Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Problems shutting down with you tube


  • Please log in to reply
22 replies to this topic

#1 overtimeracing

overtimeracing

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lakewood, NY
  • Local time:06:29 AM

Posted 12 August 2012 - 01:56 PM

Hey guys...Please help me if you can. Most of the time, if I do anything on you tube for more than 5 min it will shut down my pc. This thing was so full of viruses that we had to restart it a few months ago. I dont think it was ever virus free after that. Thanks in advance! Kevin

Edited by hamluis, 12 August 2012 - 04:03 PM.
Moved from Vista to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:29 AM

Posted 12 August 2012 - 02:16 PM

You can perform scans with eset online scanner and f-secure online scanner.
http://www.eset.com/us/online-scanner/
http://www.f-secure.com/en/web/home_global/protection/free-online-tools/free-online-tools

Scan with malwarebytes and super antispyware.

http://www.malwarebytes.org/mbam/program/mbam-setup.exe
http://cdn.superantispyware.com/SUPERAntiSpyware.exe


If any of the scans find anything post the resluts here.

So that a qualified member can help you.

#3 overtimeracing

overtimeracing
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lakewood, NY
  • Local time:06:29 AM

Posted 12 August 2012 - 02:29 PM

should I run all of them?

#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:29 AM

Posted 12 August 2012 - 02:38 PM

Yeah I would if it were my machine.Just make sure and update everything prior to running.

Edited by InadequateInfirmity, 12 August 2012 - 02:38 PM.


#5 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:29 AM

Posted 12 August 2012 - 02:39 PM

You might also ask to have your thread move to the am I infected forum. Have a good day and good luck. :)

Mod Edit: Moved to Am I Infected forum - Hamluis.

Edited by hamluis, 12 August 2012 - 04:04 PM.


#6 overtimeracing

overtimeracing
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lakewood, NY
  • Local time:06:29 AM

Posted 12 August 2012 - 05:07 PM

Thanks...

#7 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:29 AM

Posted 12 August 2012 - 05:36 PM

Thanks...


Machine running better?

#8 overtimeracing

overtimeracing
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lakewood, NY
  • Local time:06:29 AM

Posted 13 August 2012 - 09:34 AM

Ran the first one yesterday afternoon. at 33% it said it had found 1 threat, then shut down for no reason. And it took forever to get to that 33%. I restarted the pc and when I went to bed, I reran it. This morning it said two threats found. one was repaired and 1 deleted. Im going to run the second one now and leave for the day. I'll keep you posted. Thanks again...Kevin

#9 overtimeracing

overtimeracing
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lakewood, NY
  • Local time:06:29 AM

Posted 13 August 2012 - 09:53 PM

Ran third one today and found 5 trojans. I could post you the log, but I dont know how. Will run forth one tonight. Thx...Kevin

#10 overtimeracing

overtimeracing
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lakewood, NY
  • Local time:06:29 AM

Posted 14 August 2012 - 10:35 PM

Ran the fourth one last night and found 4 more. Erased and restarted. Still running slow today, but I found a weather channel app i finally got rid of. seems better. Any other suggestions?

#11 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:29 AM

Posted 15 August 2012 - 05:43 PM

Can you please run the tools below on the machine with the issues as admin please.

Please download FarbarServiceScanner and run it on the computer with the issue.


Make sure the following options are checked:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please ATTACH the log to your reply.

Please download MINITOOLBOX and run it.

Checkmark following boxes:


Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and Attach the result.



Download Adware Cleaner run it as admin Click the delete button allow it to run and post the log it creates.

http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

#12 overtimeracing

overtimeracing
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lakewood, NY
  • Local time:06:29 AM

Posted 17 August 2012 - 10:16 AM

sorry...how do i attach the logs?

#13 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:29 AM

Posted 17 August 2012 - 06:57 PM

Just copy and paste nevermind attaching them :)

#14 overtimeracing

overtimeracing
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lakewood, NY
  • Local time:06:29 AM

Posted 17 August 2012 - 07:48 PM

wont let me cut and paste. copy and paste. drag. nothing. I have them on the desktop...Nevermind...I got it!

Edited by overtimeracing, 17 August 2012 - 07:53 PM.


#15 overtimeracing

overtimeracing
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lakewood, NY
  • Local time:06:29 AM

Posted 17 August 2012 - 07:52 PM

AdwCleaner v1.801 - Logfile created 08/17/2012 at 11:27:03
# Updated 14/08/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Dad - DAD-PC
# Boot Mode : Normal
# Running from : C:\Users\Dad\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****

Found : vToolbarUpdater11.2.0

***** [Files / Folders] *****

Folder Found : C:\Users\Dad\AppData\Local\AVG Secure Search
Folder Found : C:\Users\Dad\AppData\Local\Temp\avg@toolbar
Folder Found : C:\Users\Dad\AppData\LocalLow\AVG Secure Search
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\Program Files\AVG Secure Search
Folder Found : C:\Program Files\Common Files\AVG Secure Search
File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Found : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml

***** [Registry] *****

Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\IGearSettings
Key Found : HKLM\SOFTWARE\AVG Secure Search
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://isearch.avg.com/?cid={707EC725-5391-43FC-81B4-CF50519AA0DC}&mid=9a09873d92e547d0b335d154268049bf-810d05f483cdc4fcfe5d5b617837c145d4c460e9&lang=en&ds=ft011&pr=sa&d=2012-05-13 05:33:27&v=11.0.0.9&sap=hp

-\\ Google Chrome v21.0.1180.79

File : C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found : "icon_url": "hxxp://isearch.avg.com/favicon.ico",
Found : "keyword": "isearch.avg.com",
Found : "name": "AVG Secure Search",
Found : "search_url": "hxxp://isearch.avg.com/search?cid={707EC725-5391-43FC-81B4-CF50519AA0DC}&mid=9a[...]
Found : "description": "The fastest way to search the web.",
Found : "path": "C:\\Program Files\\Common Files\\AVG Secure Search\\SiteSafetyInstaller\\11.0.2\\\[...]

*************************

AdwCleaner[R1].txt - [6242 octets] - [17/08/2012 11:24:18]
AdwCleaner[S1].txt - [293 octets] - [17/08/2012 11:25:48]
AdwCleaner[R2].txt - [6232 octets] - [17/08/2012 11:27:03]

########## EOF - C:\AdwCleaner[R2].txt - [6360 octets] ##########

# AdwCleaner v1.801 - Logfile created 08/17/2012 at 11:28:42
# Updated 14/08/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Dad - DAD-PC
# Boot Mode : Normal
# Running from : C:\Users\Dad\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : vToolbarUpdater11.2.0

***** [Files / Folders] *****

Folder Deleted : C:\Users\Dad\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Dad\AppData\Local\Temp\avg@toolbar
Folder Deleted : C:\Users\Dad\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml

***** [Registry] *****

Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://isearch.avg.com/?cid={707EC725-5391-43FC-81B4-CF50519AA0DC}&mid=9a09873d92e547d0b335d154268049bf-810d05f483cdc4fcfe5d5b617837c145d4c460e9&lang=en&ds=ft011&pr=sa&d=2012-05-13 05:33:27&v=11.0.0.9&sap=hp --> hxxp://www.google.com

-\\ Google Chrome v21.0.1180.79

File : C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "icon_url": "hxxp://isearch.avg.com/favicon.ico",
Deleted : "keyword": "isearch.avg.com",
Deleted : "name": "AVG Secure Search",
Deleted : "search_url": "hxxp://isearch.avg.com/search?cid={707EC725-5391-43FC-81B4-CF50519AA0DC}&mid=9a[...]
Deleted : "description": "The fastest way to search the web.",
Deleted : "path": "C:\\Program Files\\Common Files\\AVG Secure Search\\SiteSafetyInstaller\\11.0.2\\\[...]

*************************

AdwCleaner[R1].txt - [6242 octets] - [17/08/2012 11:24:18]
AdwCleaner[S1].txt - [293 octets] - [17/08/2012 11:25:48]
AdwCleaner[R2].txt - [6361 octets] - [17/08/2012 11:27:03]
AdwCleaner[S2].txt - [6467 octets] - [17/08/2012 11:28:42]

########## EOF - C:\AdwCleaner[S2].txt - [6595 octets] ##########

MiniToolBox by Farbar Version: 23-07-2012
Ran by Dad (administrator) on 17-08-2012 at 11:17:47
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek RTL8101 Family PCI-E Fast Ethernet NIC (NDIS 6.0) = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Dad-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : stny.rr.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : stny.rr.com
Description . . . . . . . . . . . : Realtek RTL8101 Family PCI-E Fast Ethernet NIC (NDIS 6.0)
Physical Address. . . . . . . . . : 00-1D-60-64-A0-4C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::a5df:2423:c3ba:dd4a%8(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.101(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, August 15, 2012 10:16:45 AM
Lease Expires . . . . . . . . . . : Saturday, August 18, 2012 10:16:47 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 201334112
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-D3-45-17-00-1D-60-64-A0-4C
DNS Servers . . . . . . . . . . . : 209.18.47.61
209.18.47.62
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : stny.rr.com
Description . . . . . . . . . . . : isatap.stny.rr.com
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 209.18.47.61

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.


Pinging google.com [74.125.228.5] with 32 bytes of data:

Reply from 74.125.228.5: bytes=32 time=41ms TTL=52

Reply from 74.125.228.5: bytes=32 time=41ms TTL=52



Ping statistics for 74.125.228.5:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 41ms, Maximum = 41ms, Average = 41ms

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

Reply from 98.139.183.24: bytes=32 time=230ms TTL=48

Reply from 98.139.183.24: bytes=32 time=333ms TTL=47



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 230ms, Maximum = 333ms, Average = 281ms

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time=4ms TTL=128

Reply from 127.0.0.1: bytes=32 time=5ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 4ms, Maximum = 5ms, Average = 4ms

===========================================================================
Interface List
8 ...00 1d 60 64 a0 4c ...... Realtek RTL8101 Family PCI-E Fast Ethernet NIC (NDIS 6.0)
1 ........................... Software Loopback Interface 1
9 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
12 ...00 00 00 00 00 00 00 e0 isatap.stny.rr.com
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.101 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.101 276
192.168.1.101 255.255.255.255 On-link 192.168.1.101 276
192.168.1.255 255.255.255.255 On-link 192.168.1.101 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.101 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.101 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
8 276 fe80::/64 On-link
8 276 fe80::a5df:2423:c3ba:dd4a/128
On-link
1 306 ff00::/8 On-link
8 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/15/2012 10:27:30 AM) (Source: Application Hang) (User: )
Description: The program TWCApp.exe version 7.3.2.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: cf0
Start Time: 01cd7af0e5cbf806
Termination Time: 374

Error: (08/15/2012 10:23:41 AM) (Source: Automatic LiveUpdate Scheduler) (User: NT AUTHORITY)NT AUTHORITY
Description: Information Level: error

Initialization of the COM subsystem failed. Error code: 0x8007041D

Error: (08/14/2012 10:50:55 PM) (Source: Application Hang) (User: )
Description: The program TWCApp.exe version 7.3.2.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: ecc
Start Time: 01cd7a9016c83618
Termination Time: 2067

Error: (08/13/2012 02:01:10 PM) (Source: Automatic LiveUpdate Scheduler) (User: NT AUTHORITY)NT AUTHORITY
Description: Information Level: error

Initialization of the COM subsystem failed. Error code: 0x8007041D

Error: (08/10/2012 00:37:34 AM) (Source: Chrome) (User: Dad-PC)Dad-PC
Description: Chrome has encountered a fatal error.
ver=21.0.1180.75;is_machine=0;minidump=C:\Users\Dad\AppData\Local\Google\CrashReports\725e8c21-c7c3-421f-a5be-80d4429d0e6f.dmp

Error: (07/21/2012 09:32:40 PM) (Source: Application Error) (User: )
Description: Faulting application ccSvcHst.exe, version 11.2.2.4, time stamp 0x4f722db8, faulting module MSVCR90.dll, version 9.0.30729.4148, time stamp 0x4a594c79, exception code 0xc0000005, fault offset 0x00056c68,
process id 0x20c, application start time 0xccSvcHst.exe0.

Error: (05/17/2012 09:39:14 PM) (Source: Chrome) (User: Dad-PC)Dad-PC
Description: Chrome has encountered a fatal error.
ver=19.0.1084.46;is_machine=0;minidump=C:\Users\Dad\AppData\Local\Google\CrashReports\2582a875-5b6b-426b-887f-a5fa92288b70.dmp

Error: (04/28/2012 11:39:14 PM) (Source: Application Error) (User: )
Description: Faulting application ccSvcHst.exe, version 11.2.2.4, time stamp 0x4f722db8, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception code 0xc0000721, fault offset 0x00088d3f,
process id 0xc8, application start time 0xccSvcHst.exe0.

Error: (04/12/2012 10:44:50 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\DAD\DESKTOP\DESKTOP\ROLL BACK RESEARCH.XLR> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (03/28/2012 05:26:00 PM) (Source: UmxAgent) (User: )
Description: C:\Program Files\CA\CA Internet Security Suite\ccevtmgr.exe


System errors:
=============
Error: (08/17/2012 00:18:36 AM) (Source: Service Control Manager) (User: )
Description: 30000SysMain

Error: (08/17/2012 00:18:12 AM) (Source: Service Control Manager) (User: )
Description: 30000TrkWks

Error: (08/15/2012 10:23:42 AM) (Source: Service Control Manager) (User: )
Description: LiveUpdate%%1053

Error: (08/15/2012 10:23:42 AM) (Source: Service Control Manager) (User: )
Description: 30000LiveUpdate

Error: (08/15/2012 10:23:40 AM) (Source: DCOM) (User: )
Description: 1053LiveUpdate{03E0E6C2-363B-11D3-B536-00902771A435}

Error: (08/15/2012 10:20:34 AM) (Source: Service Control Manager) (User: )
Description: Windows Presentation Foundation Font Cache 4.0.0.0%%1053

Error: (08/15/2012 10:20:34 AM) (Source: Service Control Manager) (User: )
Description: 30000Windows Presentation Foundation Font Cache 4.0.0.0

Error: (08/15/2012 10:17:16 AM) (Source: Service Control Manager) (User: )
Description: i8042prt

Error: (08/15/2012 10:16:39 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 3:47:00 AM on 8/15/2012 was unexpected.

Error: (08/14/2012 11:03:26 PM) (Source: Service Control Manager) (User: )
Description: i8042prt


Microsoft Office Sessions:
=========================
Error: (08/15/2012 10:27:30 AM) (Source: Application Hang)(User: )
Description: TWCApp.exe7.3.2.0cf001cd7af0e5cbf806374

Error: (08/15/2012 10:23:41 AM) (Source: Automatic LiveUpdate Scheduler)(User: NT AUTHORITY)NT AUTHORITY
Description: errorInitialization of the COM subsystem failed. Error code: 0x8007041D

Error: (08/14/2012 10:50:55 PM) (Source: Application Hang)(User: )
Description: TWCApp.exe7.3.2.0ecc01cd7a9016c836182067

Error: (08/13/2012 02:01:10 PM) (Source: Automatic LiveUpdate Scheduler)(User: NT AUTHORITY)NT AUTHORITY
Description: errorInitialization of the COM subsystem failed. Error code: 0x8007041D

Error: (08/10/2012 00:37:34 AM) (Source: Chrome)(User: Dad-PC)Dad-PC
Description: Chrome has encountered a fatal error.
ver=21.0.1180.75;is_machine=0;minidump=C:\Users\Dad\AppData\Local\Google\CrashReports\725e8c21-c7c3-421f-a5be-80d4429d0e6f.dmp

Error: (07/21/2012 09:32:40 PM) (Source: Application Error)(User: )
Description: ccSvcHst.exe11.2.2.44f722db8MSVCR90.dll9.0.30729.41484a594c79c000000500056c6820c01cd6783312ae5cf

Error: (05/17/2012 09:39:14 PM) (Source: Chrome)(User: Dad-PC)Dad-PC
Description: Chrome has encountered a fatal error.
ver=19.0.1084.46;is_machine=0;minidump=C:\Users\Dad\AppData\Local\Google\CrashReports\2582a875-5b6b-426b-887f-a5fa92288b70.dmp

Error: (04/28/2012 11:39:14 PM) (Source: Application Error)(User: )
Description: ccSvcHst.exe11.2.2.44f722db8ntdll.dll6.0.6002.185414ec3e3d5c000072100088d3fc801cd24f72eb80e60

Error: (04/12/2012 10:44:50 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\DAD\DESKTOP\DESKTOP\ROLL BACK RESEARCH.XLR

Error: (03/28/2012 05:26:00 PM) (Source: UmxAgent)(User: )
Description: C:\Program Files\CA\CA Internet Security Suite\ccevtmgr.exe


=========================== Installed Programs ============================

ActiveCheck component for HP Active Support Library (Version: 3.0.0.2)
Adobe Flash Player ActiveX (Version: 9.0.45.0)
Adobe Reader 8.1.0 (Version: 8.1.0)
AVG Security Toolbar (Version: 11.1.0.12)
ESET Online Scanner v3
Google Chrome (Version: 21.0.1180.79)
Hardware Diagnostic Tools (Version: 5.00.4558.05)
HP Active Support Library (Version: 2.0.12.1)
HP Active Support Library 32 bit components (Version: 2.1.0)
HP Customer Experience Enhancements (Version: 5.2.0.2296)
HP Customer Feedback (Version: 1.0.0)
HP Easy Setup - Frontend (Version: 5.2.0.2304)
HP On-Screen Cap/Num/Scroll Lock Indicator
HP Photosmart Essential 2.01 (Version: 2.01)
HP Photosmart Essential2.01 (Version: 1.01.0000)
HP Total Care Advisor (Version: 1.2.13)
HP Update (Version: 5.003.001.001)
HPAsset component for HP Active Support Library (Version: 3.0.0.7)
Intel® Graphics Media Accelerator Driver
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ 7 Update 5 (Version: 7.0.50)
Java™ SE Runtime Environment 6 Update 1 (Version: 1.6.0.10)
JavaFX 2.1.1 (Version: 2.1.1)
LightScribe 1.8.15.1 (Version: 1.8.15.1)
LiveUpdate 3.2 (Symantec Corporation) (Version: 3.2.0.68)
LiveUpdate Notice (Symantec Corporation) (Version: 1.4.5)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
McAfee Security Scan Plus (Version: 2.1.121.2)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Office Home and Student 60 day trial
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Works (Version: 08.05.0818)
MSRedist (Version: 9.0.30729.4148)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
muvee autoProducer 6.0 (Version: 6.00.050)
My HP Games (Version: HPCMPQ1804)
Norton Internet Security (Version: 19.8.0.14)
Norton Management (Version: 2.1.2.13)
PSSWCORE (Version: 2.01.0000)
Python 2.5 (Version: 2.5.150)
Realtek High Definition Audio Driver (Version: 6.0.1.5789)
Rhapsody
Rhapsody Player Engine (Version: 1.0.604)
Roxio Activation Module (Version: 1.0)
Roxio Creator Audio (Version: 3.4.0)
Roxio Creator Basic v9 (Version: 3.4.0)
Roxio Creator Copy (Version: 3.4.0)
Roxio Creator Data (Version: 3.4.0)
Roxio Creator EasyArchive (Version: 3.4.0)
Roxio Creator Tools (Version: 3.4.0)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio MyDVD Basic v9 (Version: 9.0.572)
Soft Data Fax Modem with SmartCP (Version: 7.74.00)
SUPERAntiSpyware (Version: 5.5.1012)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
VideoToolkit01 (Version: 90.0.146.000)
WeatherBug Gadget (Version: 1.0.0.6)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 82%
Total physical RAM: 1014.64 MB
Available physical RAM: 177.16 MB
Total Pagefile: 2295.62 MB
Available Pagefile: 521.43 MB
Total Virtual: 2047.88 MB
Available Virtual: 1960.18 MB

========================= Partitions: =====================================

1 Drive c: (COMPAQ) (Fixed) (Total:224.17 GB) (Free:162.8 GB) NTFS
2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:8.72 GB) (Free:1.16 GB) NTFS
3 Drive e: (CADDYSHACK) (CDROM) (Total:5.61 GB) (Free:0 GB) UDF
5 Drive g: (FreeAgent Drive) (Fixed) (Total:465.76 GB) (Free:394.41 GB) NTFS

========================= Users: ========================================

User accounts for \\DAD-PC

Administrator Dad Guest


**** End of log ****

Farbar Service Scanner Version: 06-08-2012
Ran by Dad (administrator) on 17-08-2012 at 11:03:36
Running from "C:\Users\Dad\Desktop"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll
[2012-02-23 23:54] - [2008-01-19 03:34] - 0288256 ____A (Microsoft Corporation) E1499BD0FF76B1B2FBBF1AF339D91165

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users