When i try to delete TIF PC restart automatically before restart black screen display for a second and then PC start i try disk cleanup option and also try to delete direct but problem is not solve.

Here's the problem. Whenever I start up Windows (now slower than usual), I get to the account screen with no problem. I log in and, in the case that my internet connection button is in the on state, it will not load properly; it will either be a black screen, be stuck at my wallpaper, or eventually load but not allow me to do anything else but go on things that are not internet-related.

If I go into safe mode everything is fine; for obvious reasons. However, even if I run in regular mode but go on a different account, their internet related applications work fine as well as the speed being the same, and the loading having no problems.

If I log onto my account with the internet connection button off, then my account loads and everything is fine (except for accessing the internet of course). However, If I turn it back on, the whole computer goes extremely slow and eventually freezes. I got skype to work at one point, where I could message another person easily, however trying to get google chrome, opera or games to work was a failure, and would freeze, not even giving me the option to close them. I couldn't even access task manager. If I open up the browsers before the internet connection button is on, and then press it, i can load a few webpages for maybe 2 seconds, until it freezes again.

I recently tried downloading a few torrents which were met with much failure. Since then and this incident, I've tried uninstalling and deleting everything torrent related file I could find. What the heck do I do?

I went to download Dropbox and immediately my AVG free alerted me that it detected a virus. I clicked on remove the virus, however now I'm getting something called "Supreme Savings" hijacking my browser and sending popups everywhere. Here's the DDS logs:

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.9.2
Run by test at 22:26:06 on 2013-02-24
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1217 [GMT -7:00]
.
AV: PC Cleaners *Disabled/Updated* {737A8864-C2D9-4337-B49A-B5E35815B9BB}
AV: AVG update module *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
============== Running Processes ================
.
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/?ilc=1
mSearchAssistant = hxxp://toolbar.inbox.com/search/ie.aspx?tbid=80231
mCustomizeSearch = hxxp://toolbar.inbox.com/help/sa_customize.aspx?tbid=80231
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
Trusted Zone: line6.net
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.1.66.0.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 68.105.28.12 68.105.29.12 68.105.28.11
TCP: Interfaces\{F29AC34A-5CBC-4557-B7D2-A2A06C25AC29} : DHCPNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
Notify: AtiExtEvent - Ati2evxx.dll
Notify: QConGina - QConGina.dll
Notify: tphotkey - <no file>
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\test\application data\mozilla\firefox\profiles\wj1k0r88.default-1359158689796\
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\amazon\mp3 downloader\npAmazonMP3DownloaderPlugin101721.dll
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\14.2.0\npsitesafety.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_149.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2013-01-24 17:12; avg@toolbar; c:\documents and settings\all users\application data\avg secure search\firefoxext\14.2.0.1
FF - ExtSQL: 2013-02-24 16:15; crossriderapp19962@crossrider.com; c:\documents and settings\test\application data\mozilla\firefox\profiles\wj1k0r88.default-1359158689796\extensions\crossriderapp19962@crossrider.com
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2013-02-19 00:56:11 33112 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-02-09 21:52:28 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-09 21:52:28 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-26 03:55:44 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-25 02:05:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-01-25 02:05:14 348160 ----a-w- c:\windows\system32\msvcr71.dll
2013-01-07 01:16:02 2193024 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-07 00:36:58 2069760 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-04 01:20:00 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49:10 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49:10 1292288 ----a-w- c:\windows\system32\quartz.dll
2012-12-26 20:16:29 916480 ----a-w- c:\windows\system32\wininet.dll
2012-12-26 20:16:28 43520 ------w- c:\windows\system32\licmgr10.dll
2012-12-26 20:16:28 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-12-24 06:40:59 385024 ----a-w- c:\windows\system32\html.iec
2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll
.
============= FINISH: 22:28:17.25 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 8/18/2009 5:31:25 PM
System Uptime: 2/24/2013 7:18:58 PM (3 hours ago)
.
Motherboard: IBM | | 1847Y15
Processor: Intel(R) Pentium(R) M processor 1.73GHz | None | 1729/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 33 GiB total, 8.813 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\32400F52AE405
Manufacturer: Microsoft
Name: 1394 Net Adapter #2
PNP Device ID: V1394\NIC1394\32400F52AE405
Service: NIC1394
.
==== System Restore Points ===================
.
RP517: 2/15/2013 10:09:17 AM - System Checkpoint
RP518: 2/16/2013 10:54:26 AM - System Checkpoint
RP519: 2/17/2013 11:12:12 AM - System Checkpoint
RP520: 2/18/2013 11:59:30 AM - System Checkpoint
RP521: 2/19/2013 12:59:30 PM - System Checkpoint
RP522: 2/20/2013 1:00:35 PM - System Checkpoint
RP523: 2/21/2013 3:34:43 AM - Installed NaturalReaderFree.
RP524: 2/22/2013 3:58:30 AM - System Checkpoint
RP525: 2/23/2013 4:58:31 AM - System Checkpoint
RP526: 2/24/2013 6:15:34 AM - System Checkpoint
RP527: 2/24/2013 3:00:43 PM - Removed DWA-652
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
Access IBM
Access IBM Message Center
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.5)
Amazon Kindle
Amazon MP3 Downloader 1.0.17
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Display Driver
Audacity 2.0.2
AVG 2013
AVG Security Toolbar
Bonjour
CCleaner
Compatibility Pack for the 2007 Office system
FileOpen Client
Google Earth
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB954550-v5)
IBM Access Connections
IBM Active Protection System
IBM DLA
IBM Integrated 56K Modem
IBM RecordNow!
IBM Rescue and Recovery with Rapid Restore
IBM SATA Power Management Driver
IBM Themes
IBM ThinkPad Configuration
IBM ThinkPad EasyEject Utility
IBM ThinkPad Keyboard Customizer Utility
IBM ThinkPad Power Management Driver
IBM ThinkPad Power Manager
IBM ThinkPad Presentation Director
IBM ThinkPad UltraNav Driver
IBM ThinkPad UltraNav Wizard
IBM ThinkVantage Technologies Welcome Message
IBM TrackPoint Accessibility Features
Info Center 1.0.0.7
InstallBrain Updater Service
Intel(R) PROSet/Wireless Software
iTunes
Java 7 Update 9
Java Auto Updater
Java(TM) 6 Update 29
Junk Mail filter update
LAME v3.99.3 (for Windows)
Line 6 Uninstaller
Malwarebytes Anti-Malware version 1.61.0.1400
mCore
mDriver
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard
Microsoft Default Manager
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Professional
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
mMHouse
Mozilla Firefox 19.0 (x86 en-US)
Mozilla Maintenance Service
mPfMgr
mProSafe
MSVCRT
MSVCSetup
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
mWlsSafe
mXML
NaturalReaderFree
NTREGOPT 1.1j
QuickTime
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB2675157)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2792100)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2799329)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Segoe UI
Sonic Update Manager
SoundMAX
System Requirements Lab for Intel
TekniaGreek
ThinkPad FullScreen Magnifier
TurboTax 2011
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wrapper
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Wallpapers
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinPatrol
WModem Driver Installer
Yahoo! Internet Mail
Yahoo! Mail Advisor
.
==== Event Viewer Messages From Past Week ========
.
2/24/2013 7:24:04 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
2/24/2013 7:22:18 PM, error: Service Control Manager [7000] - The Wireless Lan NDIS Protocol I/O Control service failed to start due to the following error: The system cannot find the file specified.
2/24/2013 2:59:56 PM, error: Service Control Manager [7024] - The Messenger service terminated with service-specific error 2270 (0x8DE).
2/23/2013 10:39:24 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Lbd
2/23/2013 10:39:24 PM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
2/23/2013 10:39:24 PM, error: Service Control Manager [7001] - The Infrared Monitor service depends on the Terminal Services service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
2/23/2013 10:37:58 PM, error: NETLOGON [3095] - This computer is configured as a member of a workgroup, not as a member of a domain. The Netlogon service does not need to run in this configuration.
2/23/2013 10:37:46 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
.
==== End Of File ===========================

First Hello and thank you for any help. Hopefully I am posting in the correct forum area.

I have a HP DV6, running win 7 home prem. 64.

ALL browsers tend to hang up and not load pages. I have to always re-fresh or sit and wait. This is not on all sites but a lot. Problem seems to be getting worse. I connect the computer usually at locations only, current one im using it on lately the problem seems to have worsen.
Now first, I have other computers that I hook to the same home internet that run at blazing speeds compared to this machine, so I dont think its the service, but was told something about the way it is connecting to the net. I have no idea.
The computer seems to take long time to boot up and doesnt have the snap it once had when opening new windows, programs etc. The biggest thing is the issue with constent reloading of webpages and the loading issues.

As not knowing what is what and only going by what I read to try below is all I have tried in a rough order.
-Ran full AVG Virus Scan
-Disabled AVG
-Malwarebytes full scan
-Disabled ipv6
ran the following in command propmt,
NETSH INT IP RESET
NETSH WINHTTP RESET PROXY
IPCONFIG /FLUSHDNS
and also disabled autotunning in cmd.
Tried different dns settings.
NONE OF THE ABOVE WORKED(for the slow speed online).
So I asked a few folks I know and was told try the following:
Run TDSSKILLER and Combofix. All I need was run them. Nothing happened that seemed to help. (Yes, I know now after reading here I should have not ran the above combofix, just did though as was told unknowing).
As nothing seemed to help, I did the following:
Restored system via system restore to a prior point before doing all the above, so I think im back to where I was before I did all the above.

Additionally, im running avg, scan also with malwarbytes and run ccleaner to clear history and use the registry cleaner option as well.

Please help me get this machine running as it should be.

Hi,
A friend had my Sony VAIO and returned it with some janky malware that keeps redirecting my browser. I am including HJT log.
Thanks,
Liz

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:02:51 PM, on 2/25/2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\FABULIZ\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Vuze Remote Toolbar - {05478A66-EDB6-4A22-A870-A5987F80A7DA} - C:\Program Files (x86)\Vuze Remote Toolbar\IE\6.9\vuzeToolbarIE.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Vuze Remote Toolbar - {05478A66-EDB6-4A22-A870-A5987F80A7DA} - C:\Program Files (x86)\Vuze Remote Toolbar\IE\6.9\vuzeToolbarIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
O2 - BHO: WhiteSmoke Toolbar - {52794457-af6c-4c50-9def-f2e24f4c8889} - C:\Program Files (x86)\whitesmoketoolbar\whitesmoketoolbarX.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: WhiteSmoke Toolbar - {52794457-af6c-4c50-9def-f2e24f4c8889} - C:\Program Files (x86)\whitesmoketoolbar\whitesmoketoolbarX.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Vuze Remote Toolbar - {05478A66-EDB6-4A22-A870-A5987F80A7DA} - C:\Program Files (x86)\Vuze Remote Toolbar\IE\6.9\vuzeToolbarIE.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SmartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [Elbserver] C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe /Stay
O4 - HKCU\..\Run: [Google Update] "C:\Users\FABULIZ\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [CPN Notifier] C:\Program Files (x86)\Cake Poker 2.0\PokerNotifier.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [uTorrent] C:\Users\Gambino\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\system32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Evernote Clipper.lnk = ?
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1D553645-289C-482B-BAF5-BC9CABB78CA2}: NameServer = 10.221.15.120 10.221.15.122
O17 - HKLM\System\CS1\Services\Tcpip\..\{1D553645-289C-482B-BAF5-BC9CABB78CA2}: NameServer = 10.221.15.120 10.221.15.122
O17 - HKLM\System\CS2\Services\Tcpip\..\{1D553645-289C-482B-BAF5-BC9CABB78CA2}: NameServer = 10.221.15.120 10.221.15.122
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~2\Google\GOOGLE~3\GO36F4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MotoConnect Service - Unknown owner - C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Oasis2Service - Digital Delivery Networks, Inc. - C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15394 bytes

I use gmer scan and attached the report
I canot use Windows Install disc, or a Boot CD
this is DDX text
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.7.2
Run by cool at 14:48:00 on 2013-02-26
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1013.366 [GMT 5.5:30]
.
AV: Net Protector 2013 *Enabled/Updated* {5AE99E99-35D6-47B8-87C2-D8A82C07FB43}
.
============== Running Processes ================
.
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRAM FILES\NET PROTECTOR 2012\NPAV4.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Net Protector 2012\ZVMOUNT.EXE
C:\program files\soluto\soluto.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\NETPRO~1\APPCON\APCONSVC.EXE
C:\PROGRAM FILES\NET PROTECTOR 2012\npprtfrw.exe
C:\Program Files\Soluto\SolutoLauncherService.exe
C:\Program Files\Soluto\SolutoService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Net Protector 2012\ZVScan\ZVMonNt.exe
F:\Firefox\firefox.exe
F:\Firefox\plugin-container.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Net Protector 2012\ZVScan\MailGen.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k bthsvcs
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.in/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Octh Class: {000123B4-9B42-4900-B3F7-F4B073EFC214} - c:\program files\orbitdownloader\orbitcth.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - c:\program files\epson software\easy photo print\EPTBL.dll
BHO: NPAV Secure Search: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - c:\program files\net protector 2012\webscan\WEBSCAN.DLL
BHO: Help the General-Search Project: {CA4520F3-AE13-4FB1-A513-58E23991C86D} - c:\documents and settings\cool\application data\media finder\extensions\gencrawler_gc.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: SpeedBit Video Downloader: {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - LocalServer32 - <no file>
TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - c:\program files\epson software\easy photo print\EPTBL.dll
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [ZVMOUNT] c:\program files\net protector 2012\ZVMOUNT.EXE
mRun: [NWEReboot] <no file>
uPolicies-Explorer: NoDriveTypeAutoRun = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1339233627906
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{E51DB39B-7782-4A7E-907D-99A54CF17ED8} : NameServer = 218.248.255.212 218.248.241.2
TCP: Interfaces\{E9D3A6B5-7D2A-4D44-83B4-F615D049729A} : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: igfxcui - igfxdev.dll
Notify: NPLogon - NPlogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
IFEO: drwatson.exe - B-NPAV
IFEO: $RECYCLE.BIN.exe - B-NPAV
IFEO: 360tray.exe - B-NPAV
IFEO: AADRIVE32.EXE - B-NPAV
IFEO: ACLEANER.EXE - B-NPAV
.
Note: multiple IFEO entries found. Please refer to Attach.txt
.
============= SERVICES / DRIVERS ===============
.
R0 Soluto;Soluto;c:\windows\system32\drivers\Soluto.sys [2013-2-20 51144]
R1 NPPORTFR;NPPORTFR;c:\windows\system32\drivers\NPPORTFR.SYS [2012-12-14 49408]
R1 WNPPORTFR;WNPPORTFR;c:\windows\system32\drivers\WNPPORTFR.sys [2012-12-14 49408]
R2 ApConSvc;NPAV Application Control;c:\progra~1\netpro~1\appcon\APCONSVC.EXE [2011-11-18 1114440]
R2 Net Protector Port Firewall;Net Protector Port Firewall;c:\program files\net protector 2012\NPPRTFRW.EXE [2011-11-22 500776]
R2 SolutoLauncherService;Soluto Launcher Service;c:\program files\soluto\SolutoLauncherService.exe [2013-2-3 166880]
R2 SolutoService;Soluto PCGenome Core Service;c:\program files\soluto\SolutoService.exe [2013-2-3 552928]
R3 APCONDRV;APCONDRV;c:\progra~1\netpro~1\appcon\ApConDrv.sys [2011-4-27 10920]
R3 cpuz135;cpuz135;\??\c:\windows\temp\cpuz135\cpuz135_x32.sys --> c:\windows\temp\cpuz135\cpuz135_x32.sys [?]
R3 npflprot;npflprot;c:\windows\system32\drivers\npflprot.sys [2012-12-14 15104]
R3 vdrv;vdrv;c:\windows\system32\drivers\vdrv.sys [2013-2-18 11776]
R3 ZeroVProtect;Zero-V AntiVirus Protection;c:\program files\net protector 2012\zvscan\ZVMonNt.exe [2011-8-19 217088]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\common files\abbyy\finereadersprint\9.00\licensing\NetworkLicenseServer.exe [2009-5-14 759048]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys --> c:\windows\system32\drivers\dgderdrv.sys [?]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2012-6-20 36608]
S3 ICM_UpdaterService;ICM_UpdaterService Disp;c:\program files\samsung\samsung networking wizard\ICM_Service.exe [2011-3-18 204883]
S3 Net Protector Web Prototection;Net Protector Web Prototection;c:\program files\net protector 2012\WEBPROT.EXE [2012-6-8 134184]
S3 NPVProt;NPAV Antivirus Protection;c:\documents and settings\cool\NPProt.exe [2012-6-8 49152]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\h:\ntglm7x.sys --> h:\NTGLM7X.sys [?]
S3 SolutoRemoteService;Soluto Remote Service;c:\program files\soluto\SolutoRemoteService.exe [2013-2-3 1239552]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== File Associations ===============
.
FileExt: .scr: scrfile=c:\progra~1\netpro~1\zvscan\ExecScan.exe "%1" /S
.
=============== Created Last 30 ================
.
2013-02-20 06:11:42 51144 ------w- c:\windows\system32\drivers\Soluto.sys
2013-02-20 06:11:34 -------- d-----w- c:\program files\Soluto
2013-02-18 06:34:42 11776 ----a-w- c:\windows\system32\drivers\vdrv.sys
2013-02-15 22:04:52 208448 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2013-01-30 09:40:34 -------- d-----w- c:\documents and settings\cool\application data\Applian FLV and Media Player
2013-01-30 09:32:00 -------- d-----w- c:\program files\Applian Technologies
2013-01-30 09:24:44 -------- d-----w- c:\documents and settings\all users\application data\APN
.
==================== Find3M ====================
.
2013-01-26 09:38:34 74248 ------w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-26 09:38:34 697864 ------w- c:\windows\system32\FlashPlayerApp.exe
2012-12-19 10:23:32 18096 ------w- c:\windows\system32\roboot.exe
.
============= FINISH: 14:48:53.65 ===============

Attached Files

Image may be NSFW. Clik here to view.

attach.zip (5.1 KB)

Hi

In the past week i've been experiencing problems with my computer. Sometimes out of no where my CPU usage jumps to 100% and everything gets very slow.. It lasts for 20min to 1 hour (or till i restart the PC) randomly. I've just finished scanning and it says that there are no viruses but I dont belive my antivirus program to be honest. I think it should be a virus since i have no idea what else may cause this problem. My PC specs are:
AMD FX(tm)-4100 Quad-Core Processor 3.6GHz
RAM: 4.00 GB
AMD Radeon HD 7700 Series 1 GB
Windows 7 Ultimate 64bit
Please, excuse my english. It's not my natura language so I'm bad at it.
Thanks in advance!
:dance:
Oh forgot to add, antivirus programm:
Avast Interet Security

Hi guys, first of all I would like to try to get straight to the point and explain the problem that I am having when trying to fix my friend's laptop, since last week. He has already told me that it doesn't have any sort of antivirus software installed.

Okay so I turn the laptop on and Windows seems to start normally. It loads onto the desktop and to my surprise all I see is the mouse cursor and a black screen. I can move the mouse around, but when I right-click nothing happens. I cannot see the taskbar or any icons, nor the background whatsoever, so my first guess is that the explorer.exe process isn't running. When I press Ctrl+Alt+Del the options menu for windows 7 appears normally, and I can click on the task manager and it suddenly appears out of nowhere, but the black screen is still there.

Here is where I sense a problem of malware of some sort, as I can see, the explorer.exe process is running, after waiting around 10 seconds every process seems to end, one by one. They just start dissappearing until the computer logs off and restarts by itself!

The only way I can search for the malware or spyware or virus (I still don't know what's causing this) is by starting the system in Safe Mode. Here I have run a full system scan using malwarebytes portable from a USB and it has successfully found 29 files. Okay, so I removed them from the system and with a lot of optimism I restarted the laptop thinking that the problem after a 2 hour scan would be solved..

Well I was wrong, the black screen is still there, and the processes end one by one, resulting in the computer logging off and restarting over and over.
In Safe Mode I did a manual search through the %TEMP% and %APPDATA% folders and found some random files like this dsfsfsfsfadagtga.exe so I deleted them, but they didn't seem to be causing the problem. Also by typing msconfig and looking at the startup processes i found a similar ghusaddsf.exe program, so I disabled it and deleted it from the harddrive.

Now I'm not so sure what to do next? I've installed HitmanPro onto the USB and CCleaner portable and I'm going to try to see if they can help, and in the meantime I wrote this post with the hope that someone here could help me out by somehow identifying the characteristics of this malware or spyware or virus?
On a sidenote, my friend also told me that the computer was running seriously slower than normal, and that when he opened a website with Google Chrome, a notice came up about the Sifref.!C program, but malwarebytes hasn't found it?

Thanks in advance for reading this post, I hope it meets the forum guidelines as I am new here and any help would be much appreciated.

My PC was going to sleep ( while it was in idle status ) suddenly, although I set all power settings to never and disabled hibernate .I had to disconnect power from the electrical outlet to turn off the PC and connect again to turn on it.
Because it happened before I had knew about your site and about the first steps to be taken, I have already run combofix software and received combofix.txt file.
Can you please help to figure out this file even if I by passed the fist steps, because I do not know if this solved the problem.
My PC is less then one year old with win7 enterprise *64 operating system.
Thanks
moti

Attached Files

Image may be NSFW. Clik here to view.

ComboFix.txt (24.5 KB)

I have a Window 7 Ultimate 64 bit machine. I keep getting a popup window in the lower right corner of my screen. See attachment. I believe this is not MSE but some malware program but I can't figure out where this is coming from. (See attached screen shot of popup) I also notice in Task Manager->Applications that an iexplore.exe is running but I don't know where this is coming from either. The app says something like; http://46.165.221.199/wpad.dat?n=49&...VAAD23wAASq0cf... I've been running a script to killtask iexplore.exe. Any suggestions on how to figure out what's happening? Thanks

Attached Thumbnails

Image may be NSFW.
Clik here to view.  

Good evening and thank you for your efforts so far. I use an Acer AX1200-B1581A running Win 7 64 bit. Every audio source that I play is interrupted with silence or tone intervention. This includes internet sources as well as CD drive. I am older, my glasses are in the shop and I sincerely hope I have followed your instructions accurately. I have found that using my PC is very unforgiving work. I have two toolbars on my Chrome browser that are uninvited and cannot remove them. One is called Community Mix DJ and the other is White Smoke. I am tickled to be getting some help. I have been working on these problems for days and am just about worn out.
Thanks again,
jim
P.S. My abilities are basic. I use a two monitor setup.

Attached Files

Image may be NSFW. Clik here to view.	ark.txt (47.1 KB)
Image may be NSFW. Clik here to view.	ark.zip (5.0 KB)
Image may be NSFW. Clik here to view.	attach.zip (4.1 KB)
Image may be NSFW. Clik here to view.	dds.zip (6.6 KB)

Hello. After I got help with my system, my mother has now asked me to get her system running well again. She had a number of really flakey things going on. Some of I attribute to her wireless keyboard and mouse. When I swapped them out for wired ones, some of the really bad behavior went away. But, it still seems flakey, and when I run gmer with the default settings the machine always reboots before it finishes. I ran it again with the simpler (sections only) setting, and it completed. See attached zip and pasted DDS log below:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457
Run by Judy at 0:03:10 on 2013-02-19
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3839.2418 [GMT -6:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Judy\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskeng.exe
C:\Users\Judy\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
C:\Users\Judy\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\system32\RunDll32.exe
C:\Program Files (x86)\iWin Games\iWinTrusted.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\HP\HP Deskjet 3520 series\bin\HPNetworkCommunicator.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://us.mg5.mail.yahoo.com/neo/launch
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uURLSearchHooks: {f92a9fe4-2850-4198-b9d5-279880e49b16} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: HP Smart Print BHO: {1658D3A1-9E13-4196-A82A-D70D70880F36} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QuickPrintBHO.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Search Results Toolbar: {348bd83c-b2cd-4319-a605-c96bb458dd80} - C:\Program Files (x86)\toolbar2\searchresultsDx.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: IEHlprObj Class: {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files (x86)\iWin Games\iWinGamesHookIE.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Gaming support for ArcadeWeb: {9F531FB1-7C1F-4E1A-8C0C-E8D6177130E2} -
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Search Results Toolbar: {348bd83c-b2cd-4319-a605-c96bb458dd80} - C:\Program Files (x86)\toolbar2\searchresultsDx.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Akamai NetSession Interface] "C:\Users\Judy\AppData\Local\Akamai\netsession_win.exe"
uRun: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
uRun: [HP Deskjet 3520 series (NET)] "C:\Program Files\hp\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN266120Y505SY:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
mRun: [AmazonGSDownloaderTray] C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\Judy\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Judy\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Judy\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\Windows\System32\RunDll32.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\EVENTR~1.LNK - C:\Program Files (x86)\Broderbund\PrintMaster\pmremind.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAPFI~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\HPQuickPrintLauncher.exe
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: Interfaces\{A2DEC6CA-6120-4910-8A5F-5A6F44E03494} : DHCPNameServer = 192.168.0.1 207.230.192.254
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
x64-Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [IntelliType Pro] "c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
x64-Run: [IntelliPoint] "c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-4-16 55856]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-6-23 984144]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2011-1-10 370288]
R2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-9-14 169624]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-11-30 204288]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2010-12-28 354304]
R2 AMD Reservation Manager;AMD Reservation Manager;C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-6-17 194496]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2011-1-10 25232]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2011-1-10 71600]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2013-1-2 44808]
R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-6-12 400368]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 iWinTrusted;iWinTrusted;C:\Program Files (x86)\iWin Games\iWinTrusted.exe [2011-4-8 176848]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2010-11-30 635416]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-11-12 2848168]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-4-21 46136]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2010-7-21 1002848]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-4-21 471144]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-11-30 38456]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 Amazon Download Agent;Amazon Download Agent;C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [2011-3-19 401920]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-4-27 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 Porngiap;Porngiap;C:\Windows\System32\ddodiag.exe [2009-7-13 43008]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-16 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-16 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-30 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-02-19 05:57:28 -------- d-----w- C:\Users\Judy\AppData\Local\{7836DFB7-A430-4722-A7B8-2DB18527C8DD}
2013-02-19 05:32:06 -------- d-----w- C:\Users\Judy\AppData\Local\{8B3635C7-D772-4E5D-A91A-9814F6E726CF}
2013-02-09 00:48:54 9161176 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0EE9B24E-A392-42A2-AB12-D4F784308915}\mpengine.dll
2013-02-09 00:44:24 -------- d-----w- C:\Users\Judy\AppData\Local\{F33475C7-A235-4CCA-A865-C93201E6C8F4}
2013-02-08 20:05:56 -------- d-----w- C:\ProgramData\Recovery
2013-02-08 01:21:47 -------- d-----w- C:\Users\Judy\AppData\Roaming\TeamViewer
2013-02-08 01:13:26 -------- d-----w- C:\Users\Judy\AppData\Local\{2CDE0859-3FF6-4395-8EFD-72E9BAA68165}
2013-02-06 00:33:33 -------- d-----w- C:\Users\Judy\AppData\Local\{1679CC37-0B1C-492C-A2BE-7AEBB06D5A0E}
2013-02-04 22:05:01 -------- d-----w- C:\Users\Judy\AppData\Local\{79527325-B8D1-4197-8C7C-6FD23465E973}
2013-02-03 22:54:19 -------- d-----w- C:\Users\Judy\AppData\Local\{F94B6B44-EBC5-478A-8121-87C5C5AB2520}
2013-02-01 19:31:51 -------- d-----w- C:\Users\Judy\AppData\Local\{9D082E74-5451-43D4-8A8B-11644B9BAFB6}
2013-01-31 18:59:24 -------- d-----w- C:\Users\Judy\AppData\Local\{72312DEE-274F-4C46-949D-688C08D493D9}
2013-01-30 19:54:15 -------- d-----w- C:\Users\Judy\AppData\Local\{16FD88CB-F5DB-4009-8978-7DA6A51290C7}
2013-01-29 20:59:49 -------- d-----w- C:\Users\Judy\AppData\Local\{FF30CEE9-875C-4A39-87E3-55930C314C59}
2013-01-28 17:49:05 -------- d-----w- C:\Users\Judy\AppData\Local\{743EB50A-EB81-4816-8B5C-2336AA9E37F1}
2013-01-28 00:22:10 -------- d-----w- C:\Users\Judy\AppData\Roaming\My Games
2013-01-27 20:44:52 -------- d-----w- C:\Users\Judy\AppData\Local\{9568981B-B182-409F-A208-45C97C53D347}
2013-01-26 17:18:20 -------- d-----w- C:\Users\Judy\AppData\Local\{3CE37522-767F-4373-B715-D09FEA67EAE5}
2013-01-25 04:02:43 -------- d-----w- C:\Users\Judy\AppData\Local\{F5D8F018-3D04-4EFA-AA26-56A5C520B281}
2013-01-24 16:02:17 -------- d-----w- C:\Users\Judy\AppData\Local\{C59E06A2-B3A1-40E0-86F1-12EF76C740CD}
2013-01-23 15:04:15 -------- d-----w- C:\Users\Judy\AppData\Local\{2B651401-26C1-41CE-A211-D761040D9E57}
2013-01-23 08:09:53 -------- d-----w- C:\Users\Judy\AppData\Roaming\Oberon Media
2013-01-23 08:07:02 -------- d-----w- C:\Program Files (x86)\Common Files\Oberon Media
2013-01-23 08:06:57 -------- d-----w- C:\ProgramData\Oberon Media
2013-01-23 08:02:18 -------- d-----w- C:\Program Files (x86)\Oberon Media
2013-01-23 08:02:17 -------- d-----w- C:\Program Files (x86)\MSN Games
2013-01-23 02:13:54 -------- d-----w- C:\Users\Judy\AppData\Local\{94B80214-33C3-4EFF-AE5F-2BEAB77674AB}
2013-01-22 03:54:08 -------- d-----w- C:\Users\Judy\AppData\Local\{7BA34A04-2FC1-4710-9ABF-6DA77C0477EB}
2013-01-20 23:40:21 -------- d-----w- C:\Users\Judy\AppData\Local\{E0ACC8E9-35F6-49D7-8485-B2594307C9E0}
.
==================== Find3M ====================
.
2013-02-08 01:40:32 74096 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-08 01:40:32 697712 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-01-17 07:28:58 273840 ------w- C:\Windows\System32\MpSigStub.exe
2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-23 03:26:31 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-11-23 03:13:57 68608 ----a-w- C:\Windows\System32\taskhost.exe
2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll
2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
.
============= FINISH: 0:04:03.93 ===============

Attached Files

Image may be NSFW. Clik here to view.

Attach.zip (35.3 KB)

I can get on the net with IE but not with Firefox. I may have a virus?

My laptop screen goes completely white. It used to be less frequent before and would start working when I restarted the laptop. However its happening more often in the last two days. It does not go back to normal even when I restart it. The screen is totally white (no icon or windows). When i restart i see the DELL screen for a split nano second and then the screen goes white. I think the laptop is still functioning but its just the screen that goes blank. I say this because I was videochatting the other day when the screen turned white. I could still hear the voice and continue the chat. Also the numlock and capslock seem to be working. I am just worried cos its happening more often now and I think one day it will totally shut off and I will lose all my files. I had to restart my laptop atleast 5-6 times while following the 'spyware 1st steps'.

I don't think I have a Windows Install disc, or a Boot CD.

I have asked for help in techsupport forum before and also regularly follow all the steps you have suggested to keep my computer safe from virus but dont know why this is happening. So please help me. TIA

========================================================

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.15.2
Run by Rupa Ram at 0:24:34 on 2013-02-27
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2012.1091 [GMT -6:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
c:\windows\system32\NIJCYC~1.EXE
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
C:\Windows\system32\HPSIsvc.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Skype\Updater\Updater.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
c:\program files\zatptmjivavwplp\nijcycvsr.exe
c:\program files\zatptmjivavwplp\nijcycvsr.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\McAfee\MAT\McPvTray.exe
C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Users\Rupa Ram\AppData\Roaming\Google\Google Talk\googletalk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://search.foxtab.com/?s=0&chnl=dcom&cd=2XzutBtN2Y1L1Qzu0FtDyE0D0AtByE0E0CtC0DzztByDtBtCzztN0D0TzutBtDtCtCtDzztDyE&cr=16061946
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -
BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} -
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20120629083950.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [googletalk] c:\users\rupa ram\appdata\roaming\google\google talk\googletalk.exe /autostart
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [Facebook Update] "c:\users\rupa ram\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
uRun: [AdobeBridge] <no file>
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [IAStorIcon] c:\program files\intel\intel(r) rapid storage technology\IAStorIcon.exe
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [Dell Webcam Central] "c:\program files\dell webcam\dell webcam central\WebcamDell2.exe" /mode2
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [McPvTray_exe] "c:\program files\mcafee\mat\McPvTray.exe"
mRun: [HPUsageTrackingLEDM] "c:\program files\hp\hp ut ledm\bin\hppusg.exe" "c:\program files\hp\hp ut ledm\"
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [AdobeCS5.5ServiceManager] "c:\program files\common files\adobe\cs5.5servicemanager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com//activex/ractrl.cab?lmi=972
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{AB9F8FC8-7319-4199-BA04-75F1EC9EAC47} : DHCPNameServer = 192.168.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -
Notify: igfxcui - igfxdev.dll
AppInit_DLLs=
SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\rupa ram\appdata\roaming\mozilla\firefox\profiles\q58p8n2i.default\
FF - prefs.js: browser.search.selectedEngine - Blekko
FF - prefs.js: browser.startup.homepage - Google
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=435&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=6182919531974445&o=APN10645&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\progra~1\mcafee\msc\npMcSnFFPl.dll
FF - plugin: c:\progra~1\mif5ba~1\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\mcafee\siteadvisor\NPMcFFPlg32.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPcol400.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\rupa ram\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll
FF - plugin: c:\users\rupa ram\appdata\roaming\mozilla\firefox\profiles\q58p8n2i.default\extensions\logmeinclient@logmein.com\plugins\npLMI64.dll
FF - plugin: c:\users\rupa ram\appdata\roaming\mozilla\firefox\profiles\q58p8n2i.default\extensions\logmeinclient@logmein.com\plugins\npRACtrl.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_149.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: security.csp.enable - false
.
.
============= SERVICES / DRIVERS ===============
.
R0 McPvDrv;McPvDrv Driver;c:\windows\system32\drivers\McPvDrv.sys [2011-12-7 64048]
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2011-3-13 464304]
R0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2011-12-7 169608]
R1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\rsdrv.sys [2012-2-19 22312]
R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2011-12-7 64912]
R1 MOBKFilter;MOBKFilter;c:\windows\system32\drivers\MOBK.sys [2011-12-7 54776]
R2 cmmtsyccobznml;cmmtsyccobznml;c:\windows\system32\NIJCYC~1.EXE [2011-3-22 110592]
R2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2012-1-4 822624]
R2 HP LaserJet Service;HP LaserJet Service;c:\program files\hp\hplaserjetservice\HPLaserJetService.exe [2009-6-24 136704]
R2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [2011-12-16 99896]
R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe -k HsfXAudioService [2009-7-13 20992]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2012-10-19 374704]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2012-8-24 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2012-12-12 47640]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-12-7 214904]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-12-7 214904]
R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-12-7 214904]
R2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2011-12-7 166288]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2011-12-7 161632]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-12-7 151880]
R2 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool;c:\program files\nitro pdf\reader\NitroPDFReaderDriverService.exe [2011-1-14 196912]
R2 rimspci;rimspci;c:\windows\system32\drivers\rimspe86.sys [2010-8-25 47104]
R2 risdpcie;risdpcie;c:\windows\system32\drivers\risdpe86.sys [2010-8-25 49152]
R2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2011-10-1 508776]
R2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-11-9 160944]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-12-7 57600]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\drivers\CtClsFlt.sys [2010-9-19 143968]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2011-12-7 180848]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-12-7 340920]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-8-25 167936]
R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfslh.sys [2011-10-1 579944]
R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplaylh.sys [2011-10-1 194408]
R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirlh.sys [2011-10-1 21864]
R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvollh.sys [2011-10-1 19304]
R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2011-10-1 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\intel\intel(r) rapid storage technology\IAStorDataMgrSvc.exe [2010-9-19 13336]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-12-7 214904]
S2 MOBKbackup;McAfee Online Backup;c:\program files\mcafee online backup\MOBKbackup.exe [2010-4-13 229688]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 CtAudDrv;Provides advanced audio effects for audio devices.;c:\windows\system32\drivers\CtAudDrv.sys [2010-9-19 134144]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2011-12-7 59456]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-12-7 87656]
S3 mvusbews;USB EWS Device;c:\windows\system32\drivers\mvusbews.sys [2011-12-16 17408]
S3 rixdpcie;rixdpcie;c:\windows\system32\drivers\rixdpe86.sys [2010-8-25 38400]
S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-4-8 1343400]
.
=============== Created Last 30 ================
.
2013-02-27 04:21:56 -------- d-----w- c:\program files\iPod
2013-02-27 04:21:55 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-02-27 04:21:55 -------- d-----w- c:\program files\iTunes
2013-02-26 20:19:42 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-02-14 05:41:26 2345984 ----a-w- c:\windows\system32\win32k.sys
2013-02-14 05:41:20 3957608 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-14 05:41:20 3902312 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-14 05:41:16 1287528 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-14 05:41:15 187240 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-01-31 06:11:32 -------- d-----w- c:\users\rupa ram\appdata\roaming\com.Shutterfly.ExpressUploader
2013-01-31 06:11:26 -------- d-----w- c:\program files\Shutterfly
.
==================== Find3M ====================
.
2013-02-26 20:19:29 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-02-26 20:19:29 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-07 21:47:18 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-07 21:47:18 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-10 05:59:56 0 ----a-w- c:\windows\system32\sho6723.tmp
2013-01-08 22:11:21 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-01-08 22:03:20 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-01-08 22:03:12 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-01-08 21:59:02 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-01-08 21:58:29 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-01-08 21:56:23 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-01-04 04:50:40 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-01-04 04:46:33 293376 ----a-w- c:\windows\system32\KernelBase.dll
2013-01-04 02:59:29 271360 ----a-w- c:\windows\system32\conhost.exe
2013-01-04 02:43:35 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-04 02:43:34 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-04 02:43:34 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-04 02:43:34 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-12-16 14:25:27 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:25:19 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-13 19:50:38 6112864 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-12-13 19:50:38 45056 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2012-12-07 05:04:20 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 04:57:38 2576384 ----a-w- c:\windows\system32\gameux.dll
.
============= FINISH: 0:32:50.86 ===============

Attached Files

Image may be NSFW. Clik here to view.

attach.zip (16.6 KB)

Hi,

A couple of days ago, I came to my computer and saw that Norton 360 had discovered several bugs and reported that it was unable to remove them. Here's the list:
Suspicious.Cloud.7.F
Trojan.Maljava
Suspicious.Cloud.7.F
Suspicious.Cloud.7.F
Suspicious.Cloud.7.F
WS.Malware.1
WS.Malware.2
Trojan.Gen.2
Trojan.Maljava

I rescanned as it instructed, but had no luck. When I ran Norton Power Eraser, the only thing it found were cookies that it removed. Malwarebytes also found nothing. Don't know if this is a false positive, but I don't remember installing anything recently that would trigger this. The system doesn't seem to be running any differently, but I want to make sure I'm not infected.

I tried to run gmer, but the first time it ran for over 12hrs and still was not finished. The second time, it crashed my system (bsod) and I didn't have time to note the error code. The dds log is below. Thanks.

-----------------------------------------------------------------------

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.13.2
Run by Administrator at 15:36:03 on 2013-02-27
Microsoft® Windows Vista™ Business 6.0.6002.2.1252.1.1033.18.3071.1191 [GMT -6:00]
.
AV: Norton 360 Premier Edition *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 Premier Edition *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CSHelper.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
C:\Program Files\Norton 360 Premier Edition\Engine\20.3.0.36\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\hp\KBD\kbd.exe
C:\Windows\SMINST\Scheduler.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Windows\WindowsMobile\wmdcBase.exe
C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
C:\Program Files\Box Sync\BoxSyncHelper.exe
C:\Windows\system32\PnkBstrA.exe
C:\Program Files\Real\realplayer\Update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Retrospect\Retrospect Express HD 2.0\retrorun.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\SAgent4.exe
C:\Program Files\Launchy\Launchy.exe
C:\WINDOWS\system32\Pen_Tablet.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
C:\WINDOWS\system32\Pen_Tablet.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\APC\APC PowerChute Personal Edition\dataserv.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files\Norton 360 Premier Edition\Engine\20.3.0.36\ccSvcHst.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Program Files\Secunia\PSI\PSI_TRAY.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\vds.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k WerSvcGroup
.
============== Pseudo HJT Report ===============
.
uSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*Yahoo! SearchBar Home Page
uSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*Yahoo!
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*Yahoo! SearchBar Home Page
mSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*Yahoo!
mDefault_Page_URL = hxxp://www.yahoo.com/
mDefault_Search_URL = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*Yahoo!
uProxyServer = hxxp=ca.pickaproxy.com:8132;https=ca.pickaproxy.com:8132;socks=ca.pickaproxy.com:9072
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*Yahoo!
uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton 360 premier edition\engine\20.3.0.36\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton 360 premier edition\engine\20.3.0.36\ips\ipsbho.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - c:\program files\lastpass\LPToolbar.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\microsoft\bingbar\7.1.391.0\BingExt.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn3\YTSingleInstance.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton 360 premier edition\engine\20.3.0.36\coieplg.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - c:\program files\lastpass\LPToolbar.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton 360 premier edition\engine\20.3.0.36\coieplg.dll
EB: Adobe PDF: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [Search Protection] c:\program files\yahoo!\search protection\SearchProtection.exe
uRun: [Steam] "k:\steam\steam.exe" -silent
uRun: [Artisan 810(Network) (Copy 1)] c:\windows\system32\spool\drivers\w32x86\3\e_fatifra.exe /fu "c:\users\admini~1\appdata\local\temp\E_S781D.tmp" /EF "HKCU"
uRun: [Wisdom-soft ScreenHunter 5.1 Free] 0
uRun: [HP Officejet Pro 8600 (NET)] "c:\program files\hp\hp officejet pro 8600\bin\ScanToPCActivationApp.exe" -deviceID "CN1BT1R0V105KD:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1
uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe
uRun: [Google Update] "c:\users\administrator\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [KBD] c:\hp\kbd\KBD.EXE
mRun: [Recguard] c:\windows\sminst\Recguard.exe
mRun: [Scheduler] c:\windows\sminst\Scheduler.exe
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [Display] c:\program files\apc\apc powerchute personal edition\DataCollectionLauncher.exe
mRun: [EEventManager] c:\progra~1\epsons~1\eventm~1\EEventManager.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Windows Mobile-based device management] c:\windows\windowsmobile\wmdcBase.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [BoxSyncHelper] "c:\program files\box sync\BoxSyncHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\users\admini~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\administrator\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: c:\users\admini~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\rainme~1.lnk - c:\program files\rainmeter\Rainmeter.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\apcups~1.lnk - c:\program files\apc\apc powerchute personal edition\Display.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\boxsyn~1.lnk - c:\program files\box sync\BoxSync.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\instal~2.lnk - c:\program files\common files\lpuninstall.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\instal~1.lnk - c:\program files\common files\lpuninstall.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\launchy.lnk - c:\program files\launchy\Launchy.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\miniey~1.lnk - c:\program files\infinite mind lc\eyeq\ARLaunch.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\monaco~1.lnk - c:\program files\monaco systems\monacooptix 2.0\MonacoGamma.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\monaco~2.lnk - c:\program files\monaco systems\monacooptix 2.0\Monaco Reminder.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
uPolicies-Explorer: HideClock = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:149
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: FilterAdministratorToken = dword:1
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: LastPass - c:\users\administrator\appdata\locallow\lastpass\context.html?cmd=lastpass
IE: LastPass Fill Forms - c:\users\administrator\appdata\locallow\lastpass\context.html?cmd=fillforms
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - c:\program files\lastpass\LPToolbar.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
TCP: NameServer = 75.75.75.75 75.75.76.76 192.168.1.1
TCP: Interfaces\{2A1AE635-55B7-43AD-A787-84B2303B1629} : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
TCP: Interfaces\{9FA8A83C-EC4B-4141-84DB-EF60B1CB6A43} : DHCPNameServer = 192.168.0.1
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Name-Space Handler: ftp\* - {419A0123-4312-1122-A0C0-434FDA6DA542} - <orphaned>
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\administrator\appdata\roaming\mozilla\firefox\profiles\bqmavmny.default-1351273924771\
FF - prefs.js: browser.startup.homepage - hxxp://my.yahoo.com/
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npArtistScope.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npmidas.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npracplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\program files\real\realarcade\plugins\mozilla\npracplug.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\users\administrator\appdata\local\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\users\administrator\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\users\administrator\appdata\roaming\mozilla\firefox\profiles\bqmavmny.default-1351273924771\extensions\logmeinclient@logmein.com\plugins\npLMI64.dll
FF - plugin: c:\users\administrator\appdata\roaming\mozilla\firefox\profiles\bqmavmny.default-1351273924771\extensions\logmeinclient@logmein.com\plugins\npRACtrl.dll
FF - plugin: c:\users\administrator\appdata\roaming\mozilla\plugins\npcoolirisplugin.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1200112.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_171.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - plugin: c:\windows\system32\NPSWF32.dll
FF - ExtSQL: 2013-01-11 09:36; {34712C68-7391-4c47-94F3-8F88D49AD632}; c:\programdata\realnetworks\realdownloader\browserplugins\firefox\Ext
FF - ExtSQL: 2013-02-22 10:12; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.2.1.22\coFFPlgn
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\1403000.024\symds.sys [2013-2-26 367704]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\1403000.024\symefa.sys [2013-2-26 934488]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.2.1.22\definitions\bashdefs\20130208.001\BHDrvx86.sys [2013-2-12 997464]
R1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\n360\1403000.024\ccsetx86.sys [2013-2-26 134304]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.2.1.22\definitions\ipsdefs\20130226.001\IDSvix86.sys [2013-2-26 386720]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\1403000.024\ironx86.sys [2013-2-26 175264]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\n360\1403000.024\symtdiv.sys [2013-2-26 350368]
R2 APC Data Service;APC Data Service;c:\program files\apc\apc powerchute personal edition\dataserv.exe [2010-9-14 21880]
R2 CSHelper;CopySafe Helper Service;c:\windows\system32\CSHelper.exe [2009-2-20 266240]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2009-6-3 21504]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2010-9-29 374704]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2008-7-24 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2009-8-27 47640]
R2 N360;Norton 360;c:\program files\norton 360 premier edition\engine\20.3.0.36\ccsvchst.exe [2013-2-26 144520]
R2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;c:\program files\nvidia corporation\performance drivers\nvPDsvc.exe [2010-4-30 3795560]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2012-11-29 38608]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2013-2-7 1223704]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2013-2-7 660504]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2012-10-2 382824]
R2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2008-5-16 2789160]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2007-7-22 180736]
R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2013-2-6 106656]
R3 hitmanpro37;HitmanPro 3.7 Support Driver;c:\windows\system32\drivers\hitmanpro37.sys [2013-2-27 30616]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf_x86.sys [2013-2-7 16024]
R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\drivers\wacmoumonitor.sys [2008-5-16 15656]
R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\drivers\WSDScan.sys [2009-6-4 19968]
S2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 CXFALCON;Conexant Falcon II NTSC Video Capture;c:\windows\system32\drivers\cxfalcon_IBV32.sys [2006-11-2 87168]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2012-7-10 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840]
S3 jumi;%Jumi%;c:\windows\system32\drivers\jumi.sys [2009-7-23 6528]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-6 34064]
S3 VirtDisk;XSS Virtual Disk Driver;c:\windows\sminst\virtdisk.sys [2008-4-5 105472]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== Created Last 30 ================
.
2013-02-27 21:18:48 -------- d-----w- C:\MGtools
2013-02-27 21:08:01 30616 ----a-w- c:\windows\system32\drivers\hitmanpro37.sys
2013-02-27 21:05:53 -------- d-----w- c:\programdata\HitmanPro
2013-02-27 20:47:26 1897963 ----a-w- C:\MGtools.exe
2013-02-27 20:18:37 -------- d-----w- C:\NPE
2013-02-27 18:55:17 -------- d-----w- c:\users\administrator\appdata\local\Secunia PSI
2013-02-27 18:54:57 -------- d-----w- c:\program files\Secunia
2013-02-27 17:25:39 -------- d-----w- c:\windows\system32\drivers\nbrtwizard\0501000.01A
2013-02-27 17:25:39 -------- d-----w- c:\windows\system32\drivers\NBRTWizard
2013-02-27 17:25:35 -------- d-----w- c:\program files\Norton Bootable Recovery Tool Wizard
2013-02-27 15:57:04 -------- d-----w- c:\users\administrator\appdata\local\NPE
2013-02-27 02:49:09 350368 ----a-w- c:\windows\system32\drivers\n360\1403000.024\symtdiv.sys
2013-02-27 02:49:09 338592 ----a-w- c:\windows\system32\drivers\n360\1403000.024\symnets.sys
2013-02-27 02:49:08 934488 ----a-w- c:\windows\system32\drivers\n360\1403000.024\symefa.sys
2013-02-27 02:49:08 602712 ----a-w- c:\windows\system32\drivers\n360\1403000.024\srtsp.sys
2013-02-27 02:49:08 367704 ----a-w- c:\windows\system32\drivers\n360\1403000.024\symds.sys
2013-02-27 02:49:08 32344 ----a-w- c:\windows\system32\drivers\n360\1403000.024\srtspx.sys
2013-02-27 02:49:08 21400 ----a-r- c:\windows\system32\drivers\n360\1403000.024\symelam.sys
2013-02-27 02:49:08 175264 ----a-w- c:\windows\system32\drivers\n360\1403000.024\ironx86.sys
2013-02-27 02:49:08 134304 ----a-w- c:\windows\system32\drivers\n360\1403000.024\ccsetx86.sys
2013-02-27 02:48:40 14818 ----a-w- c:\windows\system32\drivers\n360\1403000.024\symvtcer.dat
2013-02-27 02:48:40 -------- d-----w- c:\windows\system32\drivers\n360\1403000.024
2013-02-21 21:14:45 -------- d-----w- c:\program files\iPod
2013-02-21 21:14:43 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-02-21 21:14:43 -------- d-----w- c:\program files\iTunes
2013-02-15 22:31:23 186432 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2013-02-15 22:31:23 186432 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2013-02-14 09:11:34 768000 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2013-02-13 20:28:43 2048512 ----a-w- c:\windows\system32\win32k.sys
2013-02-13 20:28:32 1314816 ----a-w- c:\windows\system32\quartz.dll
2013-02-13 20:28:31 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-13 20:28:23 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-13 20:28:22 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-11 19:56:01 -------- d-----w- c:\program files\Cisco Systems
2013-02-11 19:51:40 -------- d-----w- c:\programdata\Cisco Systems
2013-02-08 17:17:18 -------- d-----w- c:\program files\Lightworks
2013-02-07 12:15:22 16024 ----a-w- c:\windows\system32\drivers\psi_mf_x86.sys
2013-02-06 20:03:17 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-31 00:19:00 142496 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2013-01-31 00:19:00 -------- d-----w- c:\program files\Symantec
2013-01-31 00:01:30 -------- d-----w- c:\windows\system32\drivers\N360
2013-01-31 00:01:25 -------- d-----w- c:\program files\Norton 360 Premier Edition
2013-01-30 23:20:29 -------- d-----w- c:\users\administrator\appdata\roaming\iMobie
2013-01-30 23:20:18 -------- d-----w- c:\users\administrator\appdata\local\iMobie_Inc
2013-01-30 23:19:54 -------- d-----w- c:\program files\iMobie
2013-01-29 00:18:17 4141056 ----a-w- c:\windows\eyeQ Screen Saver.scr
2013-01-29 00:18:01 -------- d-----w- c:\program files\Infinite Mind LC
2013-01-28 23:29:24 -------- d-----w- c:\users\administrator\appdata\local\{72169E58-7780-4CD8-A275-0051FB7F739A}
.
==================== Find3M ====================
.
2013-02-26 23:18:34 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-26 23:18:34 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-06 20:02:43 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-02-06 20:02:43 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-11 15:35:23 348160 ----a-w- c:\windows\system32\msvcr71.dll
2013-01-08 22:11:21 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-01-08 22:03:20 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-01-08 22:03:12 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-01-08 21:59:02 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-01-08 21:58:29 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-01-08 21:56:23 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-12-16 13:12:54 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 10:50:29 293376 ----a-w- c:\windows\system32\atmfd.dll
2012-12-14 22:49:28 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-13 19:50:38 6112864 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-12-13 19:50:38 45056 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2012-11-28 16:11:56 11004488 ----a-w- c:\program files\common files\lpuninstall.exe
2008-06-09 19:08:35 774144 ----a-w- c:\program files\RngInterstitial.dll
.
============= FINISH: 15:36:40.11 ===============

Attached Files

Image may be NSFW. Clik here to view.

attach.zip (6.5 KB)

can some one help out on how to clean my pc as i downloaded a torant file with vuze and now mu pc is so slow i have scanned my pc with Trojan remover as well as free version supperantispyware pro, spybot, malewarebits anti mailware, and last of all avg, and my system is still the same :9 and it is windows 7 can someone suggest anything please. i have also downloaded hijack this as well and i have uploaded a log file thanks.

Attached Files

Image may be NSFW. Clik here to view.

hijackthis.txt (17.8 KB)

Hi

This morning an unknown amount of e-mails were sent to people either in my contacts folder or listed in the ' sent ' folder.

This is the link in the e-mail

hxxp://www.macopharma-equipment.com/kevt/1a0w9o62.hwlfs0nxf5?yxcrt1vj
Mom Earns $6,795/Month Part-Time - CNBC

which redirects to this spoof CNBC page
hxxp://cangetworkathome3.nl/?12/207
Mom Earns $6,795/Month Part-Time - CNBC

Another is this


http://www.neubert-wirtz.de/duth/8boply25e3k.ggdkorxgv?iwyib2szrue3y7ykm
Mom Earns $6,795/Month Part-Time - CNBC


Can't find any reference to this on the net, other than the " cangetworkathome " website has been searched for on URLQuery with these two results

" ET TROJAN Likely Koobface Beaconing (getexe) "
" MALWARE-CNC Koobface worm executable download "

but i have no viruses on my computer ?

Hi guys,
Just bought an obd cable and ecu diagnostic software from ebay.
ELM327 + 5 Discs LATEST OBD 1 & 2 CAR DIAGNOSTIC SOFTWARE ECU REMAPPING TUNING

When I install the disk that came with the cable AVG antivirus detects a virus

PSW.Generic8.BFIK

I googled it and looked on the fiat forum to see if there was any previous threads relating to this issue.
I have found several conflicting reports when googled some stating it must be removed, and others stating that for the cable and software to work it must be installed, and is not a threat.

Has anyone any information on this issue

Many thanks

legepe

Hey guys,

First off thanks in advance for your help. It's much appreciated.

I have the same problem explained here: http://www.techsupportforum.com/foru...em-563818.html

I did the FRST scan and I have the FRST log, but I'm not sure of the next step. Here's the log below. If someone can tell me what to do next that would be great!

----------------------------------------------------------------------

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2013
Ran by SYSTEM at 01-03-2013 20:17:47
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [MRT] "C:\Windows\system32\MRT.exe" /R [70004024 2013-02-16] (Microsoft Corporation)
HKU\Meghan\...\Winlogon: [Shell] Explorer.exe
HKLM\...\Runonce: [NCInstallQueue] rundll32 netman.dll,ProcessQueue [x]
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2009-07-13] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

==================== Services (Whitelisted) ===================

3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
2 AffinegyService; "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe" [566688 2011-02-24] (Affinegy, Inc.)
2 N360; "C:\Program Files (x86)\Norton 360\Norton 360\Engine\6.4.1.14\ccSvcHst.exe" /s "N360" /m "C:\Program Files (x86)\Norton 360\Norton 360\Engine\6.4.1.14\diMaster.dll" /prefetch:1 [309688 2012-04-12] (Symantec Corporation)
3 Roxio UPnP Renderer 10; "C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe" [313840 2009-06-26] (Sonic Solutions)
2 Roxio Upnp Server 10; "C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe" [362992 2009-06-26] (Sonic Solutions)
2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [189984 2009-07-23] (Realtek Semiconductor)
3 SampleCollector; "C:\Program Files\Sony\VAIO Care\collsvc.exe" "/service" "/counter=\Processor(_Total)\% Processor Time:5" "/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:5" "/counter=\Network Interface(*)\Bytes Total/sec:5" "/directory=inteldata" [167424 2008-09-29] (Intel Corporation)
3 SOHDBSvr; "C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe" [70952 2009-07-27] (Sony Corporation)
3 SOHPlMgr; "C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe" [91432 2009-07-27] (Sony Corporation)
2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
3 VAIO Entertainment TV Device Arbitration Service; "C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe" [69632 2009-07-23] (Sony Corporation)
3 Vcsw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -RunBySCM [313264 2009-07-23] (Sony Corporation)
2 VzCdbSvc; "C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe" [206336 2009-07-23] (Sony Corporation)

==================== Drivers (Whitelisted) =====================

3 ArcSoftKsUFilter; C:\Windows\System32\Drivers\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
1 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\BASHDefs\20130107.001\BHDrvx64.sys [1384608 2012-10-23] (Symantec Corporation)
1 ccSet_N360; C:\Windows\system32\drivers\N360x64\0604010.00E\ccSetx64.sys [167072 2012-06-06] (Symantec Corporation)
1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-01-09] (Symantec Corporation)
3 EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-01-13] (Symantec Corporation)
1 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\IPSDefs\20130113.001\IDSvia64.sys [513184 2012-08-31] (Symantec Corporation)
3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\VirusDefs\20130113.009\ENG64.SYS [126112 2013-01-13] (Symantec Corporation)
3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\VirusDefs\20130113.009\EX64.SYS [2084000 2013-01-13] (Symantec Corporation)
2 risdptsk; C:\Windows\system32\DRIVERS\risdsn64.sys [76288 2009-07-31] (REDC)
3 SRTSP; C:\Windows\System32\Drivers\N360x64\0604010.00E\SRTSP64.SYS [737952 2012-07-05] (Symantec Corporation)
1 SRTSPX; C:\Windows\system32\drivers\N360x64\0604010.00E\SRTSPX64.SYS [37536 2012-07-05] (Symantec Corporation)
0 SymDS; C:\Windows\System32\drivers\N360x64\0604010.00E\SYMDS64.SYS [451192 2012-03-28] (Symantec Corporation)
0 SymEFA; C:\Windows\System32\drivers\N360x64\0604010.00E\SYMEFA64.SYS [1129120 2012-05-21] (Symantec Corporation)
3 SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-05-10] (Symantec Corporation)
1 SymIRON; C:\Windows\system32\drivers\N360x64\0604010.00E\Ironx64.SYS [190072 2012-03-28] (Symantec Corporation)
1 SymNetS; C:\Windows\System32\Drivers\N360x64\0604010.00E\SYMNETS.SYS [405624 2012-03-28] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2013-02-24 10:54 - 2013-02-24 10:54 - 00000000 ____D C:\NBRT
2013-02-22 17:05 - 2013-02-22 17:05 - 02814956 ____A C:\Users\Meghan\Downloads\Video.MOV
2013-02-22 16:53 - 2013-02-22 16:53 - 00000000 ____D C:\Windows\System32\Macromed
2013-02-20 17:53 - 2013-02-20 17:53 - 00000000 ____D C:\Program Files\Symantec
2013-02-20 17:51 - 2013-02-28 22:29 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security
2013-02-18 17:39 - 2013-02-18 17:39 - 00010900 ____A C:\Users\Meghan\Downloads\Melissa Shower List.xlsx
2013-02-17 19:27 - 2013-02-18 17:35 - 00010900 ____A C:\Users\Meghan\Desktop\Melissa Shower List.xlsx
2013-02-16 13:46 - 2013-01-08 17:48 - 17812992 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-02-16 13:46 - 2013-01-08 17:22 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-02-16 13:46 - 2013-01-08 17:19 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-02-16 13:46 - 2013-01-08 17:12 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-02-16 13:46 - 2013-01-08 17:12 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-02-16 13:46 - 2013-01-08 17:11 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-02-16 13:46 - 2013-01-08 17:10 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-02-16 13:46 - 2013-01-08 17:09 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-02-16 13:46 - 2013-01-08 17:07 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-02-16 13:46 - 2013-01-08 17:07 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-02-16 13:46 - 2013-01-08 17:07 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-02-16 13:46 - 2013-01-08 17:06 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-02-16 13:46 - 2013-01-08 17:05 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-02-16 13:46 - 2013-01-08 17:04 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-02-16 13:46 - 2013-01-08 17:04 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-02-16 13:46 - 2013-01-08 17:00 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-02-16 13:46 - 2013-01-08 14:23 - 12321280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-02-16 13:46 - 2013-01-08 14:11 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-02-16 13:46 - 2013-01-08 14:09 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-02-16 13:46 - 2013-01-08 14:03 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-02-16 13:46 - 2013-01-08 14:03 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-02-16 13:46 - 2013-01-08 14:03 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-02-16 13:46 - 2013-01-08 14:01 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-02-16 13:46 - 2013-01-08 14:00 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-02-16 13:46 - 2013-01-08 13:59 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-02-16 13:46 - 2013-01-08 13:58 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-02-16 13:46 - 2013-01-08 13:58 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-02-16 13:46 - 2013-01-08 13:57 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-02-16 13:46 - 2013-01-08 13:56 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-02-16 13:46 - 2013-01-08 13:56 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-02-16 13:46 - 2013-01-08 13:56 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-02-16 13:46 - 2013-01-08 13:53 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-02-16 12:57 - 2013-02-16 12:57 - 00002531 ____A C:\Users\Public\Desktop\TurboTax 2012.lnk
2013-02-15 10:08 - 2013-01-03 21:41 - 01893224 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-02-15 10:08 - 2013-01-03 21:40 - 00287576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2013-02-15 10:08 - 2013-01-03 21:37 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2013-02-15 10:08 - 2013-01-03 21:37 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2013-02-15 10:08 - 2013-01-03 21:37 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2013-02-15 10:08 - 2013-01-03 21:36 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2013-02-15 10:08 - 2013-01-03 21:33 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2013-02-15 10:08 - 2013-01-03 21:30 - 01161216 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-02-15 10:08 - 2013-01-03 21:30 - 00424960 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2013-02-15 10:08 - 2013-01-03 21:27 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 21:27 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 21:27 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 21:27 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 21:27 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 21:27 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 21:27 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 21:27 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 21:27 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 21:27 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 21:27 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 21:26 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 21:26 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 21:26 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 21:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 21:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 21:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 21:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 21:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 21:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 21:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 21:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 21:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 21:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 21:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 21:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 21:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 21:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 20:51 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-02-15 10:08 - 2013-01-03 20:51 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-02-15 10:08 - 2013-01-03 20:51 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-02-15 10:08 - 2013-01-03 20:43 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 20:43 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 20:43 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 20:43 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 20:43 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 20:43 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 20:43 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 20:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 20:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 20:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 20:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 20:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 20:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 20:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 20:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 20:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 20:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 20:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 20:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 20:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 20:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 20:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 20:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 20:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 19:22 - 03150848 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-02-15 10:08 - 2013-01-03 19:19 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2013-02-15 10:08 - 2013-01-03 18:48 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-02-15 10:08 - 2013-01-03 18:48 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-02-15 10:08 - 2013-01-03 18:48 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-02-15 10:08 - 2013-01-03 18:48 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-02-15 10:08 - 2013-01-03 18:43 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 18:43 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 18:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-02-15 10:08 - 2013-01-03 18:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-02-06 19:42 - 2013-02-06 19:42 - 00009075 ____A C:\Users\Meghan\Downloads\Melissa Shower(1).xlsx
2013-02-06 19:36 - 2013-02-06 19:36 - 00009217 ____A C:\Users\Meghan\Downloads\Outlook.zip
2013-02-03 14:08 - 2013-02-18 17:36 - 00011943 ____A C:\Users\Meghan\Desktop\Melissa Shower.xlsx
2013-02-03 14:07 - 2013-02-03 14:07 - 00009134 ____A C:\Users\Meghan\Downloads\Melissa Shower.xlsx


==================== One Month Modified Files and Folders =======

2013-02-28 22:29 - 2013-02-20 17:51 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security
2013-02-28 22:29 - 2012-01-31 18:27 - 00000000 ____D C:\Windows\System32\Drivers\N360x64
2013-02-28 22:29 - 2012-01-14 09:27 - 00000000 ____D C:\Program Files (x86)\Norton 360
2013-02-28 22:29 - 2009-11-15 14:38 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-02-28 22:29 - 2009-11-15 14:33 - 00000000 ____D C:\users\Meghan
2013-02-28 22:29 - 2009-09-03 01:28 - 00000000 ____D C:\ProgramData\Norton
2013-02-28 22:29 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2013-02-28 22:29 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\AppCompat
2013-02-24 10:54 - 2013-02-24 10:54 - 00000000 ____D C:\NBRT
2013-02-22 17:05 - 2013-02-22 17:05 - 02814956 ____A C:\Users\Meghan\Downloads\Video.MOV
2013-02-22 16:53 - 2013-02-22 16:53 - 00000000 ____D C:\Windows\System32\Macromed
2013-02-20 17:53 - 2013-02-20 17:53 - 00000000 ____D C:\Program Files\Symantec
2013-02-18 17:39 - 2013-02-18 17:39 - 00010900 ____A C:\Users\Meghan\Downloads\Melissa Shower List.xlsx
2013-02-18 17:36 - 2013-02-03 14:08 - 00011943 ____A C:\Users\Meghan\Desktop\Melissa Shower.xlsx
2013-02-18 17:35 - 2013-02-17 19:27 - 00010900 ____A C:\Users\Meghan\Desktop\Melissa Shower List.xlsx
2013-02-18 16:20 - 2009-10-23 06:16 - 02089543 ____A C:\Windows\WindowsUpdate.log
2013-02-18 16:16 - 2012-10-07 05:54 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-02-18 16:16 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-02-18 16:16 - 2009-07-13 20:51 - 00087394 ____A C:\Windows\setupact.log
2013-02-17 19:04 - 2012-10-07 05:54 - 00000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-02-17 18:36 - 2009-07-13 21:13 - 00726444 ____A C:\Windows\System32\PerfStringBackup.INI
2013-02-17 18:36 - 2009-07-13 20:45 - 00014144 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-02-17 18:36 - 2009-07-13 20:45 - 00014144 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-02-16 20:57 - 2012-01-21 08:52 - 00000000 ____D C:\Users\Meghan\Desktop\Tax Returns
2013-02-16 14:12 - 2009-07-13 20:45 - 00459696 ____A C:\Windows\System32\FNTCACHE.DAT
2013-02-16 13:54 - 2012-02-17 15:57 - 00000129 ____A C:\Windows\System32\MRT.INI
2013-02-16 13:52 - 2012-01-31 17:52 - 70004024 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-02-16 12:58 - 2012-02-05 14:30 - 00000629 ____A C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2013-02-16 12:57 - 2013-02-16 12:57 - 00002531 ____A C:\Users\Public\Desktop\TurboTax 2012.lnk
2013-02-16 12:55 - 2011-03-26 17:38 - 00000000 ____D C:\Program Files (x86)\TurboTax
2013-02-09 10:32 - 2012-05-10 17:35 - 00002499 ____A C:\Users\Public\Desktop\Norton 360.lnk
2013-02-06 19:42 - 2013-02-06 19:42 - 00009075 ____A C:\Users\Meghan\Downloads\Melissa Shower(1).xlsx
2013-02-06 19:36 - 2013-02-06 19:36 - 00009217 ____A C:\Users\Meghan\Downloads\Outlook.zip
2013-02-03 14:07 - 2013-02-03 14:07 - 00009134 ____A C:\Users\Meghan\Downloads\Melissa Shower.xlsx


ATTENTION: ========> Check for possible partition/boot infection:
C:\Windows\svchost.exe

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

TDL4: custom:26000022 <===== ATTENTION!

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2013-02-08 16:55:32
Restore point made on: 2013-02-08 20:16:23
Restore point made on: 2013-02-10 03:04:04
Restore point made on: 2013-02-11 17:49:09
Restore point made on: 2013-02-11 19:35:03
Restore point made on: 2013-02-16 12:56:29
Restore point made on: 2013-02-16 13:46:11
Restore point made on: 2013-02-16 21:00:11
Restore point made on: 2013-02-18 16:20:59
Restore point made on: 2013-02-18 19:46:17
Restore point made on: 2013-02-20 17:46:15
Restore point made on: 2013-02-21 15:38:06
Restore point made on: 2013-02-21 19:36:00
Restore point made on: 2013-02-23 05:51:32
Restore point made on: 2013-02-23 12:03:35
Restore point made on: 2013-02-23 21:00:48

==================== Memory info ===========================

Percentage of memory in use: 15%
Total physical RAM: 3935.02 MB
Available physical RAM: 3319.44 MB
Total Pagefile: 3933.17 MB
Available Pagefile: 3304.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Partitions =============================

1 Drive c: () (Fixed) (Total:290.09 GB) (Free:232 GB) NTFS
2 Drive e: (Recovery) (Fixed) (Total:7.9 GB) (Free:0.83 GB) NTFS ==>[System with boot components (obtained from reading drive)]
4 Drive g: (STORE N GO) (Removable) (Total:3.75 GB) (Free:3.75 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
6 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
ATTENTION: Malware custom entry on BCD on drive y: detected. Check for MBR/Partition infection.

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 298 GB 0 B
Disk 1 Online 3850 MB 0 B

Partitions of Disk 0:
===============

Disk ID: A2EB41AF

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 8093 MB 1024 KB
Partition 2 Primary 100 MB 8094 MB
Partition 3 Primary 290 GB 8 GB

==================================================================================

Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E Recovery NTFS Partition 8093 MB Healthy Hidden

=========================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y System Rese NTFS Partition 100 MB Healthy

=========================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 290 GB Healthy

=========================================================

Partitions of Disk 1:
===============

Disk ID: C3072E18

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3849 MB 31 KB

==================================================================================

Disk: 1
Partition 1
Type : 0C
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G STORE N GO FAT32 Removable 3849 MB Healthy

=========================================================

Last Boot: 2013-02-15 16:23

==================== End Of Log =============================

my system seams to be getting really slow when i click on links it takes about 2 minutes for the link to open as i have done scans with all the free tools available to me i use to download torrents as well so can someone clean out my system for me please or just have a look at what is going on.


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16464
Run by wayne at 10:45:04 on 2013-03-02
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4079.1038 [GMT 10:00]
.
AV: AVG Internet Security 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: AVG Internet Security 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2013 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Windows\System32\alg.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files (x86)\TechSmith\Jing\Jing.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Microsoft LifeCam\MSCamS64.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\TurboYourPC\TurboYourPCTray.exe
C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
C:\Users\wayne\AppData\Local\Mozilla Firefox\firefox.exe
C:\Users\wayne\AppData\Local\Mozilla Firefox\plugin-container.exe
C:\Users\wayne\AppData\Local\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.searchnu.com/406
uSearch Bar = Preserve
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\6.9\iobitappsToolbarIE.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: &RoboForm Toolbar: {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: IObit Apps Toolbar: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\6.9\iobitappsToolbarIE.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
uRun: [Jing] C:\Program Files (x86)\TechSmith\Jing\Jing.exe
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
uPolicies-Explorer: NoResolveTrack = dword:1
uPolicies-Explorer: NoThumbnailCache = dword:1
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoResolveTrack = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect119b.cab
TCP: NameServer = 10.0.0.138
TCP: Interfaces\{AEDB4C5B-511E-4F24-8612-EBAA388B3A8F} : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{CBC15570-2490-4E9D-B37C-9C2452B7E641} : DHCPNameServer = 10.0.0.138
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: avgsecuritytoolbar - <Clsid value has no data>
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\PROGRA~3\Wincert\WIN32C~1.DLL C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagitBHO64.dll
x64-BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: DataMngr: {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\BrowserConnection.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-TB: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagitIEAddin64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: avgsecuritytoolbar - <Clsid value has no data>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\wayne\AppData\Roaming\Mozilla\Firefox\Profiles\v1obdmfc.default-1351150431684\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&CUI=UN70031433728806666&UM=1&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com.au/
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=420&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=3100940617624097&o=APN10645&q=
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\NP65Stub.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\Users\wayne\AppData\Local\Fuze Box\Fuze Meeting\npfuzeshare.dll
FF - plugin: C:\Users\wayne\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Users\wayne\AppData\Roaming\Mozilla\Firefox\Profiles\v1obdmfc.default-1351150431684\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\plugins\np-mswmp.dll
FF - plugin: C:\Users\wayne\AppData\Roaming\Mozilla\Firefox\Profiles\v1obdmfc.default-1351150431684\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\plugins\npConduitFirefoxPlugin.dll
FF - plugin: C:\Users\wayne\AppData\Roaming\Mozilla\Firefox\Profiles\v1obdmfc.default-1351150431684\extensions\{edbc2cbd-b8ae-4185-a1fd-4badf47dc4da}\plugins\np-mswmp.dll
FF - plugin: C:\Users\wayne\AppData\Roaming\Mozilla\Firefox\Profiles\v1obdmfc.default-1351150431684\extensions\{edbc2cbd-b8ae-4185-a1fd-4badf47dc4da}\plugins\npConduitFirefoxPlugin.dll
FF - plugin: C:\Users\wayne\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\wayne\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\wayne\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll
FF - ExtSQL: 2013-02-03 15:31; firebug@software.joehewitt.com; C:\Users\wayne\AppData\Roaming\Mozilla\Firefox\Profiles\v1obdmfc.default-1351150431684\extensions\firebug@software.joehewitt.com.xpi
FF - ExtSQL: 2013-02-03 17:56; 65ffxtbr@FromDocToPDF_65.com; C:\Users\wayne\AppData\Roaming\Mozilla\Firefox\Profiles\v1obdmfc.default-1351150431684\extensions\65ffxtbr@FromDocToPDF_65.com
FF - ExtSQL: 2013-02-24 08:17; {edbc2cbd-b8ae-4185-a1fd-4badf47dc4da}; C:\Users\wayne\AppData\Roaming\Mozilla\Firefox\Profiles\v1obdmfc.default-1351150431684\extensions\{edbc2cbd-b8ae-4185-a1fd-4badf47dc4da}
FF - ExtSQL: 2013-02-24 10:27; {B81B80BF-8F35-4BC0-9236-EFB3F7EE9282}; C:\Users\wayne\AppData\Roaming\Mozilla\Firefox\Profiles\v1obdmfc.default-1351150431684\extensions\{B81B80BF-8F35-4BC0-9236-EFB3F7EE9282}.xpi
FF - ExtSQL: 2013-02-25 16:48; iobitapps@mybrowserbar.com; C:\Program Files (x86)\IObit Apps Toolbar\FF
FF - ExtSQL: 2013-02-27 20:06; {ba14329e-9550-4989-b3f2-9732e92d17cc}; C:\Users\wayne\AppData\Roaming\Mozilla\Firefox\Profiles\v1obdmfc.default-1351150431684\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
FF - ExtSQL: !HIDDEN! 2012-09-29 19:03; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - ExtSQL: !HIDDEN! 2013-02-03 17:57; 65ffxtbr@FromDocToPDF_65.com; C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.Softonic.rvrtMsg - Click Yes to keep current home page and default search settings, Click No to restore original settings
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic_i.hmpg - true
FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/INF00040/tb_v1?SearchSource=13&cc=
FF - user.js: extensions.Softonic.hpOld - hxxp://start.roboform.com
FF - user.js: extensions.Softonic.hpNew - hxxp://search.softonic.com/INF00040/tb_v1?SearchSource=13&cc=
FF - user.js: extensions.Softonic.dfltSrch - true
FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic)
FF - user.js: extensions.Softonic.keyWordUrl - hxxp://search.softonic.com/INF00040/tb_v1?SearchSource=2&cc=&q=
FF - user.js: extensions.Softonic.dspOld - Search the web (Babylon)
FF - user.js: extensions.Softonic.dspNew - Search the web (Softonic)
FF - user.js: extensions.Softonic_i.dnsErr - true
FF - user.js: extensions.Softonic_i.newTab - true
FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/INF00040/tb_v1?SearchSource=15&cc=
FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/INF00040/tb_v1?SearchSource=1&cc=&q=
FF - user.js: extensions.Softonic.id - 2a479637000000000000ac81125f90e3
FF - user.js: extensions.Softonic.instlDay - 15663
FF - user.js: extensions.Softonic.vrsn - 1.6.7.4
FF - user.js: extensions.Softonic.vrsni - 1.6.7.4
FF - user.js: extensions.Softonic_i.vrsnTs - 1.6.7.421:19:34
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - SD
FF - user.js: extensions.Softonic_i.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - BASEirobinhoodActive
FF - user.js: extensions.Softonic.instlRef - INF00040
FF - user.js: extensions.Softonic.dfltLng -
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.admin - false
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=2a479637000000000000ac81125f90e3&q=
FF - user.js: extensions.BabylonToolbar.id - 2a479637000000000000ac81125f90e3
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15691
FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.4.9
FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.4.9
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.4.917:47:21
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar_i.excTlbr - false
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=116301&tt=5112_3
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar.autoRvrt - false
FF - user.js: extensions.BabylonToolbar.rvrt - false
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 3
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-10-15 63328]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2012-9-21 225120]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2012-11-15 111968]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-9-14 40800]
R0 SCMNdisP;General NDIS Protocol Driver;C:\Windows\System32\drivers\SCMNdisP.sys [2012-8-13 25312]
R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2012-9-4 50296]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2012-10-22 154464]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-10-2 185696]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2012-9-21 200032]
R1 SBRE;SBRE;C:\Windows\System32\drivers\sbredrv.sys [2012-9-28 45656]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-2-22 465216]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2012-8-13 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-4-26 237056]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2012-12-10 1342024]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-10-30 13592]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2009-3-10 951632]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-10-12 398184]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-10-12 682344]
R2 RalinkRegistryWriter;RalinkRegistryWriter;C:\Program Files (x86)\Ralink\Common\RaRegistry.exe [2012-8-16 372736]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608]
R2 sbapifs;sbapifs;C:\Windows\System32\drivers\sbapifs.sys [2010-6-14 64600]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-2-28 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-2-28 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-2-28 168384]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-8-13 3064000]
R2 sxuptp;SXUPTP Driver;C:\Windows\System32\drivers\sxuptp.sys [2012-8-13 78952]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-9-15 2754984]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2012-9-19 2365792]
R2 WSWNA3100;WSWNA3100;C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [2012-8-13 285152]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-10-12 24176]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\Windows\System32\drivers\nx6000.sys [2010-12-13 36720]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-8-24 1885792]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-8-23 565352]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-8-28 11880]
RUnknown SASKUTIL;SASKUTIL; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
S2 Codecs Pack Manager;Codecs Pack Manager;C:\ProgramData\Codecs Pack Manager\2.2.558.175\{16cdff19-861d-48e3-a751-d99a27784753}\codecmngr.exe [2012-8-16 1695776]
S2 RaMediaServer;Ralink UPnP Media Server;C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [2012-8-16 625728]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-8-16 231440]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-8-13 57280]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-7-28 1511872]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-24 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-24 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-10-24 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-8-13 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
.
=============== File Associations ===============
.
FileExt: .js: JSFile="C:\Program Files (x86)\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" [default=Edit - 'Open' doesn't exist]
.
=============== Created Last 30 ================
.
2013-03-01 13:45:52 -------- d-----w- C:\Users\wayne\AppData\Roaming\T55
2013-03-01 13:45:42 -------- d-----w- C:\Program Files (x86)\PC Speed Up
2013-03-01 12:55:39 -------- d-----w- C:\Users\wayne\AppData\Roaming\AVG2013
2013-03-01 12:53:25 -------- d--h--w- C:\$AVG
2013-03-01 12:53:25 -------- d-----w- C:\ProgramData\AVG2013
2013-03-01 12:49:47 -------- d-----w- C:\Users\wayne\AppData\Local\MFAData
2013-03-01 12:49:47 -------- d-----w- C:\Users\wayne\AppData\Local\Avg2013
2013-03-01 12:49:47 -------- d-----w- C:\ProgramData\MFAData
2013-03-01 11:19:44 -------- d-----w- C:\ProgramData\Photo Notifier and Animation Creator
2013-03-01 11:19:44 -------- d-----w- C:\Program Files (x86)\Photo Notifier and Animation Creator
2013-03-01 09:27:07 -------- d-----w- C:\Users\wayne\AppData\Roaming\Smadav
2013-03-01 09:27:07 -------- d-----w- C:\Program Files (x86)\Smadav
2013-03-01 09:26:53 -------- d-sh--w- C:\[Smad-Cage]
2013-02-28 12:48:43 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-02-28 12:48:33 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
2013-02-28 12:48:28 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-02-28 12:13:01 56016 ----a-w- C:\Windows\System32\drivers\fsbts.sys
2013-02-28 09:20:13 -------- d-----w- C:\ProgramData\Simply Super Software
2013-02-27 19:08:07 -------- d-----w- C:\Users\wayne\AppData\Roaming\File Scout
2013-02-27 12:23:19 -------- d-----w- C:\Program Files (x86)\Gophoto.it
2013-02-27 12:23:11 -------- d-----w- C:\Program Files (x86)\TornTV.com
2013-02-27 11:54:24 -------- d-----w- C:\ProgramData\Browser Manager
2013-02-27 11:45:53 -------- d-----w- C:\Program Files (x86)\Advanced Fix 2012
2013-02-27 10:16:07 -------- d-----w- C:\Program Files (x86)\TuneUpMedia
2013-02-27 10:16:06 -------- d-----w- C:\Users\wayne\AppData\Roaming\TuneUpMedia
2013-02-27 10:16:04 -------- d-----w- C:\ProgramData\TuneUpMedia
2013-02-27 09:45:16 -------- d-----w- C:\ProgramData\Wincert
2013-02-27 09:45:03 -------- d-----w- C:\Program Files (x86)\Search Results Toolbar
2013-02-26 09:52:39 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-02-26 09:52:39 -------- d-----w- C:\Program Files (x86)\iTunes
2013-02-26 07:29:27 -------- d-----w- C:\Program Files (x86)\Cliff Carrigan
2013-02-26 07:29:15 -------- d-----w- C:\Users\wayne\AppData\Local\Programs
2013-02-25 06:48:55 -------- d-----w- C:\Program Files (x86)\IObit Apps Toolbar
2013-02-25 06:48:45 -------- d-----w- C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-02-23 11:21:59 -------- d-----w- C:\Users\wayne\AppData\Local\Mozilla Firefox
2013-02-22 03:33:21 -------- d-----w- C:\ProgramData\IObit
2013-02-22 03:10:32 -------- d-----w- C:\Users\wayne\AppData\Roaming\IObit
2013-02-22 03:10:31 -------- d-----w- C:\Program Files (x86)\IObit
2013-02-21 10:26:09 -------- d-----w- C:\Users\wayne\AppData\Roaming\com.longtailpro.LongTailPro
2013-02-21 10:26:00 -------- d-----w- C:\Program Files (x86)\LongTailPro
2013-02-16 20:42:31 -------- d-----w- C:\Users\wayne\AppData\Local\Fuze Box
2013-02-16 03:22:42 -------- d-----w- C:\Users\wayne\AppData\Local\assembly
2013-02-15 22:04:52 208448 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2013-02-13 17:03:28 996352 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 17:03:28 768000 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 09:04:48 -------- d-----w- C:\Users\wayne\AppData\Roaming\RealNetworks
2013-02-13 09:04:45 -------- d-----w- C:\Users\wayne\AppData\Roaming\OpenCandy
2013-02-13 09:04:32 -------- d-----w- C:\ProgramData\RealNetworks
2013-02-13 09:04:32 -------- d-----w- C:\Program Files (x86)\RealNetworks
2013-02-13 09:04:26 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared
2013-02-13 06:22:53 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-02-13 06:22:53 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-02-13 06:22:53 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-02-13 06:22:45 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-02-13 06:22:42 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-02-13 06:22:42 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-02-13 06:22:42 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-02-13 06:22:42 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-02-13 06:22:42 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-02-13 06:22:42 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-02-13 06:22:36 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-02-13 06:22:36 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-02-11 02:25:29 -------- d-----w- C:\Users\wayne\AppData\Roaming\EasyLinkGrabber
2013-02-11 02:20:12 -------- d-----w- C:\Program Files (x86)\EasyLinkGrabber
2013-02-10 11:01:22 -------- d-----w- C:\Users\wayne\AppData\Local\EasyProjectManager
2013-02-10 10:58:35 -------- d-----w- C:\Program Files (x86)\EasyProjectManager
2013-02-03 07:56:52 -------- d-----w- C:\Users\wayne\AppData\Local\FromDocToPDF_65
2013-02-03 07:56:49 -------- d-----w- C:\Program Files (x86)\FromDocToPDF_65
2013-02-03 06:23:32 -------- d-----w- C:\Users\wayne\AppData\Roaming\SocialRankJetSuite
2013-02-01 12:03:01 -------- d-----w- C:\Users\wayne\AppData\Roaming\JonathanLeger.com
2013-02-01 12:00:37 -------- d-----w- C:\Users\wayne\AppData\Local\JonathanLeger.com
2013-02-01 11:58:19 -------- d-----w- C:\Program Files (x86)\TheBestSpinner3
2013-02-01 10:39:02 -------- d-----w- C:\Program Files (x86)\IM Powerhouse
.
==================== Find3M ====================
.
2013-02-27 09:51:05 71024 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-27 09:51:05 691568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-02-13 09:04:20 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2013-02-13 09:04:20 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2013-01-13 21:17:03 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17:02 2560 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16:42 10752 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12:46 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11:21 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11:08 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11:07 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35:31 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35:31 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35:18 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32:07 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31:48 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31:41 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31:40 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31:00 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-01-13 20:22:22 1988096 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2013-01-13 20:20:31 293376 ----a-w- C:\Windows\SysWow64\dxgi.dll
2013-01-13 20:09:00 249856 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08:43 220160 ----a-w- C:\Windows\SysWow64\d3d10core.dll
2013-01-13 20:08:35 1504768 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-01-13 19:59:04 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-01-13 19:58:28 1175552 ----a-w- C:\Windows\System32\FntCache.dll
2013-01-13 19:54:01 604160 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2013-01-13 19:53:58 207872 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53:14 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll
2013-01-13 19:51:30 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2013-01-13 19:49:17 363008 ----a-w- C:\Windows\System32\dxgi.dll
2013-01-13 19:48:47 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2013-01-13 19:46:25 1080832 ----a-w- C:\Windows\SysWow64\d3d10.dll
2013-01-13 19:43:21 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38:39 333312 ----a-w- C:\Windows\System32\d3d10_1core.dll
2013-01-13 19:38:32 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-01-13 19:38:21 296960 ----a-w- C:\Windows\System32\d3d10core.dll
2013-01-13 19:37:57 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2013-01-13 19:25:04 245248 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll
2013-01-13 19:24:33 648192 ----a-w- C:\Windows\System32\d3d10level9.dll
2013-01-13 19:24:30 221184 ----a-w- C:\Windows\System32\UIAnimation.dll
2013-01-13 19:20:42 194560 ----a-w- C:\Windows\System32\d3d10_1.dll
2013-01-13 19:20:04 1238528 ----a-w- C:\Windows\System32\d3d10.dll
2013-01-13 19:15:40 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-01-13 19:10:36 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2013-01-13 19:02:06 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-01-13 18:34:58 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32:43 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-01-13 18:09:52 522752 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2013-01-13 17:26:42 1158144 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2013-01-13 17:05:09 1682432 ----a-w- C:\Windows\System32\XpsPrint.dll
2013-01-09 01:19:09 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-01-09 01:12:03 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-01-09 01:11:06 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-01-09 01:07:51 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-01-09 01:07:47 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-01-09 01:04:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-01-08 22:11:21 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-01-08 22:03:20 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-01-08 22:03:12 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-01-08 21:59:02 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-01-08 21:58:29 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-01-08 21:56:23 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-01-04 06:11:21 2284544 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2013-01-04 06:11:13 2776576 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-14 06:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
.
============= FINISH: 10:45:38.49 ===============

Attached Files

Image may be NSFW. Clik here to view.

attach.zip (8.0 KB)