09:42:36.0511 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/01/08 09:42:36.0536 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2011/01/08 09:42:36.0622 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys
2011/01/08 09:42:36.0685 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys
2011/01/08 09:42:36.0716 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/01/08 09:42:36.0737 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/01/08 09:42:36.0771 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/01/08 09:42:36.0794 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
2011/01/08 09:42:36.0828 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
2011/01/08 09:42:36.0875 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/01/08 09:42:36.0909 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
2011/01/08 09:42:36.0933 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/01/08 09:42:36.0976 udfs (31ba4a33afab6a69ea092b18017f737f) C:\Windows\system32\DRIVERS\udfs.sys
2011/01/08 09:42:37.0017 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/01/08 09:42:37.0044 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2011/01/08 09:42:37.0066 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/01/08 09:42:37.0092 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/01/08 09:42:37.0120 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
2011/01/08 09:42:37.0143 usbehci (cb490987a7f6928a04bb838e3bd8a936) C:\Windows\system32\DRIVERS\usbehci.sys
2011/01/08 09:42:37.0169 usbhub (18124ef0a881a00ee222d02a3ee30270) C:\Windows\system32\DRIVERS\usbhub.sys
2011/01/08 09:42:37.0210 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
2011/01/08 09:42:37.0242 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/01/08 09:42:37.0284 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
2011/01/08 09:42:37.0307 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/01/08 09:42:37.0331 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/01/08 09:42:37.0366 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys
2011/01/08 09:42:37.0396 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/01/08 09:42:37.0428 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/01/08 09:42:37.0451 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/01/08 09:42:37.0473 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/01/08 09:42:37.0497 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
2011/01/08 09:42:37.0525 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/01/08 09:42:37.0545 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2011/01/08 09:42:37.0569 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
2011/01/08 09:42:37.0601 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/01/08 09:42:37.0629 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/01/08 09:42:37.0648 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/01/08 09:42:37.0669 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
2011/01/08 09:42:37.0699 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/01/08 09:42:37.0724 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/01/08 09:42:37.0736 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/01/08 09:42:37.0778 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/01/08 09:42:37.0810 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/01/08 09:42:37.0860 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/01/08 09:42:37.0897 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
2011/01/08 09:42:37.0911 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/01/08 09:42:38.0000 WinUsb (4d52c872018af7e18d078978dcc3f6f2) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/01/08 09:42:38.0040 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/01/08 09:42:38.0082 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/01/08 09:42:38.0137 WudfPf (c63907207b837a5c05cf6d1606aa0008) C:\Windows\system32\drivers\WudfPf.sys
2011/01/08 09:42:38.0169 WUDFRd (d885a873d733020f8b9b9ff4b1666158) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/01/08 09:42:38.0241 ================================================================================
2011/01/08 09:42:38.0241 Scan finished
2011/01/08 09:42:38.0241 ================================================================================



ComboFix 11-01-07.02 - Kat 01/08/2011 10:54:10.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.8188.6112 [GMT -8:00]
Running from: c:\users\Kat\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files (x86)\ResultBar
c:\programdata\PCDr\5744\Downloads\4b383fe0-07a2-4239-92b0-7200db829d58.dll
c:\programdata\PCDr\5744\Downloads\5a6257cc-a15e-41eb-b891-52f7e087b40f.dll
c:\programdata\PCDr\5744\Downloads\c229b02b-4e01-43e4-9587-37961f6873bc.dll
c:\programdata\PCDr\5744\Downloads\d242df42-c817-4c92-8e27-a770772ec980.dll
c:\programdata\PCDr\5744\Downloads\ef253e79-80d5-4656-b429-008ec2e1d22e.dll
c:\programdata\PCDr\5744\Downloads\fbaabbe1-30af-47f6-a8e1-dfd8bbc2f468.dll
c:\programdata\ResultBar
c:\users\Kat\AppData\Local\Microsoft\Windows\Temporary Internet Files\{A9584411-107E-4D3C-9198-CB47803B3BD9}.xps
c:\users\Kat\AppData\Roaming\EurekaLog
c:\users\Kat\AppData\Roaming\Local
c:\users\Kat\AppData\Roaming\Local\Temp\DDM\Settings\0.ddi
c:\users\Kat\AppData\Roaming\Local\Temp\DDM\Settings\Inception_Trailer_592.divx.ddr
c:\users\Kat\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
c:\users\Kat\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\Inception_Trailer_592.divx
c:\users\Kat\AppData\Roaming\ShopperReports3
c:\users\Kat\GoToAssistDownloadHelper.exe

.
((((((((((((((((((((((((( Files Created from 2010-12-08 to 2011-01-08 )))))))))))))))))))))))))))))))
.

2011-01-08 18:58 . 2011-01-08 18:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-07 17:13 . 2011-01-07 17:13 -------- d-----w- c:\program files\ATI Technologies
2011-01-07 17:06 . 2011-01-07 17:06 -------- d-----w- c:\program files\ATI
2011-01-07 17:05 . 2011-01-07 17:05 -------- d-----w- C:\AMD
2011-01-07 01:54 . 2011-01-07 01:54 -------- d-----w- c:\users\Kat\AppData\Local\Apple Computer
2011-01-06 21:32 . 2011-01-08 18:59 4194304 ----a-w- c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2011-01-06 20:31 . 2009-06-08 00:25 77824 ----a-w- c:\windows\SysWow64\xvid.ax
2011-01-06 20:31 . 2009-06-08 00:16 819200 ----a-w- c:\windows\SysWow64\xvidcore.dll
2011-01-06 20:31 . 2011-01-06 20:31 -------- d-----w- c:\program files (x86)\Xvid
2011-01-06 20:31 . 2009-06-08 00:24 180224 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2011-01-06 11:00 . 2010-11-01 22:59 2381824 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-01-06 11:00 . 2010-11-01 23:03 1448448 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-01-05 21:22 . 2011-01-05 21:22 -------- d-----w- c:\users\Kat\AppData\Roaming\DivX
2011-01-05 21:22 . 2011-01-05 21:22 -------- d-----w- c:\program files\DivX
2011-01-05 21:21 . 2011-01-05 21:21 -------- d-----w- c:\program files (x86)\Common Files\DivX Shared
2011-01-05 21:16 . 2011-01-05 21:22 -------- d-----w- c:\program files (x86)\DivX
2011-01-05 20:57 . 2011-01-05 21:22 -------- d-----w- c:\programdata\DivX
2011-01-05 20:55 . 2011-01-06 22:31 -------- d-----w- c:\users\Kat\AppData\Roaming\vlc
2011-01-05 20:54 . 2011-01-05 20:54 -------- d-----w- c:\program files (x86)\VideoLAN
2011-01-05 20:33 . 2011-01-05 20:33 -------- d-----w- c:\users\Kat\AppData\Roaming\Apple Computer
2011-01-05 12:02 . 2011-01-05 12:02 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-01-04 22:27 . 2010-08-16 06:14 218624 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2011-01-04 22:27 . 2010-08-16 06:14 737280 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-01-04 22:27 . 2010-08-16 06:14 1172480 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2011-01-04 22:27 . 2010-08-16 06:14 1076224 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-01-04 22:27 . 2010-05-09 09:15 279552 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-01-04 22:27 . 2010-05-09 09:15 135168 ----a-w- c:\windows\SysWow64\XpsRasterService.dll
2011-01-04 22:26 . 2010-06-26 05:14 1495040 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2011-01-04 22:26 . 2011-01-06 11:00 -------- d-----w- c:\program files (x86)\Feedback Tool
2011-01-04 10:56 . 2011-01-04 10:56 -------- d-----w- c:\program files\Dell Support Center
2011-01-04 10:50 . 2011-01-04 10:54 -------- d-----w- c:\users\Kat\AppData\Roaming\PCDr
2011-01-03 23:26 . 2011-01-03 23:26 119808 ----a-w- c:\program files (x86)\Mozilla Firefox\components\GoogleDesktopMozilla.dll
2011-01-03 17:03 . 2011-01-05 21:20 -------- d-----w- c:\program files (x86)\Google
2011-01-03 04:28 . 2011-01-03 04:28 -------- d-----w- c:\program files (x86)\Common Files\Apple
2011-01-03 04:28 . 2011-01-03 04:28 -------- d-----w- c:\users\Kat\AppData\Local\Apple
2011-01-03 04:28 . 2011-01-03 04:28 -------- d-----w- c:\programdata\Apple
2011-01-03 04:28 . 2011-01-03 04:28 -------- d-----w- c:\program files (x86)\Apple Software Update
2010-12-31 18:06 . 2010-12-31 18:06 11776 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nprjplug.dll
2010-12-31 18:06 . 2010-12-31 18:06 -------- d-----w- c:\program files (x86)\Common Files\xing shared
2010-12-31 18:06 . 2010-12-31 18:06 151776 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nppl3260.dll
2010-12-31 18:06 . 2010-12-31 18:06 100352 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
2010-12-31 18:06 . 2010-12-31 18:06 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2010-12-31 18:06 . 2010-12-31 18:06 -------- d-----w- c:\program files (x86)\Real
2010-12-29 07:50 . 2011-01-06 22:46 -------- d-----w- c:\users\Kat\AppData\Roaming\QuickScan
2010-12-27 16:47 . 2010-12-27 16:47 -------- d-----w- c:\users\Kat\AppData\Local\PackageAware
2010-12-25 18:25 . 2010-12-25 18:25 -------- d-----w- c:\windows\SysWow64\Dell
2010-12-24 06:49 . 2010-11-16 20:01 8199504 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{34CACCCE-68F6-42FF-BB32-507128017352}\mpengine.dll
2010-12-24 05:19 . 2010-12-25 17:15 -------- d-----w- c:\programdata\Dl_cats
2010-12-23 19:46 . 2010-12-23 19:46 -------- d-----w- c:\programdata\Citrix
2010-12-23 18:22 . 2011-01-04 10:28 -------- d-----w- c:\users\Kat\AppData\Local\Diagnostics
2010-12-21 21:00 . 2010-12-25 18:31 -------- d-----w- c:\users\Kat\AppData\Local\Deployment
2010-12-21 21:00 . 2010-12-21 21:00 -------- d-----w- c:\users\Kat\AppData\Local\Apps
2010-12-20 23:42 . 2010-12-20 23:42 -------- d-sh--w- c:\programdata\System Restore
2010-12-19 23:45 . 2010-12-19 23:47 -------- dc----w- c:\users\Kat\AppData\Local\MigWiz
2010-12-18 11:00 . 2010-12-18 11:00 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2010-12-17 23:20 . 2010-12-17 23:20 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2010-12-17 23:19 . 2010-12-17 23:19 -------- d-----w- c:\users\Kat\AppData\Local\Microsoft Help
2010-12-17 23:19 . 2010-12-19 03:19 -------- d-----w- c:\programdata\Microsoft Help
2010-12-17 23:19 . 2010-12-17 23:19 -------- d-----r- C:\MSOCache
2010-12-16 23:36 . 2010-12-16 23:36 -------- d-----w- c:\users\Kat\AppData\Local\Windows Live Writer
2010-12-16 23:36 . 2010-12-16 23:36 -------- d-----w- c:\users\Kat\AppData\Roaming\Windows Live Writer
2010-12-16 21:52 . 2010-12-16 21:52 -------- d-----w- c:\users\Kat\AppData\Roaming\BitZipper
2010-12-16 21:52 . 2010-12-16 21:52 -------- d-----w- c:\program files (x86)\BitZipper
2010-12-16 01:30 . 2010-10-27 04:32 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2010-12-16 01:30 . 2010-11-02 04:40 496128 ----a-w- c:\windows\SysWow64\taskschd.dll
2010-12-16 01:30 . 2010-11-02 04:40 305152 ----a-w- c:\windows\SysWow64\taskcomp.dll
2010-12-16 01:30 . 2010-11-02 04:34 192000 ----a-w- c:\windows\SysWow64\taskeng.exe
2010-12-16 01:30 . 2010-11-02 04:34 179712 ----a-w- c:\windows\SysWow64\schtasks.exe
2010-12-16 01:30 . 2010-10-20 04:54 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2010-12-16 01:30 . 2010-10-20 02:58 294400 ----a-w- c:\windows\SysWow64\atmfd.dll
2010-12-16 01:30 . 2010-10-16 04:36 314368 ----a-w- c:\windows\SysWow64\webio.dll
2010-12-16 01:30 . 2010-10-12 05:05 35328 ----a-w- c:\program files\Windows Mail\wabfind.dll
2010-12-16 01:30 . 2010-10-12 05:00 516096 ----a-w- c:\program files\Windows Mail\wab.exe
2010-12-16 01:30 . 2010-10-12 04:25 516096 ----a-w- c:\program files (x86)\Windows Mail\wab.exe
2010-12-14 02:24 . 2010-12-14 04:25 -------- d-----w- c:\users\Kat\AppData\Roaming\AVG
2010-12-13 17:52 . 2010-12-13 17:52 -------- d-----w- c:\users\Kat\AppData\Local\Powercinema
2010-12-13 17:51 . 2010-12-13 17:52 -------- d-----w- c:\users\Kat\AppData\Roaming\CyberLink
2010-12-13 14:17 . 2010-12-14 14:57 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2010-12-13 14:17 . 2010-12-14 14:46 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2010-12-13 12:39 . 2011-01-04 10:29 -------- d-----w- c:\users\Kat\AppData\Local\ElevatedDiagnostics
2010-12-13 06:42 . 2010-12-13 06:42 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-3\Microsoft.MediaCenter.Sports.UI.dll
2010-12-13 06:42 . 2010-12-13 06:42 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-3\markup.dll
2010-12-13 06:21 . 2010-12-14 02:17 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2010-12-13 06:21 . 2010-12-13 06:21 -------- d-----w- c:\program files\PlayReady
2010-12-13 06:04 . 2010-12-14 02:28 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2010-12-13 06:03 . 2010-12-14 02:18 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2010-12-13 06:03 . 2010-12-14 14:46 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2010-12-13 06:03 . 2010-12-13 06:03 539968 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-12-12 18:39 . 2010-12-12 18:39 -------- d-----w- c:\users\Kat\AppData\Local\Safe mirror
2010-12-12 18:38 . 2010-12-12 18:38 -------- d-----w- c:\program files (x86)\Cobian Backup 10
2010-12-12 06:16 . 2011-01-05 21:23 -------- d-----w- c:\users\Kat\AppData\Local\Google
2010-12-10 19:14 . 2010-12-10 19:14 -------- d-----w- c:\users\Kat\AppData\Roaming\Macrovision
2010-12-10 18:43 . 2010-12-10 18:43 -------- d-----w- c:\users\Kat\AppData\Local\Dell Edoc Viewer
2010-12-10 06:56 . 2010-12-10 06:56 -------- d-----w- c:\program files (x86)\ConvertHelper
2010-12-10 06:50 . 2010-12-10 06:50 -------- d-----w- c:\users\Kat\dwhelper

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-30 01:38 . 2010-11-30 01:38 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2010-11-30 01:38 . 2010-11-30 01:38 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2010-11-12 00:44 . 2010-11-12 00:44 94208 ----a-w- c:\windows\SysWow64\dpl100.dll
2010-11-08 22:57 . 2010-11-08 22:57 353592 ----a-w- c:\windows\SysWow64\DivXControlPanelApplet.cpl
2010-11-04 22:23 . 2010-11-04 22:23 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2010-11-04 22:23 . 2010-11-04 22:23 91648 ----a-w- c:\windows\SysWow64\avifil32.dll
2010-11-04 22:23 . 2010-11-04 22:23 84480 ----a-w- c:\windows\SysWow64\mciavi32.dll
2010-11-04 22:23 . 2010-11-04 22:23 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2010-11-04 22:23 . 2010-11-04 22:23 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2010-11-04 22:23 . 2010-11-04 22:23 50176 ----a-w- c:\windows\SysWow64\iyuv_32.dll
2010-11-04 22:23 . 2010-11-04 22:23 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2010-11-04 22:23 . 2010-11-04 22:23 3955080 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2010-11-04 22:23 . 2010-11-04 22:23 3899784 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2010-11-04 22:23 . 2010-11-04 22:23 34816 ----a-w- c:\windows\SysWow64\msasn1.dll
2010-11-04 22:23 . 2010-11-04 22:23 31744 ----a-w- c:\windows\SysWow64\msvidc32.dll
2010-11-04 22:23 . 2010-11-04 22:23 257024 ----a-w- c:\windows\SysWow64\msv1_0.dll
2010-11-04 22:23 . 2010-11-04 22:23 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2010-11-04 22:23 . 2010-11-04 22:23 22016 ----a-w- c:\windows\SysWow64\msyuv.dll
2010-11-04 22:23 . 2010-11-04 22:23 2048 ----a-w- c:\windows\SysWow64\user.exe
2010-11-04 22:23 . 2010-11-04 22:23 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2010-11-04 22:23 . 2010-11-04 22:23 13312 ----a-w- c:\windows\SysWow64\msrle32.dll
2010-11-04 22:23 . 2010-11-04 22:23 1328640 ----a-w- c:\windows\SysWow64\quartz.dll
2010-11-04 22:23 . 2010-11-04 22:23 12288 ----a-w- c:\windows\SysWow64\tsbyuv.dll
2010-11-04 22:23 . 2010-11-04 22:23 82944 ----a-w- c:\windows\SysWow64\iccvid.dll
2010-11-04 22:23 . 2010-11-04 22:23 2870272 ----a-w- c:\windows\explorer.exe
2010-11-04 22:23 . 2010-11-04 22:23 2614272 ----a-w- c:\windows\SysWow64\explorer.exe
2010-11-04 22:23 . 2010-11-04 22:23 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2010-11-04 22:23 . 2010-11-04 22:23 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2010-11-04 22:23 . 2010-11-04 22:23 85504 ----a-w- c:\windows\SysWow64\secproc_ssp_isv.dll
2010-11-04 22:23 . 2010-11-04 22:23 85504 ----a-w- c:\windows\SysWow64\secproc_ssp.dll
2010-11-04 22:23 . 2010-11-04 22:23 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2010-11-04 22:23 . 2010-11-04 22:23 369152 ----a-w- c:\windows\SysWow64\secproc.dll
2010-11-04 22:23 . 2010-11-04 22:23 320512 ----a-w- c:\windows\SysWow64\RMActivate.exe
2010-11-04 22:23 . 2010-11-04 22:23 280064 ----a-w- c:\windows\SysWow64\RMActivate_ssp.exe
2010-11-04 22:23 . 2010-11-04 22:23 277504 ----a-w- c:\windows\SysWow64\RMActivate_ssp_isv.exe
2010-11-04 22:23 . 2010-11-04 22:23 1289528 ----a-w- c:\windows\SysWow64\ntdll.dll
2010-11-04 22:23 . 2010-11-04 22:23 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll
2010-11-04 22:23 . 2010-11-04 22:23 365568 ----a-w- c:\windows\SysWow64\secproc_isv.dll
2010-11-04 22:23 . 2010-11-04 22:23 324608 ----a-w- c:\windows\SysWow64\RMActivate_isv.exe
2010-11-04 22:23 . 2010-11-04 22:23 37376 ----a-w- c:\windows\SysWow64\rtutils.dll
2010-11-04 22:23 . 2010-11-04 22:23 1320960 ----a-w- c:\windows\SysWow64\CertEnroll.dll
2010-11-04 22:23 . 2010-11-04 22:23 67584 ----a-w- c:\windows\SysWow64\asycfilt.dll
2010-11-04 22:23 . 2010-11-04 22:23 172032 ----a-w- c:\windows\SysWow64\wintrust.dll
2010-11-04 22:23 . 2010-11-04 22:23 132608 ----a-w- c:\windows\SysWow64\cabview.dll
2010-11-04 22:23 . 2010-11-04 22:23 1233920 ----a-w- c:\windows\SysWow64\msxml3.dll
2010-11-04 22:23 . 2010-11-04 22:23 86528 ----a-w- c:\windows\SysWow64\isoburn.exe
2010-11-04 22:23 . 2010-11-04 22:23 488448 ----a-w- c:\windows\SysWow64\evr.dll
2010-11-04 22:23 . 2010-11-04 22:23 292864 ----a-w- c:\windows\SysWow64\mfds.dll
2010-11-04 22:23 . 2010-11-04 22:23 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2010-11-04 20:22 . 2010-11-04 20:22 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ShwiconXP6366"="c:\program files (x86)\Multimedia Card Reader(6366)\ShwiconXP6366.exe" [2009-07-17 237568]
"UCam_Menu"="c:\program files (x86)\Dell\Dell TouchCam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" [2009-12-01 963584]
"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-04-14 50472]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared Files\brs.exe" [2010-04-26 75048]
"FATrayAlert"="c:\program files (x86)\Sensible Vision\Fast Access\FATrayMon.exe" [2010-04-04 95560]
"Google Desktop Search"="c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" [2011-01-03 30192]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-10-15 498160]
"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2010-02-09 1807680]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-10 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-30 421888]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2010-12-09 1226608]
"DivX Download Manager"="c:\program files (x86)\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HideSCANetwork"= 1 (0x1)
"HideSCABattery"= 1 (0x1)
"DisableThumbnailsOnNetworkFolders"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\FastAccess]
2010-04-04 19:43 144712 ----a-w- c:\program files (x86)\Sensible Vision\Fast Access\FALogNot.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\Google\GOOGLE~2\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"wave"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"UpdReg"=c:\windows\UpdReg.EXE

R2 CLKMSVC10_9EC60124;CyberLink Product - 2010/11/04 15:23;c:\program files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe [2010-04-26 232944]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 dleaCATSCustConnectService;dleaCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe [2010-05-22 45224]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-03 136176]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2011-01-03 30192]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2010-11-18 25072]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-08 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-07-12 55856]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-06-20 203264]
S2 cbVSCService;Cobian Backup 10 Volume Shadow Copy service;c:\program files (x86)\Cobian Backup 10\cbVSCService.exe [2010-09-23 67584]
S2 DellOSDservice;DellOSDservice;c:\program files\Dell\OSD\DellOSDservice.exe [2010-07-06 7168]
S2 dlea_device;dlea_device;c:\windows\system32\dleacoms.exe [2010-05-22 1052328]
S2 FAService;FAService;c:\program files (x86)\Sensible Vision\Fast Access\FAService.exe [2010-04-04 2409800]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2010-08-20 689472]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-06-20 6858240]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-06-20 264192]
S3 AVerPola;AVerMedia USB Polaris Series Capture Service;c:\windows\system32\DRIVERS\AVerPola.sys [2010-03-24 371072]
S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys [2010-02-02 20984]
S3 FACAP;facap, FastAccess Video Capture;c:\windows\system32\DRIVERS\facap.sys [2008-09-25 238848]
S3 nuviocir;Nuvoton W836x7HG CIR Device Driver;c:\windows\system32\DRIVERS\nuviocir_win7_x64.sys [2010-07-14 33792]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]


--- Other Services/Drivers In Memory ---

*Deregistered* - CLKMDRV10_9EC60124
.
Contents of the 'Scheduled Tasks' folder

2011-01-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-03 17:03]

2011-01-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-03 17:03]

2011-01-04 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2010-11-18 15:13]

2011-01-07 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\pcdrcui.exe [2010-11-18 15:13]
.

--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF32456.cfxxe" [X]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2010-02-02 5712896]
"RunDLLEntry_THXCfg"="c:\windows\system32\RunDLL32.exe" [2009-07-14 45568]
"RunDLLEntry_EptMon"="c:\windows\system32\RunDLL32.exe" [2009-07-14 45568]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2010-12-13 4775176]
"dleamon.exe"="c:\program files (x86)\Dell V310-V510 Series\dleamon.exe" [2010-08-09 770728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
mWindow Title = Use Firefox instead
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxps://support.dell.com/systemprofiler/DellSystemLite.CAB
FF - ProfilePath - c:\users\Kat\AppData\Roaming\Mozilla\Firefox\Profiles\ze07d082.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig
FF - prefs.js: keyword.URL - hxxp://mp3tubetoolbarsearch.com/?prt=pinballtb02ff&Keywords=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: DivX Plus Web Player HTML5 &lt;video&gt;: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF - Ext: FoxTab: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} - %profile%\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Screengrab: {02450954-cdd9-410f-b1da-db804e18c671} - %profile%\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
FF - Ext: StumbleUpon: {AE93811A-5C9A-4d34-8462-F7B864FC4696} - %profile%\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: ReminderFox: {ada4b710-8346-4b82-8199-5de2b400a6ae} - %profile%\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
FF - Ext: FlashVideoReplacer: flvideoreplacer@lovinglinux.megabyet.net - %profile%\extensions\flvideoreplacer@lovinglinux.megabyet.net
FF - Ext: CheckPlaces: checkplaces@andyhalford.com - %profile%\extensions\checkplaces@andyhalford.com
FF - Ext: Print Edit: printedit@DW-dev - %profile%\extensions\printedit@DW-dev
FF - Ext: Unhide Passwords: {2e17e2b2-b8d4-4a67-8d7b-fafa6cc9d1d0} - %profile%\extensions\{2e17e2b2-b8d4-4a67-8d7b-fafa6cc9d1d0}
FF - Ext: CheckFox: {BAEC7B80-9A31-47b2-A68B-DCAC8DF48E87} - %profile%\extensions\{BAEC7B80-9A31-47b2-A68B-DCAC8DF48E87}
FF - Ext: Print It!: printit@GMPOWER.com - %profile%\extensions\printit@GMPOWER.com
FF - Ext: Xmarks: foxmarks@kei.com - %profile%\extensions\foxmarks@kei.com
FF - Ext: Image Zoom: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68} - %profile%\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
FF - Ext: FireShot: {0b457cAA-602d-484a-8fe7-c1d894a011ba} - %profile%\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
FF - Ext: QuickNote: {C0CB8BA3-6C1B-47e8-A6AB-1FAB889562D9} - %profile%\extensions\{C0CB8BA3-6C1B-47e8-A6AB-1FAB889562D9}
FF - Ext: Dictionary Tooltip: {C6128004-4838-4708-9A97-BB172D17767D} - %profile%\extensions\{C6128004-4838-4708-9A97-BB172D17767D}
FF - Ext: BrowserProtect: browserprotect@browserprotect.com - %profile%\extensions\browserprotect@browserprotect.com
FF - Ext: BitDefender QuickScan: {e001c731-5e37-4538-a5cb-8168736a2360} - %profile%\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF - Ext: FlashGot: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} - %profile%\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
FF - Ext: Flash Video Resources Downloader: max@subfighter.com - %profile%\extensions\max@subfighter.com
FF - Ext: ScrapBook: {53A03D43-5363-4669-8190-99061B2DEBA5} - %profile%\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}
FF - Ext: <?xmlversion=1.0?><RDF xmlns=http://www.w3.org/1999/02/22-rdf-syntax-ns# xmlns:em=http://www.mozilla.org/2004/em-rdf#><Description about=urn:mozilla:install-manifest><em:id>{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}: {b9bfaf1c-a63f-47cd-8b9a-29526ced9060} - %profile%\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}
FF - Ext: TweakTube: {15e67a59-bd3d-49ae-90dd-b3d3fd14c2ed} - %profile%\extensions\{15e67a59-bd3d-49ae-90dd-b3d3fd14c2ed}
FF - Ext: Easy Youtube Video Downloader: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} - %profile%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
FF - Ext: Google Image Help: googleimagehelp@shivam.org - %profile%\extensions\googleimagehelp@shivam.org
FF - Ext: Customize Titlebar: titlebar@sidthemonkey.com - %profile%\extensions\titlebar@sidthemonkey.com
FF - Ext: Locator: {05f6a7ea-896b-11da-8bde-f66bad1e3fff} - %profile%\extensions\{05f6a7ea-896b-11da-8bde-f66bad1e3fff}
FF - Ext: Clip to OneNote: {966762eb-7132-4081-ac70-20d20161ad96} - %profile%\extensions\{966762eb-7132-4081-ac70-20d20161ad96}
FF - Ext: IE Tab 2 (FF 3.6+): {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} - %profile%\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
FF - user.js: keyword.URL - hxxp://mp3tubetoolbarsearch.com/?prt=pinballtb02ff&Keywords=
FF - user.js: keyword.enabled - 1
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -

Toolbar-Locked - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Wow6432Node-HKLM-Run-FAStartup - (no file)
Wow6432Node-HKLM-Run-DellSupportCenter - c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe
Toolbar-Locked - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe



[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-3196480253-1050813108-209535207-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"

[HKEY_USERS\S-1-5-21-3196480253-1050813108-209535207-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\program files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
c:\program files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
c:\program files (x86)\Roxio\Roxio Burn\Roxio Burn.exe
c:\windows\SysWOW64\rundll32.exe
.
**************************************************************************
.
Completion time: 2011-01-08 11:23:48 - machine was rebooted
ComboFix-quarantined-files.txt 2011-01-08 19:23

Pre-Run: 934,555,750,400 bytes free
Post-Run: 933,894,520,832 bytes free

- - End Of File - - AEA271D768B8E7DB38568B8AD977166C

***************************************
***************************************

By the way... when all this is finished, you will tell me if I should delete these d/l'd programs from today of my pc, right? Thank you in advance.




#7 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:03 AM

Posted 09 January 2011 - 03:12 PM

Hello,

We need to disable Spybot S&D's "TeaTimer"
TeaTimer works by preventing ANY changes to the system. It will attempt to undo any fixes we run, because it blocks these fixes from running.

In order to safeguard your system from problems that can be brought on by a half finished fix, we need to disable TeaTimer. We can reenable it when we're done if you like.
  • Open SpyBot Search and Destroy by going to Start -> All Programs -> Spybot Search and Destroy -> Spybot Search and Destroy.
  • If prompted with a legal dialog, accept the warning.
  • Click Posted Image and then on "Advanced Mode"
    Posted Image
  • You may be presented with a warning dialog. If so, press Posted Image
  • Click on Posted Image
  • Click on Posted Image
  • Uncheck this checkbox:
    Posted Image
  • Close/Exit Spybot Search and Destroy

==========

Right click and delete Combofix from your desktop.



Please download ComboFix from one of these locations:

Link 1
Link 2

Save it to your Desktop <-- Important!!!

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Please refer to this link for instructions.

  • Right click it and run as admin & follow the prompts.

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own.
This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper


==========

Please download Malwarebytes Anti-Malware and save it to your desktop.

alternate download link 1
alternate download link 2

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

==========

Please download and install Microsoft Security Essentials
http://www.microsoft.com/security_essentials/

After successful installation please run a scan and alert me if there are any detections.

In order to post those detections please do this...

  • Please double click the MSE icon in the lower right system tray.
  • Click History
  • Maximize the screen
  • Highlight everything from "Category to Items"
  • Press Ctrl + C to copy
  • Right click and copy/paste the results here for my review like this...

Category: Worm

Description: This program is dangerous and self-propagates over a network connection.

Recommendation: Remove this software immediately.

Microsoft Security Essentials detected programs that may compromise your privacy or damage your computer. You can still access the files that these programs use without removing them (not recommended). To access these files, select the 'Allow' action and click 'Apply actions'. If this option is not available, log on as administrator or ask the local administrator for help.

Items:
file:C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{B04E09D2-291E-48C5-8B63-540F8072E110}-vundo.exe
webfile:C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{B04E09D2-291E-48C5-8B63-540F8072E110}-vundo.exe|http://www.bleepingcomputer.com/mrc/download.php?file=28359


==========

Please download SystemLook from one of the links below and save it to your Desktop.
http://jpshortstuff.247fixes.com/SystemLook_x64.exe
  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    :folderfind
    *ClickPotato*
    
    :regfind
    *ClickPotato*
    
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

==========

How is your computer running now? What specific problems remain?

Regards,
thcbytes
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#8 kattalksalot

kattalksalot
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Oceanside, CA
  • Local time:09:03 AM

Posted 09 January 2011 - 06:38 PM

Thank you. I deleted my entire spybot program already so it's gone. Now, I deleted Combofix then redownloaded it again, and ran it, but this is the error message I got, 4 times: PEV.cfxxe has stopped working correctly. A problem has caused the program to stop working correctly Windows will close the program & notify you if a solution is available. (This message appeared 4 times in a row.) I then waited 20 mins to see if the program would indeed complete, but nothing happened. However, task manager still shows sed.cfxxe*32 as a running process and it also showed combo fix as running in applications.. Not anymore though. And there is no log file I can find anywhere here. What should I do, please?

#9 kattalksalot

kattalksalot
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Oceanside, CA
  • Local time:09:03 AM

Posted 09 January 2011 - 07:47 PM

Should I wait till I can complete Combofix--when you tell me what to do--or run the rest now? I guess I will wait, hmm?

#10 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:03 AM

Posted 09 January 2011 - 09:30 PM

Thanks for checking with me first.

Are you still seeing instances of Combofix running in the Task Manager? If so please kill them and tell me what happens. If not then just report it back here.

Go ahead and complete the other listed steps regardless.
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#11 kattalksalot

kattalksalot
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Oceanside, CA
  • Local time:09:03 AM

Posted 09 January 2011 - 09:33 PM

ComboFix is no longer running in task manager. Not any of it, as far as I can tell. I will now run the rest of them. Thank you for clarification. = )

#12 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:03 AM

Posted 09 January 2011 - 09:39 PM

:thumbup2:
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#13 kattalksalot

kattalksalot
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Oceanside, CA
  • Local time:09:03 AM

Posted 10 January 2011 - 06:51 AM

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5493

Windows 6.1.7600
Internet Explorer 9.0.7930.16406

1/9/2011 10:09:14 PM
mbam-log-2011-01-09 (22-09-14).txt

Scan type: Quick scan
Objects scanned: 157150
Time elapsed: 1 minute(s), 10 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 17
Registry Values Infected: 3
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{ACC62306-9A63-4864-BD2F-C8825D2D7EA6} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.HbAx (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.HbAx.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.HbInfoBand (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.HbInfoBand.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.IEButton (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.IEButton.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.IEButtonA (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.IEButtonA.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.RprtCtrl (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.RprtCtrl.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\bak_Application (Hijacker.Application) -> Value: bak_Application -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\ShopperReports@ShopperReports.com (ShopperReports) -> Value: ShopperReports@ShopperReports.com -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\ClickPotatoLite@ClickPotatoLite.com (Adware.ClickPotato) -> Value: ClickPotatoLite@ClickPotatoLite.com -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\Application (Hijacker.Application) -> Bad: (http://www.helpmeopen.com/?n=app&ext=%s) Good: (http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\program files (x86)\mozilla firefox\searchplugins\Mp3Tube.
xml (Adware.Mp3Tube) -> Quarantined and deleted successfully.
<b>
*************************************************************************************************************************<br clear="all"> </b>


Nothing detected by MS security essentials at all. So I have one more to run.
**************************************************************************************************************************

SystemLook 04.09.10 by jpshortstuff
Log created at 03:38 on 10/01/2011 by Kat
Administrator - Elevation successful

========== folderfind ==========

Searching for "*ClickPotato*"
No folders found.

========== regfind ==========

Searching for "*ClickPotato*"
No data found.

-= EOF =-

***Woo hoo hooo!! Yeah, baby! You are teh rockstar of computer stuff! I am a happy camper now. So, how did I get those, or a better question would be how do I keep from getting those again, please? What did I do wrong? And does this have anything to do with why I can't play any videos on Youtube anymore? Or is that probably something else I screwed up already? LOL Yikes. (By the way, I am already an organ donor. Thank you from the bottom of my heart for your help. How can you afford to do this everyday without getting paid? I am in awe. Really.)


#14 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:03 AM

Posted 10 January 2011 - 06:04 PM

Your welcome. :thumbup2:

So, how did I get those, or a better question would be how do I keep from getting those again, please? What did I do wrong?

I will post some prevention steps when we are through. How it is that you got infected in the 1st place is difficult to determine. I will outline some safe internet practice suggestions soon.

And does this have anything to do with why I can't play any videos on Youtube anymore? Or is that probably something else I screwed up already?

When you try to view YouTube what happens...exactly? Warning messages/error messages etc..

I am already an organ donor.


:wink:

How can you afford to do this everyday without getting paid?

It is my way of giving back. It is a pastime that I enjoy also.

==========

So let's continue...

Please re-open MBAM, press the update tab and then re-run it and post the log.

==========

Next..

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image

To optimize scanning time and produce a more sensible report for review:
  • Close any open programs
  • Turn off the real time scanner of any existing antivirus program while performing the online scan.

Regards,
thcbytes
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#15 kattalksalot

kattalksalot
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Oceanside, CA
  • Local time:09:03 AM

Posted 13 January 2011 - 08:54 AM



No threats found.
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5501

Windows 6.1.7600
Internet Explorer 9.0.7930.16406

1/10/2011 7:53:56 PM
mbam-log-2011-01-10 (19-53-56).txt

Scan type: Quick scan
Objects scanned: 157769
Time elapsed: 1 minute(s), 44 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

************************************************************

ESET (No threats found; No report available to copy)

No threats found.
Scanned files: 113431
Infected files: 0
Cleaned files: 0
Total time: 00:41:51

*******************************************************************

(Sounds pretty good, eh?)

Oh, the Youtube thing is just weird. I think it's just my own messing with file associations I did--quicktime and some stuff isn't working right. maybe it's because of all those cool (/s) extensions I got carried away d/l'g? :whistle: ... meh.


I think I disabled all my anti-virus stuff, etc... right? what do i need to do now? and please, how can i possibly avoid this in the future?

thank you again for your much needed help with all this. i sooooo appreciate you.

~Kat





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users