Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

unable to download any files therough internet explorer 9


  • This topic is locked This topic is locked
11 replies to this topic

#1 icemeister

icemeister

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:39 AM

Posted 23 June 2013 - 07:56 AM

Hi,

 

i think i may have a virus or some malware. internet explorer will not allow me to download any files. When downloading the files they complete downloading. A message then appears stating the download "contained a virus and was deleted". oddly enough i also cannot access windows defender or windows firewall settings. When accessing defender windows cannot find specified file. Although i can get into the inital windows firewall screen when i click the update settings dialogue i receive a "windows firewall was unable to make the requested updates" error message. I suspect a virus but despite several attempts i have been unable to remove this and therefore download any files. i am running Windows Vista Home Premium. Any ideas please as this issue is driving me round the bend?

 

Thanks,



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:39 AM

Posted 24 June 2013 - 12:23 AM


***** I will need you to download this program from a clean computer and transfer it to this computer via a flash drive or a pen drive to run. *****


This is only a scan to give me information that i will need to remove the virus

Please download the Farbar Recovery Scan Tool from here: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/

save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Double-click to run it.
When the tool opens click Yes to disclaimer.
Press the Scan button.
It will make a log (FRST.txt) in the same directory the tool is run.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:39 AM

Posted 27 June 2013 - 12:32 AM



Hello

48 Hour bump

It has been more than 48 hours since my last post.
  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#4 icemeister

icemeister
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:39 AM

Posted 27 June 2013 - 12:00 PM

I need more time. Potentially wont get time to look at this until Saturday as manic with work this week.



#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:39 AM

Posted 27 June 2013 - 12:53 PM

I will look for you then


Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:39 AM

Posted 30 June 2013 - 12:07 PM



Hello

48 Hour bump

It has been more than 48 hours since my last post.
  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:39 AM

Posted 03 July 2013 - 01:17 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:39 AM

Posted 06 July 2013 - 08:32 PM

This topic has been re-opened at the request of the person who originally posted.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 icemeister

icemeister
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:39 AM

Posted 07 July 2013 - 06:28 AM

Please find below reports from FRST. There is an FRSt and an additional log file. I will post FRST and then the other separated with ===============

 

Any help you can provide would be great as this issue is really annoying

 

FRST Log is as follows:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-07-2013
Ran by amilis (administrator) on 06-07-2013 20:58:50
Running from C:\Users\amilis\AppData\Local\temp\5i9j84uu.tmp
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(Andrea Electronics Corporation) C:\Windows\system32\AERTSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\3.8.3.6\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(SupportSoft, Inc.) C:\Program Files\O2\bin\sprtsvc.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\3.8.3.6\ccSvcHst.exe
(Symantec Corporation) C:\ProgramData\Norton\NUA.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Google Inc.) C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
(Ask) C:\Program Files\Ask.com\Updater\Updater.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Creative Technology Ltd.) C:\Windows\V0700Mon.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
(EasyBits Software AS) C:\ProgramData\GameXN\GameXNGO.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(Apple Inc.) C:\Program Files\Safari\Safari.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] RtHDVCpl.exe [x]
HKLM\...\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter [x]
HKLM\...\Run: [hpqSRMon]  [x]
HKLM\...\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe"  /autorun [122880 2009-10-12] (Google Inc.)
HKLM\...\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-11-02] (Apple Inc.)
HKLM\...\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" [1557160 2012-04-09] (Ask)
HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-11-02] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2011-10-24] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [421736 2011-12-08] (Apple Inc.)
HKLM\...\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [310280 2012-12-20] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [V0700Mon.exe] C:\Windows\V0700Mon.exe [28672 2011-08-22] (Creative Technology Ltd.)
HKLM\...\Run: []  [x]
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll [X]
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1233920 2009-04-11] (Microsoft Corporation)
HKCU\...\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background [4240760 2010-11-10] (Microsoft Corporation)
HKCU\...\Run: [Sony Ericsson PC Companion] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background [427008 2011-02-28] (Sony Ericsson)
HKCU\...\Run: [GameXN GO] "C:\ProgramData\GameXN\GameXNGO.exe" /startup [347008 2011-09-10] (EasyBits Software AS)
HKCU\...\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe [6508192 2012-10-25] (SlySoft, Inc.)
HKCU\...\Run: [download beast] "C:\Program Files\Download Beast\DownloadBeast.exe" -h [3891712 2012-06-20] (Download Beast)
HKCU\...\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload [1476104 2012-12-20] (Samsung)
HKCU\...\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup [x]
HKCU\...\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844296 2012-12-20] (Samsung)
HKCU\...\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [18705664 2013-01-08] (Skype Technologies S.A.)
HKCU\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-10-12] (Google Inc.)
MountPoints2: {3faa9b2e-1405-11e0-ad49-001150c44ef0} - K:\Startme.exe
HKU\amilis(admin)\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]
Startup: C:\ProgramData\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\amilis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\amilis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote Table Of Contents.onetoc2 ()
Startup: C:\Users\amilis(admin)\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/USCON/2
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USCON/2
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
SearchScopes: HKLM - {D6BCC3FA-4424-4351-B9C2-354C46DC684F} URL = http://search.live.com/results.aspx?q={searchTerms}&Form=DLCDF7&pc=MDDC&src={referrer:source?}
HKCU SearchScopes: DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: OneTab Add-on - {16ADEA98-D215-4F51-80AF-5E5ED660B9C0} - C:\Users\amilis\AppData\Roaming\OneTab\OneTab.dll (OnPageAds)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.8.3.6\coIEPlg.dll (Symantec Corporation)
BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.8.3.6\IPSBHO.DLL (Symantec Corporation)
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Plug-In - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.8.3.6\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKCU -Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.8.3.6\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU -Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} http://activex.camfrogweb.com/advanced/2.0.2.3/cfweb_activex.camfrogweb.com-advanced-2.0.2.3_instmodule.exe
DPF: {705EC6D4-B138-4079-A307-EF13E4889A82} https://bb-bristol-asa.bevanbrittan.com/CACHE/sdesktop/install/binaries/instweb.cab
DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} http://secure2.comned.com/signuptemplates/securelogin-devel.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.8.3.6\coIEPlg.dll (Symantec Corporation)
ShellExecuteHooks:  - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  No File [ ]
Winsock: Catalog5 01 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 02 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 03 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 04 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 05 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 06 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 07 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 08 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 09 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 10 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 11 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 12 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 13 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 14 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 15 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 16 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 17 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 18 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 19 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 20 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 21 mswsock.dll File Not found (Microsoft Corporation)
Winsock: Catalog9 22 mswsock.dll File Not found (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\amilis\AppData\Roaming\Mozilla\Firefox\Profiles\2yesru1q.default
FF user.js: detected! => C:\Users\amilis\AppData\Roaming\Mozilla\Firefox\Profiles\2yesru1q.default\user.js
FF SelectedSearchEngine: WhiteSmoke B Customized Web Search
FF Homepage: hxxp://search.conduit.com/?ctid=CT3279141&CUI=UN30868488262926610&UM=2&SearchSource=13
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279141&SearchSource=2&CUI=UN30868488262926610&UM=2&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.4 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\amilis\AppData\Roaming\Mozilla\Firefox\Profiles\2yesru1q.default\searchplugins\browsemngr.xml
FF SearchPlugin: C:\Users\amilis\AppData\Roaming\Mozilla\Firefox\Profiles\2yesru1q.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\answers.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\SafeSearch.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml
FF Extension: No Name - C:\Users\amilis\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
FF Extension: No Name - C:\Users\amilis\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Quick Media Converter Ask Toolbar - C:\Users\amilis\AppData\Roaming\Mozilla\Firefox\Profiles\2yesru1q.default\Extensions\toolbar@ask.com
FF Extension: Microsoft .NET Framework Assistant - C:\Users\amilis\AppData\Roaming\Mozilla\Firefox\Profiles\2yesru1q.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: WhiteSmoke B  - C:\Users\amilis\AppData\Roaming\Mozilla\Firefox\Profiles\2yesru1q.default\Extensions\{f0e59437-6148-4a98-b0a6-60d557ef57f4}
FF Extension: Skype extension - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{8545daff-ad1e-493f-a37e-eed1ac79682b}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF HKLM\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF HKCU\...\Firefox\Extensions: [onetab@onetab.net] C:\Users\amilis\AppData\Roaming\OneTab\xpi
FF Extension: onetab - C:\Users\amilis\AppData\Roaming\OneTab\xpi

========================== Services (Whitelisted) =================

S2 0208831271620784mcinstcleanup; C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini [1376 2010-04-18] ()
R2 AERTFilters; C:\Windows\system32\AERTSrv.exe [73728 2008-07-18] (Andrea Electronics Corporation)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-09-23] (Stardock Corporation)
R2 FlipShare Service; C:\Program Files\Flip Video\FlipShare\FlipShareService.exe [460144 2010-10-11] ()
S2 LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [141848 2007-07-20] (Logitech Inc.)
R2 N360; C:\Program Files\Norton 360\Engine\3.8.3.6\diMaster.dll [135024 2011-10-12] (Symantec Corporation)
S3 Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [150528 2011-02-10] (Avanquest Software)
R2 sprtsvc_O2; C:\Program Files\O2\bin\sprtsvc.exe [202280 2007-06-07] (SupportSoft, Inc.)

==================== Drivers (Whitelisted) ====================

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [121248 2012-08-26] (SlySoft, Inc.)
R1 BHDrvx86; C:\Windows\System32\Drivers\N360\0308030.006\BHDrvx86.sys [259632 2010-01-20] (Symantec Corporation)
S3 CamDrL; C:\Windows\System32\DRIVERS\Camdrl.sys [1075360 2007-02-03] (Logitech Inc.)
R1 ccHP; C:\Windows\System32\Drivers\N360\0308030.006\ccHPx86.sys [467592 2011-09-22] (Symantec Corporation)
S3 DCamUSBSQTECH; C:\Windows\System32\Drivers\SQcaptur.sys [24511 2002-05-06] (Service & Quality Technology.)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376480 2013-06-22] (Symantec Corporation)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-16] (Elaborate Bytes AG)
U3 EraserUtilDrvI10; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrvI10.sys [102448 2010-05-28] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [106656 2013-06-22] (Symantec Corporation)
R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20130705.001\IDSvix86.sys [386720 2013-06-21] (Symantec Corporation)
S3 LVMVDrv; C:\Windows\System32\DRIVERS\LVMVDrv.sys [2142488 2007-07-20] (Logitech Inc.)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20130705.023\NAVENG.SYS [93272 2013-06-22] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20130705.023\NAVEX15.SYS [1611992 2013-06-22] (Symantec Corporation)
R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [27648 2008-07-21] (Windows ® Codename Longhorn DDK provider)
R3 SRTSP; C:\Windows\System32\Drivers\N360\0308030.006\SRTSP.SYS [308272 2010-01-20] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360\0308030.006\SRTSPX.SYS [43696 2010-01-20] (Symantec Corporation)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [181344 2012-09-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
R0 SymEFA; C:\Windows\System32\drivers\N360\0308030.006\SYMEFA.SYS [310320 2010-01-20] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [124976 2010-04-19] (Symantec Corporation)
R3 SYMFW; C:\Windows\System32\Drivers\N360\0308030.006\SYMFW.SYS [89976 2011-09-22] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [25648 2010-01-20] (Symantec Corporation)
R3 SYMNDISV; C:\Windows\System32\Drivers\N360\0308030.006\SYMNDISV.SYS [48760 2011-09-22] (Symantec Corporation)
R1 SYMTDI; C:\Windows\System32\Drivers\N360\0308030.006\SYMTDI.SYS [217464 2011-09-22] (Symantec Corporation)
S3 USB_RNDIS; C:\Windows\System32\DRIVERS\usb8023.sys [15872 2013-02-12] (Microsoft Corporation)
R3 V0700Vid; C:\Windows\System32\DRIVERS\V0700Vid.sys [322528 2011-09-06] (Creative Technology Ltd.)
S3 catchme; \??\C:\Users\amilis\AppData\Local\Temp\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 lvpopflt; system32\DRIVERS\lvpopflt.sys [x]
S3 LVRS; system32\DRIVERS\lvrs.sys [x]
S3 lvselsus; system32\DRIVERS\lvselsus.sys [x]
S3 LVUSBSta; system32\drivers\LVUSBSta.sys [x]
S3 LVUVC; system32\DRIVERS\lvuvc.sys [x]
S3 MEMSWEEP2; \??\C:\Windows\system32\B1F1.tmp [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-07-06 20:55 - 2013-07-06 20:55 - 00000000 ____D C:\FRST
2013-07-06 18:07 - 2013-07-06 18:07 - 00000000 ____D C:\Users\amilis\AppData\Local\{4B38980C-E789-4A8E-8D96-82FD6263A619}
2013-06-23 13:36 - 2013-06-23 13:36 - 00000000 _RASH C:\MSDOS.SYS
2013-06-23 13:36 - 2013-06-23 13:36 - 00000000 _RASH C:\IO.SYS
2013-06-23 10:24 - 2013-06-23 10:24 - 00000000 ____D C:\Users\amilis\AppData\Local\{7C1DB7D9-6272-4124-8911-735C427CCB05}
2013-06-18 21:11 - 2013-06-18 21:12 - 00000000 ____D C:\Users\amilis\AppData\Local\{6CEC32FF-22BE-4511-A528-2CB8B127598E}
2013-06-17 22:24 - 2013-06-17 22:25 - 00000000 ____D C:\Program Files\My Dell
2013-06-17 22:10 - 2013-06-17 22:10 - 00000000 ____D C:\Users\amilis\AppData\Local\{2E8AD582-68F2-4DBA-88A9-54909547E080}
2013-06-16 22:52 - 2013-06-16 22:52 - 00000908 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-16 22:52 - 2013-06-16 22:52 - 00000000 ____D C:\Users\amilis\AppData\Roaming\Malwarebytes
2013-06-16 22:52 - 2013-06-16 22:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-16 22:52 - 2013-06-16 22:52 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-06-16 22:52 - 2013-06-16 22:50 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\amilis\Desktop\mbam-setup-1.75.0.1300.exe
2013-06-16 22:52 - 2013-04-04 14:50 - 00022856 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-06-16 22:22 - 2013-04-04 05:30 - 00263584 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-06-16 22:21 - 2013-06-16 22:21 - 00000000 ____D C:\Users\amilis\AppData\Roaming\Oracle
2013-06-16 22:21 - 2013-06-16 22:21 - 00000000 ____D C:\Program Files\Common Files\Java
2013-06-16 22:16 - 2013-04-04 05:35 - 00094112 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2013-06-16 22:16 - 2013-04-04 05:30 - 00174496 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-06-16 22:16 - 2013-04-04 05:29 - 00174496 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-06-16 22:15 - 2013-06-16 22:16 - 00003903 ____A C:\Windows\System32\jupdate-1.7.0_21-b11.log
2013-06-16 22:09 - 2013-06-16 22:09 - 00000000 ____D C:\Users\amilis\AppData\Local\{4EBD729E-D594-4717-9E78-9553FF88EEC9}
2013-06-16 21:34 - 2013-06-16 21:34 - 00000000 __SHD C:\Windows\System32\%APPDATA%
2013-06-16 19:57 - 2013-07-06 18:11 - 00001940 ____A C:\Users\amilis\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
2013-06-16 14:52 - 2013-06-16 14:52 - 00000000 ____D C:\Users\amilis\AppData\Local\{A2BFE1AD-15E2-434D-BF12-3BA2CAF0920E}
2013-06-16 14:44 - 2013-06-16 14:44 - 00000000 ____D C:\Users\amilis\AppData\Local\{4F91D6C6-1CA3-45D0-8F1E-5ABEDABE3782}
2013-06-16 14:38 - 2013-06-16 14:38 - 00000000 ____D C:\Users\amilis\AppData\Local\{E53C894F-7115-4CC8-AB79-12CECEB0B5CC}
2013-06-16 13:44 - 2013-06-16 14:35 - 00000000 ____D C:\Users\amilis\Desktop\Georgias Wedding
2013-06-16 12:42 - 2013-06-16 12:42 - 00000000 ____D C:\Users\amilis\AppData\Local\{A83AC28D-3CF2-437F-8654-AA5E45E8C6B5}
2013-06-16 10:50 - 2013-06-16 10:50 - 00000000 ____D C:\Users\amilis\AppData\Local\{40FD1382-2AAF-402A-A5B9-DE0BCA51158A}

==================== One Month Modified Files and Folders ========

2013-07-06 20:55 - 2013-07-06 20:55 - 00000000 ____D C:\FRST
2013-07-06 20:55 - 2011-09-10 17:32 - 00000000 ____D C:\ProgramData\GameXN
2013-07-06 20:54 - 2009-10-14 15:15 - 00000000 ____D C:\Users\amilis\AppData\Local\Apple Computer
2013-07-06 20:52 - 2010-02-13 17:08 - 00000886 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-06 20:52 - 2010-02-13 17:08 - 00000882 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-06 20:52 - 2009-10-14 15:15 - 00000000 ____D C:\Users\amilis\AppData\Roaming\Apple Computer
2013-07-06 20:18 - 2011-05-15 20:15 - 00000000 ____D C:\Users\amilis\AppData\Roaming\Skype
2013-07-06 20:02 - 2006-11-02 13:47 - 00003744 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-06 20:02 - 2006-11-02 13:47 - 00003744 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-06 18:11 - 2013-06-16 19:57 - 00001940 ____A C:\Users\amilis\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
2013-07-06 18:09 - 2006-11-02 11:33 - 00762398 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-06 18:08 - 2010-11-20 16:29 - 00000000 ____D C:\Users\amilis\AppData\Local\Windows Live
2013-07-06 18:07 - 2013-07-06 18:07 - 00000000 ____D C:\Users\amilis\AppData\Local\{4B38980C-E789-4A8E-8D96-82FD6263A619}
2013-07-06 18:05 - 2012-10-30 14:26 - 00000040 ___SH C:\ProgramData\.zreglib
2013-07-06 18:05 - 2011-07-30 10:03 - 00000000 ____D C:\Users\amilis\AppData\Roaming\go
2013-07-06 18:04 - 2009-04-02 21:26 - 00000276 ____A C:\Windows\Tasks\RtlNICDiagVistaStart.job
2013-07-06 18:02 - 2008-01-21 03:47 - 00147522 ____A C:\Windows\PFRO.log
2013-07-06 18:02 - 2006-11-02 14:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-24 00:24 - 2006-11-02 14:01 - 00032630 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-23 18:25 - 2009-10-12 19:21 - 00000560 ___AH C:\Windows\Tasks\Norton Security Scan for amilis.job
2013-06-23 13:42 - 2009-04-02 22:13 - 01159311 ____A C:\Windows\WindowsUpdate.log
2013-06-23 13:36 - 2013-06-23 13:36 - 00000000 _RASH C:\MSDOS.SYS
2013-06-23 13:36 - 2013-06-23 13:36 - 00000000 _RASH C:\IO.SYS
2013-06-23 10:24 - 2013-06-23 10:24 - 00000000 ____D C:\Users\amilis\AppData\Local\{7C1DB7D9-6272-4124-8911-735C427CCB05}
2013-06-18 21:12 - 2013-06-18 21:11 - 00000000 ____D C:\Users\amilis\AppData\Local\{6CEC32FF-22BE-4511-A528-2CB8B127598E}
2013-06-17 22:25 - 2013-06-17 22:24 - 00000000 ____D C:\Program Files\My Dell
2013-06-17 22:25 - 2011-05-28 16:25 - 00000000 ____D C:\Program Files\Dell Support Center
2013-06-17 22:24 - 2009-04-02 21:39 - 00000000 ____D C:\ProgramData\PCDr
2013-06-17 22:10 - 2013-06-17 22:10 - 00000000 ____D C:\Users\amilis\AppData\Local\{2E8AD582-68F2-4DBA-88A9-54909547E080}
2013-06-16 23:15 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system
2013-06-16 23:13 - 2013-03-03 17:14 - 00000000 ____D C:\Users\amilis\AppData\Local\SwvUpdater
2013-06-16 23:10 - 2011-01-03 19:05 - 00000000 ____D C:\Program Files\Ask.com
2013-06-16 22:52 - 2013-06-16 22:52 - 00000908 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-06-16 22:52 - 2013-06-16 22:52 - 00000000 ____D C:\Users\amilis\AppData\Roaming\Malwarebytes
2013-06-16 22:52 - 2013-06-16 22:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-16 22:52 - 2013-06-16 22:52 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-06-16 22:52 - 2006-11-02 13:52 - 00193131 ____A C:\Windows\setupact.log
2013-06-16 22:50 - 2013-06-16 22:52 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\amilis\Desktop\mbam-setup-1.75.0.1300.exe
2013-06-16 22:33 - 2010-10-09 15:55 - 00000000 ____D C:\Users\amilis(admin)\AppData\Roaming\Google
2013-06-16 22:31 - 2010-10-09 15:49 - 00000000 ____D C:\Users\amilis(admin)\AppData\Local\Google
2013-06-16 22:29 - 2010-10-09 15:48 - 00073608 ____A C:\Users\amilis(admin)\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-16 22:21 - 2013-06-16 22:21 - 00000000 ____D C:\Users\amilis\AppData\Roaming\Oracle
2013-06-16 22:21 - 2013-06-16 22:21 - 00000000 ____D C:\Program Files\Common Files\Java
2013-06-16 22:16 - 2013-06-16 22:15 - 00003903 ____A C:\Windows\System32\jupdate-1.7.0_21-b11.log
2013-06-16 22:16 - 2009-04-02 21:25 - 00000000 ____D C:\Program Files\Java
2013-06-16 22:09 - 2013-06-16 22:09 - 00000000 ____D C:\Users\amilis\AppData\Local\{4EBD729E-D594-4717-9E78-9553FF88EEC9}
2013-06-16 21:34 - 2013-06-16 21:34 - 00000000 __SHD C:\Windows\System32\%APPDATA%
2013-06-16 21:28 - 2013-03-03 17:11 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-16 21:28 - 2011-05-15 17:07 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-16 14:52 - 2013-06-16 14:52 - 00000000 ____D C:\Users\amilis\AppData\Local\{A2BFE1AD-15E2-434D-BF12-3BA2CAF0920E}
2013-06-16 14:44 - 2013-06-16 14:44 - 00000000 ____D C:\Users\amilis\AppData\Local\{4F91D6C6-1CA3-45D0-8F1E-5ABEDABE3782}
2013-06-16 14:38 - 2013-06-16 14:38 - 00000000 ____D C:\Users\amilis\AppData\Local\{E53C894F-7115-4CC8-AB79-12CECEB0B5CC}
2013-06-16 14:35 - 2013-06-16 13:44 - 00000000 ____D C:\Users\amilis\Desktop\Georgias Wedding
2013-06-16 12:42 - 2013-06-16 12:42 - 00000000 ____D C:\Users\amilis\AppData\Local\{A83AC28D-3CF2-437F-8654-AA5E45E8C6B5}
2013-06-16 11:28 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-06-16 10:50 - 2013-06-16 10:50 - 00000000 ____D C:\Users\amilis\AppData\Local\{40FD1382-2AAF-402A-A5B9-DE0BCA51158A}

ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-167490411-2273335823-148190918-1000\$eaca39ad416efda41a7f6b60de9afec3

ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$eaca39ad416efda41a7f6b60de9afec3

Files to move or delete:
====================
C:\Users\amilis\Windows7UpgradeAdvisorSetup.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
C:\Program Files\Windows Defender\mpsvc.dll => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender

LastRegBack: 2013-07-06 18:09

==================== End Of Log ============================

 

 

============================================================================

additional.txt is as follows:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-07-2013
Ran by amilis at 2013-07-06 21:02:29
Running from C:\Users\amilis\AppData\Local\temp\5i9j84uu.tmp
Boot Mode: Normal
==========================================================

==================== Installed Programs =======================

 Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer (Version: 2.1.5)
3ivx MPEG-4 5.0.3 (remove only) (Version: 5.0.3)
Acrobat.com (Version: 0.0.0)
Adobe Flash Player 10 Plugin (Version: 10.1.102.64)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Reader 9 (Version: 9.0.0)
Adobe Shockwave Player 11.6 (Version: 11.6.8.638)
AGEIA PhysX v2.6.0 (Version: 2.6.0.4)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
Belkin F5D7051 (Version: 1.00.0000)
Bonjour (Version: 3.0.0.10)
BTOffer (Version: 1.00.1)
BufferChm (Version: 110.0.180.000)
C4400 (Version: 110.0.201.000)
C4400_Help (Version: 110.0.201.000)
CamfrogWEB Advanced ActiveX Plugin (remove only)
Cards_Calendar_OrderGift_DoMorePlugout (Version: 2.03.0000)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Copy (Version: 110.0.180.000)
Creative Live! Cam Chat HD (VF0700) (1.00.06.00)
CustomerResearchQFolder (Version: 1.00.0000)
D3DX10 (Version: 15.4.2368.0902)
Dell Dock (Version: 1.0.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Resource CD (Version: 1.00.0000)
Dell-eBay (Version: 1.00.0000)
Destination Component (Version: 110.0.0.0)
DeviceDiscovery (Version: 110.0.180.000)
DeviceManagementQFolder (Version: 1.00.0000)
DocProc (Version: 11.0.0.0)
DocProcQFolder (Version: 1.00.0000)
DVD Decrypter (Remove Only)
DVD Shrink 3.2
EatCam Webcam Recorder 5.0 for MSN (Version: 5.0)
eSupportQFolder (Version: 1.00.0000)
FlipShare (Version: 5.9.19.0)
Full Tilt Poker (Version: 4.27.0.WIN.FullTilt.COM)
GameXN GO
Google Quick Search Box (Version: 1.2.1151.245)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4209.2358)
Google Update Helper (Version: 1.3.21.145)
GoToAssist 8.0.0.514
GPBaseService (Version: 110.0.180.000)
GPBaseService2 (Version: 130.0.371.000)
HandBrake 0.9.8 (Version: 0.9.8)
HijackThis 2.0.2 (Version: 2.0.2)
HP Customer Participation Program 11.0 (Version: 11.0)
HP Imaging Device Functions 11.0 (Version: 11.0)
HP Photosmart C4400 All-In-One Driver Software 11.0 Rel .3 (Version: 11.0)
HP Photosmart Essential 2.5 (Version: 1.03.0000)
HP Photosmart Essential 3.0 (Version: 3.0)
HP Smart Web Printing (Version: 4.0)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.002.008.001)
HPPhotoSmartPhotobookWebPack1 (Version: 2.03.0000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 110.0.180.000)
iCloud (Version: 1.0.2.17)
Intel® Graphics Media Accelerator Driver
iTunes (Version: 10.5.2.11)
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
Junk Mail filter update (Version: 15.4.3502.0922)
Logitech® Camera Driver
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MarketResearch (Version: 110.0.180.000)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.4 (Version: 2.0.3008.0)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Works (Version: 9.7.0621)
MobileMe Control Panel (Version: 3.1.8.0)
Mozilla Firefox (3.6.3) (Version: 3.6.3 (en-GB))
MSVCRT (Version: 15.4.2862.0708)
MSVCSetup (Version: 1.00.0000)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MVision (Version: 11.10.2030)
My Dell (Version: 3.3.6261.27)
My DSC
MyDSC_CIF
MyFreeCodec
Myst Online: Uru Live (remove only)
Norton 360 (Version: 3.8.3.6)
Norton Security Scan (Version: 2.7.0.52)
O2 Broadband Assistant (Version: 1.1.24)
OCR Software by I.R.I.S. 11.0 (Version: 11.0)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OneTab
PanoStandAlone (Version: 110.0.180.000)
PokerStars
PS_AIO_03_C4400_ProductContext (Version: 110.0.201.000)
PS_AIO_03_C4400_Software (Version: 110.0.201.000)
PS_AIO_03_C4400_Software_Min (Version: 110.0.201.000)
PSSWCORE (Version: 2.03.0000)
Quick Media Converter Ask Toolbar (Version: 1.15.1.0)
Quick Media Converter Ask Toolbar Updater (HKCU Version: 1.2.1.22229)
QuickTime (Version: 7.71.80.42)
Realtek Ethernet Network Card Diagnostic tool for Windows Vista (Version: 1.00)
Realtek High Definition Audio Driver
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator DE (Version: 10.1)
Roxio Creator DE (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio Update Manager (Version: 6.0.0)
Safari (Version: 5.34.52.7)
Samsung Kies (Version: 2.5.1.12123_2)
Samsung USB Driver
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.16.0)
Samsung Video Codec 1.1 Uninstall
Scan (Version: 11.0.0.0)
Segoe UI (Version: 15.4.2271.0615)
Shop for HP Supplies (Version: 11.0)
Skype Toolbars (Version: 5.3.7280)
Skype™ 6.1 (Version: 6.1.129)
SmartWebPrinting (Version: 110.0.182.000)
SolutionCenter (Version: 130.0.373.000)
Sony Ericsson PC Companion 2.01.148 (Version: 2.01.148)
Sony Ericsson Update Engine (Version: 2.10.12.15)
Sophos Anti-Rootkit 1.5.0 (Version: 1.5.0)
Spotify (Version: 0.3.19)
Status (Version: 110.0.180.000)
swMSM (Version: 12.0.0.1)
TomTom HOME 2.7.3.1894 (Version: 2.7.3.1894)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
Toolbox (Version: 110.0.180.000)
TrayApp (Version: 110.0.180.000)
UnloadSupport (Version: 11.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VideoToolkit01 (Version: 110.0.171.000)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
WebReg (Version: 110.0.180.000)
Windows 7 Upgrade Advisor (Version: 2.0.3001.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR archiver

==================== Restore Points  =========================

23-03-2013 14:57:50 Windows Update
24-03-2013 11:33:28 Windows Update
27-03-2013 21:39:11 Windows Update
30-03-2013 23:31:35 Windows Update
31-03-2013 13:41:40 Windows Update
01-04-2013 13:25:19 Windows Update
01-04-2013 14:46:45 Installed Java 7 Update 17
03-04-2013 22:02:54 Windows Update
04-04-2013 21:29:47 Windows Update
15-04-2013 21:15:37 Windows Update
16-04-2013 21:08:32 Windows Update
21-04-2013 21:16:12 Windows Update
06-05-2013 18:11:53 Windows Update
16-06-2013 09:52:45 Windows Update
16-06-2013 21:14:50 Installed Java 7 Update 21
17-06-2013 21:57:58 Scheduled Checkpoint
23-06-2013 20:09:42 Scheduled Checkpoint

==================== Hosts content: ==========================

2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {03837699-42BB-4CC2-B814-7A1A56350949} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-13] (Google Inc.)
Task: {05B6AEA2-4EBE-4878-B1AA-EC75BF76B39F} - System32\Tasks\{D46F8F65-7F66-4CE4-A873-FBB5DDF2AB1C} => c:\program files\internet explorer\iexplore.exe [2013-02-22] (Microsoft Corporation)
Task: {114484A8-F699-4D8A-88FB-8586B4AEB4E6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-13] (Google Inc.)
Task: {13F8A8B9-8F9F-4DA1-BE4E-65B98B40D77A} - System32\Tasks\{EABCF34A-33D8-454F-A89A-E0A7DDD07C3E} => C:\Program Files\Skype\\Phone\Skype.exe [2013-01-08] (Skype Technologies S.A.)
Task: {15A13E59-0B3F-4432-8D8C-7CF6D72D4FAD} - System32\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C} => C:\Users\amilis\AppData\Local\Temp\Pwq.exe No File
Task: {167C08A2-560E-4A8F-B0B6-F77437C1EF51} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-12] (Microsoft Corporation)
Task: {195B8E4C-6180-4AE7-9D8B-EF469E594CBA} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-05-07] (PC-Doctor, Inc.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {28421BB8-A72E-41FA-996D-0A0247F12F62} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-21] (Microsoft Corp.)
Task: {28D0B54E-E75D-4BDF-8A49-B12877D763E6} - System32\Tasks\Shutdown Timer => C:\Windows\System32\shutdown.exe [2008-01-21] (Microsoft Corporation)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {3D011012-7FAF-4A30-A526-4F605607F4BE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {6B3F07B4-C520-471F-A71B-F2B279DCDF5F} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe No File
Task: {6C9A77AB-7079-47D9-B63D-7E6AF7D325B3} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe [2012-04-09] ()
Task: {7F180B65-F2B9-4D0A-85B8-440B315EEFB9} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {8D6F149A-2A81-4707-9BDC-D0D87553AE10} - System32\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015} => C:\Users\amilis\AppData\Local\Temp\Pwr.exe No File
Task: {9A8C9D03-8C77-4302-A67B-FCCED4A80B06} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-21] (Microsoft Corporation)
Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-21] (Microsoft Corporation)
Task: {B6680D08-CB40-43E6-932F-ED00CFAF635A} - System32\Tasks\NUA\Symantec Norton Update Agent => C:\ProgramData\Norton\NUA.exe [2013-03-29] (Symantec Corporation)
Task: {BE1AF8ED-8A41-4C17-80D7-3477C90D2F48} - System32\Tasks\User_Feed_Synchronization-{3E307A71-0946-4003-803E-0B6DB68B12DC} => C:\Windows\system32\msfeedssync.exe [2011-07-17] (Microsoft Corporation)
Task: {BEDF7EC7-09FA-40FA-AA5C-CBEEB6A7327C} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-05-07] (PC-Doctor, Inc.)
Task: {C705F2AC-D3FC-49C0-965C-869EA8E2ED85} - System32\Tasks\Norton Security Scan for amilis => C:\Program Files\Norton Security Scan\Norton Security Scan\Engine\2.7.0.52\Nss.exe [2010-11-15] (Symantec Corporation)
Task: {D3F4C143-F03E-4F84-80A6-E698FE3D5C1E} - System32\Tasks\{42EA5510-A3E0-4278-899E-B1AEBCD41DFE} => c:\program files\internet explorer\iexplore.exe [2013-02-22] (Microsoft Corporation)
Task: {E00219FA-BFF9-4C04-A50D-D968ADD5875C} - System32\Tasks\SystemToolsDailyTest => C:\Windows\System32\uaclauncher.exe No File
Task: {E276A2A2-874B-4E39-8BA7-F5244712F181} - System32\Tasks\RtlNICDiagVistaStart => C:\Program Files\Realtek\RTNICDiag\RTNICDiag.exe [2008-07-21] (Realtek)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Norton Security Scan for amilis.job => C:\Program Files\Norton Security Scan\Norton Security Scan\Engine\2.7.0.52\Nss.exe
Task: C:\Windows\Tasks\RtlNICDiagVistaStart.job => C:\Program Files\Realtek\RTNICDiag\RTNICDiag.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (07/06/2013 06:03:53 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/23/2013 00:28:39 PM) (Source: Perflib) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (06/23/2013 00:28:38 PM) (Source: Perflib) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (06/23/2013 00:18:14 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16476, time stamp 0x5126e7ac, faulting module igdumdx32.dll, version 8.15.10.2302, time stamp 0x4d558979, exception code 0xc0000005, fault offset 0x00009754,
process id 0x2140, application start time 0xiexplore.exe0.

Error: (06/23/2013 00:18:12 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16476, time stamp 0x5126e7ac, faulting module igdumdx32.dll, version 8.15.10.2302, time stamp 0x4d558979, exception code 0xc0000005, fault offset 0x00009754,
process id 0x2914, application start time 0xiexplore.exe0.

Error: (06/23/2013 00:18:05 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16476, time stamp 0x5126e7ac, faulting module igdumdx32.dll, version 8.15.10.2302, time stamp 0x4d558979, exception code 0xc0000005, fault offset 0x00009754,
process id 0x2298, application start time 0xiexplore.exe0.

Error: (06/23/2013 10:22:08 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2013 09:09:24 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/17/2013 10:18:43 PM) (Source: Perflib) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (06/17/2013 10:18:41 PM) (Source: Perflib) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

System errors:
=============
Error: (07/06/2013 06:04:04 PM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (07/06/2013 06:03:54 PM) (Source: Service Control Manager) (User: )
Description: IPsec Policy AgentBFE

Error: (07/06/2013 06:03:54 PM) (Source: Service Control Manager) (User: )
Description: IKE and AuthIP IPsec Keying ModulesBFE

Error: (07/06/2013 06:03:54 PM) (Source: Service Control Manager) (User: )
Description: Computer Browser%%1060

Error: (06/23/2013 10:22:18 AM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (06/23/2013 10:22:09 AM) (Source: Service Control Manager) (User: )
Description: IPsec Policy AgentBFE

Error: (06/23/2013 10:22:09 AM) (Source: Service Control Manager) (User: )
Description: IKE and AuthIP IPsec Keying ModulesBFE

Error: (06/23/2013 10:22:09 AM) (Source: Service Control Manager) (User: )
Description: Computer Browser%%1060

Error: (06/18/2013 09:09:29 PM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (06/18/2013 09:09:25 PM) (Source: Service Control Manager) (User: )
Description: IPsec Policy AgentBFE

Microsoft Office Sessions:
=========================
Error: (09/27/2010 11:59:36 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 31 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (09/27/2010 11:58:38 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 263 seconds with 60 seconds of active time.  This session ended with a crash.

CodeIntegrity Errors:
===================================
  Date: 2013-07-06 21:02:05.266
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-06 21:02:04.634
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-06 21:02:04.283
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-06 21:02:03.712
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-06 21:01:39.740
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\N360\0308030.006\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-06 21:01:39.269
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\N360\0308030.006\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-06 21:01:38.951
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\N360\0308030.006\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-06 21:01:38.387
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\N360\0308030.006\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-16 23:01:37.042
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2013-06-16 23:01:36.715
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Percentage of memory in use: 52%
Total physical RAM: 3292.45 MB
Available physical RAM: 1570.94 MB
Total Pagefile: 6785.04 MB
Available Pagefile: 4792.73 MB
Total Virtual: 2047.88 MB
Available Virtual: 1904.19 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:450.7 GB) (Free:127.6 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:15 GB) (Free:8.8 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 80000000)
Partition 1: (Not Active) - (Size=63 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=451 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:39 AM

Posted 07 July 2013 - 01:07 PM


Hello icemeister



I need you to download this script I have made for you --> Attached File  fixlist.txt   1.56KB   4 downloads

It needs to be saved Next to the "Farbar Recovery Scan Tool" (FRST) program (If asked to overwrite existing one please allow)

Run FRST again but this time press the Fix button just once and wait.


When finished, it will make a log (fixlog.txt) next to FRST. Please copy and paste the content of this file to your reply.


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system


Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:39 AM

Posted 10 July 2013 - 01:28 AM



Hello

48 Hour bump

It has been more than 48 hours since my last post.
  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:39 AM

Posted 14 July 2013 - 12:01 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users