User Tag List

Malware Problem/Rich

This is a discussion on Malware Problem/Rich within the Inactive Malware Help Topics forums, part of the Tech Support Forum category. Hello, I am having a problem with internt browsing speed. I actually can't type without doing it very slowly. The


 
 
Thread Tools Search this Thread
Old 05-31-2012, 12:20 PM   #1
Registered Member
 
Join Date: May 2012
Posts: 1
OS: Windows7



Hello, I am having a problem with internt browsing speed. I actually can't type without doing it very slowly. The computer doesn't recognise the keys I have hit unless I wait for it to show up on the screen. I also haven't been able to download adobe flash player. I've done the DDS scan but I'm not sure if I've disabled the script blocker correctly. Please let me know if I have to try and get that done again. Here is the log file.

Thank You

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Richard at 13:00:59 on 2012-05-31
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3835.2352 [GMT -5:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwssvc.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\PROGRA~2\RETROG~2\bar\1.bin\2zbarsvc.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Kodak\KODAK Share Button App\Listener.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.EXE
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
C:\Users\Richard\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Users\Richard\AppData\Local\Smartbar\Application\Smartbar.exe
C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Sapro Systems WinCalendarV3\WinCalendarV3_SysTray.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zbrmon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\conhost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Richard\AppData\Roaming\Genieo\Application\TrayUi\bin\gentray.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Java\jre6\bin\javaw.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Richard\AppData\Roaming\Genieo\Application\Updater\bin\genupdater.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://feed.helperbar.com/?publisher=W3i&dpid=W3i&co=US&userid=51d035a0-288b-466d-88d1-92c0e60affdf&searchtype=ds&isid=9860&q={searchTerms}
uSearch Bar = hxxp://feed.helperbar.com/?publisher=W3i&dpid=W3i&co=US&userid=51d035a0-288b-466d-88d1-92c0e60affdf&searchtype=ds&isid=9860&q={searchTerms}
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://feed.helperbar.com/?publisher=W3i&dpid=W3i&co=US&userid=51d035a0-288b-466d-88d1-92c0e60affdf&searchtype=ds&isid=9860&q={searchTerms}
uURLSearchHooks: N/A: {1c583e40-0629-4bb9-ab68-1cf539f2f782} - C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zSrcAs.dll
uURLSearchHooks: N/A: {00a6faf6-072e-44cf-8957-5838f569a31d} - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
mURLSearchHooks: TranslatorBar 5 Toolbar: {b9b97401-98e1-4942-930d-c36652dab7f2} - C:\Program Files (x86)\TranslatorBar_5\tbTran.dll
mURLSearchHooks: Productivity 3.1 Toolbar: {9427041a-a8dc-4d06-9a68-93873486e957} - C:\Program Files (x86)\Productivity_3.1\prxtbProd.dll
mWinlogon: Userinit=userinit.exe
BHO: MyWebSearch Search Assistant BHO: {00a6faf1-072e-44cf-8957-5838f569a31d} - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: My Personal Homepage: {0538cf1c-8419-4800-adbb-0c00c799fda2} - C:\Users\Richard\AppData\Roaming\Genieo\Application\IEPlugins\bin\IEWrapper.dll
BHO: mwsBar BHO: {07b18ea1-a523-4961-b6bb-170de4475cca} - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL
BHO: ALOT Toolbar Helper: {14ceeaff-96dd-4101-ae37-d5ecdc23c3f6} - C:\Program Files (x86)\alot\bin\BHO\alotBHO.dll
BHO: PriceGongBHO Class: {1631550f-191d-4826-b069-d9439253d926} - C:\Program Files (x86)\PriceGong\2.1.0\PriceGongIE.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\IPS\IPSBHO.DLL
BHO: Search Assistant BHO: {6ffed9d8-942f-4384-aa29-d3bd083a346a} - C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zSrcAs.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Productivity 3.1 Toolbar: {9427041a-a8dc-4d06-9a68-93873486e957} - C:\Program Files (x86)\Productivity_3.1\prxtbProd.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: RewardsArcadeSuite: {b6ef6c45-5e8d-4c3b-b580-a5073261a381} - C:\Program Files (x86)\RewardsArcadeSuite\RewardsArcadeSuite.dll
BHO: TranslatorBar 5 Toolbar: {b9b97401-98e1-4942-930d-c36652dab7f2} - C:\Program Files (x86)\TranslatorBar_5\tbTran.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: WeCareReminder Class: {d824f0de-3d60-4f57-9eb1-66033ecd8abb} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: NetAssistantBHO Class: {e38fa08e-f56a-4169-abf5-5c71e3c153a1} - C:\Program Files (x86)\Freeze.com\My.Freeze.com NetAssistant\NetAssistant.dll
BHO: Toolbar BHO: {fc1e426b-fa76-428f-b680-86ef1edb13c1} - C:\PROGRA~2\RETROG~2\bar\1.bin\2zbar.dll
BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coIEPlg.dll
TB: ALOT Toolbar: {5aa2ba46-9913-4dc7-9620-69ab0fa17ae7} - C:\Program Files (x86)\alot\bin\alot.dll
TB: My Web Search: {07b18ea9-a523-4961-b6bb-170de4475cca} - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: TranslatorBar 5 Toolbar: {b9b97401-98e1-4942-930d-c36652dab7f2} - C:\Program Files (x86)\TranslatorBar_5\tbTran.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Retrogamer: {54ba686e-738f-42fe-badd-d8cb7cfbc07e} - C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zbar.dll
TB: Productivity 3.1 Toolbar: {9427041a-a8dc-4d06-9a68-93873486e957} - C:\Program Files (x86)\Productivity_3.1\prxtbProd.dll
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe 1
uRun: [MyWebSearch Email Plugin] C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwsoemon.exe
uRun: [WinCalendarV3] "C:\Program Files (x86)\Sapro Systems WinCalendarV3\WinCalendarV3_SysTray.exe /q /c"
uRun: [GenieoUpdaterService] "C:\Users\Richard\AppData\Roaming\Genieo\Application\Updater\bin\genupdater.exe" -wait 5
uRun: [GenieoSystemTray] "C:\Users\Richard\AppData\Roaming\Genieo\Application\TrayUi\bin\gentray.exe"
uRun: [Itibiti.exe] C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
uRun: [SansaDispatch] C:\Users\Richard\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
uRun: [ChicaPasswordManager] C:\Program Files (x86)\ChicaLogic\Chica Password Manager\stpass.exe
uRun: [Desktop Software] "C:\Program Files (x86)\Common Files\SupportSoft\bin\bcont.exe" /ini "C:\Program Files (x86)\ComcastUI\Desktop Software\uinstaller.ini" /fromrun /starthidden
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
uRun: [Browser Infrastructure Helper] C:\Users\Richard\AppData\Local\Smartbar\Application\Smartbar.exe startup
uRun: [InstallIQUpdater] "C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~2\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
mRun: [MyWebSearch Email Plugin] C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwsoemon.exe
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [WinCalendarV3] "C:\Program Files (x86)\Sapro Systems WinCalendarV3\WinCalendarV3_SysTray.exe" /q /c
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [<NO NAME>]
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [Retrogamer_2z Browser Plugin Loader] C:\PROGRA~2\RETROG~2\bar\1.bin\2zbrmon.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
mRun: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [PC Cleaners] "C:\Program Files (x86)\PC Cleaners\PCCleaners.exe" /minimize
dRun: [WinCalendarV3] "C:\Program Files (x86)\Sapro Systems WinCalendarV3\WinCalendarV3_SysTray.exe" /q /c
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} - hxxp://archives.gametap.com/static/cab_headless/GameTapWebPlayer.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://aolsvc.aol.com/onlinegames/heavyweapon/popcaploader_v10.cab
TCP: Interfaces\{077F909D-893B-4313-B022-7A36C382D954} : DhcpNameServer = 75.75.76.76 75.75.75.75
TCP: Interfaces\{077F909D-893B-4313-B022-7A36C382D954}\14344594F4E4455434 : DhcpNameServer = 10.0.0.1 205.171.3.25
TCP: Interfaces\{077F909D-893B-4313-B022-7A36C382D954}\26F6373747F6E6567353 : DhcpNameServer = 192.168.11.1
TCP: Interfaces\{077F909D-893B-4313-B022-7A36C382D954}\34F6D666F62747F594E6E6 : DhcpNameServer = 4.2.2.1
TCP: Interfaces\{077F909D-893B-4313-B022-7A36C382D954}\35E656C6C696E676D4F64756C6 : DhcpNameServer = 192.168.1.1 10.1.10.1
TCP: Interfaces\{077F909D-893B-4313-B022-7A36C382D954}\D6F6E6B65697 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{91CAB974-62BC-44F0-BA98-3C648D4E9331} : DhcpNameServer = 192.168.1.1
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: MyWebSearch Search Assistant BHO: {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
BHO-X64: MyWebSearch Search Assistant BHO - No File
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: My Personal Homepage: {0538CF1C-8419-4800-ADBB-0C00C799FDA2} - C:\Users\Richard\AppData\Roaming\Genieo\Application\IEPlugins\bin\IEWrapper.dll
BHO-X64: mwsBar BHO: {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL
BHO-X64: mwsBar BHO - No File
BHO-X64: ALOT Toolbar Helper: {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:\Program Files (x86)\alot\bin\BHO\alotBHO.dll
BHO-X64: ALOT Toolbar Helper - No File
BHO-X64: PriceGongBHO Class: {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.1.0\PriceGongIE.dll
BHO-X64: PriceGong - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coIEPlg.dll
BHO-X64: Symantec NCO BHO - No File
BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\IPS\IPSBHO.DLL
BHO-X64: Symantec Intrusion Prevention - No File
BHO-X64: Search Assistant BHO: {6ffed9d8-942f-4384-aa29-d3bd083a346a} - C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zSrcAs.dll
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Productivity 3.1 Toolbar: {9427041a-a8dc-4d06-9a68-93873486e957} - C:\Program Files (x86)\Productivity_3.1\prxtbProd.dll
BHO-X64: Productivity 3.1 - No File
BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: RewardsArcadeSuite: {B6EF6C45-5E8D-4c3b-B580-A5073261A381} - C:\Program Files (x86)\RewardsArcadeSuite\RewardsArcadeSuite.dll
BHO-X64: RewardsArcadeSuite - No File
BHO-X64: TranslatorBar 5 Toolbar: {b9b97401-98e1-4942-930d-c36652dab7f2} - C:\Program Files (x86)\TranslatorBar_5\tbTran.dll
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO-X64: Ask Toolbar BHO - No File
BHO-X64: WeCareReminder Class: {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll
BHO-X64: WeCareReminder - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: NetAssistantBHO Class: {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files (x86)\Freeze.com\My.Freeze.com NetAssistant\NetAssistant.dll
BHO-X64: NetAssistantBHO - No File
BHO-X64: Toolbar BHO: {fc1e426b-fa76-428f-b680-86ef1edb13c1} - C:\PROGRA~2\RETROG~2\bar\1.bin\2zbar.dll
BHO-X64: Yontoo Layers: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll
BHO-X64: Yontoo Layers - No File
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coIEPlg.dll
TB-X64: ALOT Toolbar: {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files (x86)\alot\bin\alot.dll
TB-X64: My Web Search: {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB-X64: TranslatorBar 5 Toolbar: {b9b97401-98e1-4942-930d-c36652dab7f2} - C:\Program Files (x86)\TranslatorBar_5\tbTran.dll
TB-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB-X64: Retrogamer: {54ba686e-738f-42fe-badd-d8cb7cfbc07e} - C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zbar.dll
TB-X64: Productivity 3.1 Toolbar: {9427041a-a8dc-4d06-9a68-93873486e957} - C:\Program Files (x86)\Productivity_3.1\prxtbProd.dll
TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun-x64: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~2\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
mRun-x64: [MyWebSearch Email Plugin] C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwsoemon.exe
mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun-x64: [WinCalendarV3] "C:\Program Files (x86)\Sapro Systems WinCalendarV3\WinCalendarV3_SysTray.exe" /q /c
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [(Default)]
mRun-x64: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun-x64: [Retrogamer_2z Browser Plugin Loader] C:\PROGRA~2\RETROG~2\bar\1.bin\2zbrmon.exe
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
mRun-x64: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun-x64: [PC Cleaners] "C:\Program Files (x86)\PC Cleaners\PCCleaners.exe" /minimize
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1207010.003\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1207010.003\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1207010.003\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1207010.003\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20120517.001\BHDrvx64.sys [2012-5-25 1160824]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20120530.001\IDSviA64.sys [2012-5-31 488568]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1207010.003\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1207010.003\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\NISx64\1207010.003\SYMNETS.SYS --> C:\Windows\system32\Drivers\NISx64\1207010.003\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2010-9-1 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-6-12 400368]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-18 103992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-5-21 103992]
R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-6-14 26680]
R2 MyWebSearchService;My Web Search Service;C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwssvc.exe [2010-10-10 28762]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccsvchst.exe [2012-4-4 130008]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 Retrogamer_2zService;RetrogamerService;C:\PROGRA~2\RETROG~2\bar\1.bin\2zbarsvc.exe [2011-10-12 42504]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe [2012-5-18 935480]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\system32\drivers\btwampfl.sys --> C:\Windows\system32\drivers\btwampfl.sys [?]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
R3 clwvd;HP Webcam Splitter;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-2-16 138360]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-16 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-4 257696]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-16 135664]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;C:\Windows\system32\DRIVERS\rtl8187.sys --> C:\Windows\system32\DRIVERS\rtl8187.sys [?]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-05-27 04:46:26 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0399E76F-3BAC-4768-877C-4C334CA61CC0}\mpengine.dll
2012-05-27 04:28:00 -------- d-----w- C:\Users\Richard\AppData\Local\ElevatedDiagnostics
2012-05-26 03:37:58 163048 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10141.bin
2012-05-21 14:59:30 -------- d-----w- C:\Users\Richard\AppData\Roaming\PC Cleaners
2012-05-21 14:59:23 4101392 ----a-w- C:\Windows\uninst.exe
2012-05-21 14:59:23 -------- d-----w- C:\Users\Richard\AppData\Roaming\PCPro
2012-05-21 14:59:22 -------- d-----w- C:\ProgramData\PC1Data
2012-05-21 14:59:22 -------- d-----w- C:\Program Files (x86)\PC Cleaners
2012-05-18 20:30:45 -------- d-----w- C:\Users\Richard\AppData\Local\AVG Secure Search
2012-05-18 20:29:24 -------- d-----w- C:\ProgramData\AVG Secure Search
2012-05-18 20:29:18 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
2012-05-18 20:29:17 -------- d-----w- C:\Program Files (x86)\AVG Secure Search
2012-05-18 20:26:02 -------- d--h--w- C:\ProgramData\Common Files
2012-05-18 20:07:28 -------- d-----w- C:\Users\Richard\AppData\Roaming\Nico Mak Computing
2012-05-18 20:07:26 -------- d-----w- C:\Users\Richard\AppData\Roaming\OpenCandy
2012-05-18 20:07:24 18760 ----a-w- C:\Windows\System32\roboot64.exe
2012-05-12 11:02:20 -------- d-----w- C:\Program Files\iPod
2012-05-12 11:02:19 -------- d-----w- C:\Program Files\iTunes
2012-05-12 05:44:43 1544704 ----a-w- C:\Windows\System32\DWrite.dll
2012-05-12 05:44:42 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-05-12 05:44:37 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-12 05:44:36 3146240 ----a-w- C:\Windows\System32\win32k.sys
2012-05-12 05:44:35 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-12 05:44:35 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-12 05:43:50 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-05-12 05:43:41 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-05-12 05:43:38 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-12 05:43:38 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
.
==================== Find3M ====================
.
2012-05-07 14:45:47 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-07 14:45:47 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-05-07 14:44:54 8769696 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
.
============= FINISH: 13:02:02.92 ===============
davisengineerin is offline  
Sponsored Links
Advertisement
 
Old 06-03-2012, 12:56 AM   #2
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello and Welcome to TSF.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

It appears you didn't attach the second dds log, Attach.txt, to your initial post.

Press the Windows "logo" key and "R" key then copy/paste the following into the Run box and click OK:

%temp%\attach.txt

A text file should open. Save it to your desktop then attach that file to your next reply.

------------------------------------------------------

Also...

Please download aswMBR.exe to your desktop.
  • Double-click aswMBR.exe to run it.
  • When prompted to download the latest Avast! virus definitions, please choose No
  • Click the Scan button to start scan.
  • Wait until it says, 'Scan finished successfully'. ( Note - do not select any Fix at this time)
  • Click Save log, and save it to your desktop.
  • Click Exit.
  • Please post the contents of that log, aswMBR.txt, in your next reply.
There shall also be a file on your desktop named MBR.dat. Right-click that file and select Send To > Compressed (zipped) folder. Please attach that zipped file in your next reply.

------------------------------------------------------

When you run this tool, remember to choose 'Skip' not 'Cure' if it finds something. We just want a scan, not a fix.

Download tdsskiller.exe and Save it to your Desktop.

Double-click tdsskiller.exe and click 'Run'

Click Change parameters then under 'Additional options' check the 'Detect TDLFS file system' > OK.

Click 'Start scan'.

If no infection is found, click 'Close' and let me know.

If an infection is found, select 'Skip' from the dropdown menu under 'Cure' then click 'Continue' > 'Close' > 'Close'.

It will produce a log here > C:\TDSSKiller.2.7.38.0_date_time_log.txt

Please navigate to the file, double-click to open it, and copy/paste the contents in your next reply.

------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 06-06-2012, 11:09 PM   #3
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Due to lack of response, this topic will now be closed. If you need continued support, please begin a new thread, and provide a link to this topic. This applies only to the original topic starter. Everyone else please begin a New Topic, after following the steps outlined here:

IMPORTANT - Read This Before Posting For Malware Removal Help

------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] WinXP SP3; IPC error, Shutdown Issues and Taskbar Color issues
Reposting from this link as advised: https://www.techsupportforum.com/forums/f10/external-drive-cam-detection-task-bar-going-grey-627991.html Hi Experts, I wanted to be update to get best performance and removed some services from running along with changes to MSconfig and ended up in...
protocoder Resolved HJT Threads 22 02-18-2012 05:04 AM
XP Anti-Virus 2011
I have this Virus called XP Anti-Virus 2011, i restarted my computer and tryed safe mode, but the start menu wont load in any mode, i cant open Firefox to download any anti virus or anything it blocked it, all my icons/start menu is gone it just shows background. Ive tryed looking on google but...
Plus2112 Inactive Malware Help Topics 13 06-10-2011 09:34 AM
Customised malware attacks grow increasingly widespread
The rising popularity of custom malware and the inability of antivirus software to keep pace poses potent challenges for enterprises trying to keep their systems secure. It's no secret that the goal of modern malware writers is to create attack software that is stealthy and flows undetected for...
Glaswegian Computer Security News 0 03-21-2011 02:35 PM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 04:15 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2019, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2019 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2019 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts