Inactive 8 Steps Finished

[turbokat]

ok got them done:

Malware Bytes found no infected files, so posting log seems pointless I think

GMER:

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2010-11-12 10:46:55
Windows 6.0.6002 Service Pack 2
Running: vnh46j5s.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x0E 0x0A 0xBA 0x73 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x8A 0x7F 0xC2 0x08 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xFC 0xFC 0x44 0xB2 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x34 0x84 0x2E 0x7D ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x8A 0x7F 0xC2 0x08 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xFC 0xFC 0x44 0xB2 ...

---- EOF - GMER 1.0.15 ----



DDS


DDS (Ver_10-11-10.01) - NTFS_AMD64
Run by Jillian at 10:48:21.06 on 12/11/2010
Internet Explorer: 8.0.6001.18975 BrowserJavaVersion: 1.6.0_22
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.2.1033.18.4028.2396 [GMT -5:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Desktop Calendar\Desktop Calendar.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\SysWOW64\rpcnet.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\conime.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Jillian\Downloads\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://sympatico.msn.ca/default.aspx?lang=en-ca
uDefault_Page_URL = hxxp://sympatico.msn.ca/default.aspx?lang=en-ca
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
BHO: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No File
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - No File
BHO: {AA58ED58-01DD-4d91-8333-CF10577473F7} - No File
BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No File
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
TB: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
uRun: [Desktop Calendar] C:\Program Files (x86)\Desktop Calendar\Desktop Calendar.exe
uRun: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [BatteryCare] "C:\Program Files (x86)\BatteryCare\BatteryCare.exe"
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
mRun: [LoJackForLaptops] C:\Program Files (x86)\LFLInstall\InstallManager.exe /d60 /dd1 /bd0
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2
mRun: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [Absolute Notifier] "C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
StartupFolder: C:\Users\Jillian\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files\Dell\DellDock\DellDock.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC}
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C}
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {21BB8360-F943-447E-98F3-3C22345375A7} - hxxp://games.bigfishgames.com/en_chocolatier/online/ChocolatierWeb.1.0.0.13.cab
DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/mjss/MJSS.cab109791.cab
DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} - hxxp://aolsvc.aol.com/onlinegames/luxor/mjolauncher.cab
DPF: {87056D28-9730-4A47-B9F9-7E890B62C58A} - hxxp://aolsvc.aol.com/onlinegames/ghtumblebugs/axhost.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D40F5876-A494-4124-8161-82625BB28C06} - hxxp://games.bigfishgames.com/en_chocolatier-2-secret-ingredients/online/Chocolatier2Web.1.0.0.10.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
SEH: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File
BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL
BHO-X64: McAfee Phishing Filter - No File
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101102215131.dll
BHO-X64: scriptproxy - No File
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
TB-X64: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun-x64: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
mRun-x64: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
mRun-x64: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
mRun-x64: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray64.exe
mRun-x64: [IgfxTray] C:\Windows\system32\igfxtray.exe
mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe

================= FIREFOX ===================

FF - ProfilePath - C:\Users\Jillian\AppData\Roaming\Mozilla\Firefox\Profiles\61eiwow8.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - google.ca
FF - prefs.js: keyword.URL - hxxp://serp.freecause.com/?sid=60399&cuid=&userid=43584715&q=
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - component: C:\Users\Jillian\AppData\Roaming\Mozilla\Firefox\Profiles\61eiwow8.default\extensions\{091dc955-8128-4a3d-bd56-88e400cc28c6}\components\Engine.dll
FF - component: C:\Users\Jillian\AppData\Roaming\Mozilla\Firefox\Profiles\61eiwow8.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
FF - component: C:\Users\Jillian\AppData\Roaming\Mozilla\Firefox\Profiles\61eiwow8.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Users\Jillian\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
FF - plugin: C:\Users\Jillian\AppData\Roaming\Mozilla\Firefox\Profiles\61eiwow8.default\extensions\activegs@freetoolsassociation.com\platform\WINNT_x86-msvc\plugins\npActiveGS.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;C:\Windows\System32\drivers\Lbd.sys [2010-11-7 69152]
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2009-7-9 529128]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2009-7-9 55856]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2010-11-12 121936]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\System32\drivers\mfenlfk.sys [2010-8-16 75032]
R1 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2010-8-16 283360]
R2 AbsoluteNotifier;Absolute Notifier;C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe [2010-10-8 10408]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe [2009-7-9 89600]
R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2008-1-20 27648]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2010-11-12 20048]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2010-11-12 61008]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-11-12 40384]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
R2 McMPFSvc;McAfee Personal Firewall Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2010-8-16 355440]
R2 McNaiAnn;McAfee VirusScan Announcer;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2010-8-16 355440]
R2 McProxy;McAfee Proxy Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [2010-8-16 355440]
R2 McShield;McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2010-8-16 200056]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2010-8-16 245352]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-8-16 149032]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-11-8 1153368]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2010-8-16 62800]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2009-7-9 160704]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2009-7-9 126464]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-7-9 252928]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2009-7-9 190136]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2010-8-16 441328]
R3 OA008Ufd;Creative Camera OA008 Upper Filter Driver;C:\Windows\System32\drivers\OA008Ufd.sys [2009-3-6 159840]
R3 OA008Vid;Creative Camera OA008 Function Driver;C:\Windows\System32\drivers\OA008Vid.sys [2009-5-6 313696]
S2 0216711289552428mcinstcleanup;McAfee Application Installer Cleanup (0216711289552428);C:\Windows\TEMP\021671~1.EXE C:\PROGRA~2\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service --> C:\Windows\TEMP\021671~1.EXE C:\PROGRA~2\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-6-24 135664]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-9-23 1375992]
S3 avast! Mail Scanner;avast! Mail Scanner;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-11-12 40384]
S3 avast! Web Scanner;avast! Web Scanner;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-11-12 40384]
S3 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2010-9-23 17440]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 mfebopk;McAfee Inc. mfebopk;C:\Windows\System32\drivers\mfebopk.sys [2009-7-9 41032]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2010-8-16 94864]
S3 mferkdk;McAfee Inc. mferkdk;C:\Windows\System32\drivers\mferkdk.sys [2009-7-9 40904]
S3 mfesmfk;McAfee Inc. mfesmfk;C:\Windows\System32\drivers\mfesmfk.sys [2009-7-9 49480]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 qcusbser;ACER Android USB Device for Legacy Serial Communication;C:\Windows\System32\drivers\qcusbser.sys [2009-8-14 120960]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-4-19 50688]
S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\BatteryCare\WinRing0x64.sys [2008-7-26 14544]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2010-11-7 89920]

=============== File Associations ===============

JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*

=============== Created Last 30 ================

2010-11-12 06:09:01 61008 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2010-11-12 06:08:09 38848 ----a-w- C:\Windows\avastSS.scr
2010-11-12 06:03:29 2409784 ----a-w- C:\Program Files\Windows Mail\OESpamFilter.dat
2010-11-12 06:03:29 2409784 ----a-w- C:\Program Files (x86)\Windows Mail\OESpamFilter.dat
2010-11-10 04:24:30 -------- d-----w- C:\Program Files\Perfect Uninstaller
2010-11-09 05:07:14 388096 ----a-r- C:\Users\Jillian\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-11-08 06:37:30 -------- d-----w- C:\Users\Jillian\DoctorWeb
2010-11-08 05:33:06 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2010-11-08 00:54:16 -------- d-----w- C:\DivX Movies
2010-11-07 23:57:24 69152 ----a-w- C:\Windows\System32\drivers\Lbd.sys
2010-11-07 23:54:20 -------- dc-h--w- C:\PROGRA~3\{E961CE1B-C3EA-4882-9F67-F859B555D097}
2010-11-07 23:45:36 -------- d-----w- C:\Program Files\Windows Portable Devices
2010-11-07 23:45:36 -------- d-----w- C:\Program Files (x86)\Windows Portable Devices
2010-11-07 23:25:46 167424 ----a-w- C:\Program Files\Windows Portable Devices\sqmapi.dll
2010-11-07 23:24:26 4096 ----a-w- C:\Windows\SysWow64\oleaccrc.dll
2010-11-07 23:24:25 736256 ----a-w- C:\Windows\System32\UIAutomationCore.dll
2010-11-07 23:24:25 555520 ----a-w- C:\Windows\SysWow64\UIAutomationCore.dll
2010-11-07 23:24:25 4096 ----a-w- C:\Windows\System32\oleaccrc.dll
2010-11-07 23:24:25 315904 ----a-w- C:\Windows\System32\oleacc.dll
2010-11-07 23:24:25 234496 ----a-w- C:\Windows\SysWow64\oleacc.dll
2010-11-07 23:24:05 754688 ----a-w- C:\Windows\SysWow64\webservices.dll
2010-11-07 23:24:05 1103872 ----a-w- C:\Windows\System32\webservices.dll
2010-11-07 23:17:00 -------- d-----w- C:\Users\Jillian\{23196ab2-c9c6-44d9-a74d-10d1b2846171}
2010-11-07 16:37:52 92672 ----a-w- C:\Windows\SysWow64\UIAnimation.dll
2010-11-07 16:37:52 103424 ----a-w- C:\Windows\System32\UIAnimation.dll
2010-11-07 16:37:51 3815424 ----a-w- C:\Windows\System32\UIRibbon.dll
2010-11-07 16:37:51 1164800 ----a-w- C:\Windows\SysWow64\UIRibbonRes.dll
2010-11-07 16:37:51 1164800 ----a-w- C:\Windows\System32\UIRibbonRes.dll
2010-11-07 16:37:50 3023360 ----a-w- C:\Windows\SysWow64\UIRibbon.dll
2010-11-07 16:14:38 1927680 ----a-w- C:\Windows\System32\gameux.dll
2010-11-07 16:14:38 1696256 ----a-w- C:\Windows\SysWow64\gameux.dll
2010-11-07 16:14:36 4240384 ----a-w- C:\Windows\SysWow64\GameUXLegacyGDFs.dll
2010-11-07 16:14:36 32256 ----a-w- C:\Windows\System32\Apphlpdm.dll
2010-11-07 16:14:36 28672 ----a-w- C:\Windows\SysWow64\Apphlpdm.dll
2010-11-07 16:14:35 4240384 ----a-w- C:\Windows\System32\GameUXLegacyGDFs.dll
2010-11-07 16:06:27 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite
2010-11-07 15:38:51 -------- d-----w- C:\Windows\SysWow64\vi-VN
2010-11-07 15:38:51 -------- d-----w- C:\Windows\SysWow64\eu-ES
2010-11-07 15:38:51 -------- d-----w- C:\Windows\SysWow64\ca-ES
2010-11-07 15:38:51 -------- d-----w- C:\Windows\System32\eu-ES
2010-11-07 15:38:51 -------- d-----w- C:\Windows\System32\ca-ES
2010-11-07 15:38:50 -------- d-----w- C:\Windows\System32\vi-VN
2010-11-07 07:21:33 3584 ----a-w- C:\Windows\System32\drivers\en-US\hdaudbus.sys.mui
2010-11-07 07:21:11 56320 ----a-w- C:\Windows\System32\compcln.exe
2010-11-07 07:21:03 7680 ----a-w- C:\Windows\System32\drivers\en-US\bthport.sys.mui
2010-11-07 07:20:24 946688 ----a-w- C:\Windows\System32\scavenge.dll
2010-11-07 07:17:55 166400 ----a-w- C:\Windows\SysWow64\puiapi.dll
2010-11-07 07:16:58 52224 ----a-w- C:\Windows\System32\cmmon32.exe
2010-11-07 07:15:59 269288 ----a-w- C:\Windows\System32\drivers\volsnap.sys
2010-11-07 07:15:56 1433600 ----a-w- C:\Windows\System32\VSSVC.exe
2010-11-07 07:15:55 372736 ----a-w- C:\Windows\System32\w32time.dll
2010-11-07 07:15:43 67048 ----a-w- C:\Windows\System32\drivers\volmgr.sys
2010-11-07 07:15:43 408024 ----a-w- C:\Windows\System32\drivers\volmgrx.sys
2010-11-07 06:59:41 -------- d-----w- C:\b87506e471afb999cf
2010-11-07 04:56:22 -------- d-----w- C:\Windows\Paradise Beach 2 - Around the World
2010-11-07 04:56:22 -------- d-----w- C:\Program Files (x86)\Paradise Beach 2 - Around the World
2010-11-07 04:55:56 -------- d-----w- C:\Windows\SysWow64\2053
2010-11-03 19:48:40 -------- d-----w- C:\Users\Jillian\AppData\Local\Absolute_Software
2010-11-01 16:53:02 -------- d-----w- C:\Windows\System32\EventProviders
2010-11-01 16:08:05 -------- d-----w- C:\Users\Jillian\AppData\Local\Sunbelt Software
2010-11-01 04:20:31 -------- d-----w- C:\Program Files (x86)\Absolute Software
2010-11-01 04:20:11 29184 ----a-w- C:\Windows\SysWow64\CtLoJack.dll
2010-10-30 20:43:28 78768 ----a-w- C:\Windows\SysWow64\AbtSvcHost_.exe
2010-10-29 02:14:37 -------- d-----w- C:\Program Files (x86)\TuneUpMedia
2010-10-29 02:14:31 -------- d-----w- C:\Users\Jillian\AppData\Roaming\TuneUpMedia
2010-10-29 02:14:18 -------- d-----w- C:\PROGRA~3\TuneUpMedia
2010-10-29 02:14:00 -------- d-----w- C:\Users\Jillian\AppData\Roaming\FrostWire
2010-10-29 02:13:56 -------- d-----w- C:\Users\Jillian\AppData\Local\OpenCandy
2010-10-29 02:13:54 -------- d-----w- C:\Users\Jillian\AppData\Roaming\OpenCandy
2010-10-29 02:13:40 -------- d-----w- C:\Program Files (x86)\FrostWire
2010-10-20 16:12:14 -------- d-----w- C:\Users\Jillian\AppData\Roaming\Mobipocket
2010-10-20 16:03:19 240944 ----a-w- C:\Windows\SysWow64\RICHED.DLL
2010-10-20 16:03:19 212240 ----a-w- C:\Windows\SysWow64\RICHTX32.OCX
2010-10-18 17:24:19 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2010-10-18 17:24:19 2048 ----a-w- C:\Windows\System32\tzres.dll
2010-10-18 17:22:52 621568 ----a-w- C:\Windows\System32\usp10.dll
2010-10-18 17:22:52 502272 ----a-w- C:\Windows\SysWow64\usp10.dll
2010-10-18 17:22:29 171008 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2010-10-18 17:22:29 168960 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2010-10-18 17:22:26 8147968 ----a-w- C:\Windows\System32\wmploc.DLL
2010-10-18 17:22:26 8147456 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2010-10-18 17:14:04 867328 ----a-w- C:\Windows\SysWow64\wmpmde.dll
2010-10-18 17:14:04 1090048 ----a-w- C:\Windows\System32\wmpmde.dll

==================== Find3M ====================

2010-11-12 14:53:02 57752 ----a-w- C:\Windows\SysWow64\rpcnet.dll
2010-11-03 15:51:40 49752 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
2010-10-14 02:28:54 9984 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys
2010-10-14 02:28:54 94864 ----a-w- C:\Windows\System32\drivers\mferkdet.sys
2010-10-14 02:28:54 75032 ----a-w- C:\Windows\System32\drivers\mfenlfk.sys
2010-10-14 02:28:54 62800 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2010-10-14 02:28:54 529128 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
2010-10-14 02:28:54 441328 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2010-10-14 02:28:54 283360 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2010-10-14 02:28:54 190136 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2010-10-14 02:28:54 121248 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
2010-09-15 08:50:37 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2010-09-08 06:41:05 1147904 ----a-w- C:\Windows\System32\wininet.dll
2010-09-08 06:36:53 56832 ----a-w- C:\Windows\System32\licmgr10.dll
2010-09-08 06:36:38 1538560 ----a-w- C:\Windows\System32\inetcpl.cpl
2010-09-08 06:36:24 132096 ----a-w- C:\Windows\System32\iesysprep.dll
2010-09-08 06:36:23 77312 ----a-w- C:\Windows\System32\iesetup.dll
2010-09-08 06:01:28 916480 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-09-08 05:57:18 43520 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2010-09-08 05:57:05 1469440 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2010-09-08 05:56:53 71680 ----a-w- C:\Windows\SysWow64\iesetup.dll
2010-09-08 05:56:53 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2010-09-08 05:36:07 479232 ----a-w- C:\Windows\System32\html.iec
2010-09-08 05:04:36 385024 ----a-w- C:\Windows\SysWow64\html.iec
2010-09-08 04:51:18 162816 ----a-w- C:\Windows\System32\ieUnatt.exe
2010-09-08 04:49:56 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2010-09-08 04:26:46 133632 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2010-09-08 04:25:15 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-09-06 18:28:38 179712 ----a-w- C:\Windows\System32\srvsvc.dll
2010-09-06 18:28:38 12288 ----a-w- C:\Windows\System32\sscore.dll
2010-09-06 18:27:03 17920 ----a-w- C:\Windows\System32\netevent.dll
2010-09-06 16:20:29 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
2010-09-06 16:19:06 17920 ----a-w- C:\Windows\SysWow64\netevent.dll
2010-09-06 15:34:14 451584 ----a-w- C:\Windows\System32\drivers\srv.sys
2010-09-06 15:33:51 175104 ----a-w- C:\Windows\System32\drivers\srv2.sys
2010-09-06 15:33:49 145920 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2010-08-31 17:27:07 633856 ----a-w- C:\Windows\System32\comctl32.dll
2010-08-31 15:46:37 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll
2010-08-31 15:46:37 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll
2010-08-31 15:44:31 531968 ----a-w- C:\Windows\SysWow64\comctl32.dll
2010-08-31 14:57:39 2753024 ----a-w- C:\Windows\System32\win32k.sys
2010-08-26 17:46:52 189952 ----a-w- C:\Windows\System32\t2embed.dll
2010-08-26 17:40:08 100352 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2010-08-26 17:40:07 331776 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2010-08-26 17:40:07 284672 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2010-08-26 16:37:45 157184 ----a-w- C:\Windows\SysWow64\t2embed.dll
2010-08-26 16:33:06 173056 ----a-w- C:\Windows\apppatch\AcXtrnal.dll
2010-08-26 16:33:04 542720 ----a-w- C:\Windows\apppatch\AcLayers.dll
2010-08-26 16:33:04 458752 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2010-08-26 16:33:04 2159616 ----a-w- C:\Windows\apppatch\AcGenral.dll
2010-08-26 00:45:04 161304 ----a-w- C:\Windows\System32\igfxtray.exe
2010-08-26 00:45:00 508952 ----a-w- C:\Windows\System32\igfxsrvc.exe
2010-08-26 00:45:00 415256 ----a-w- C:\Windows\System32\igfxpers.exe
2010-08-26 00:44:56 223768 ----a-w- C:\Windows\System32\igfxext.exe
2010-08-26 00:44:54 386584 ----a-w- C:\Windows\System32\hkcmd.exe
2010-08-26 00:44:52 3156504 ----a-w- C:\Windows\System32\GfxUI.exe
2010-08-26 00:44:48 152600 ----a-w- C:\Windows\System32\difx64.exe
2010-08-26 00:40:48 90112 ----a-w- C:\Windows\System32\igfxCoIn_v2202.dll
2010-08-26 00:36:04 10611552 ----a-w- C:\Windows\System32\drivers\igdkmd64.sys
2010-08-26 00:36:02 6547968 ----a-w- C:\Windows\System32\igdumd64.dll
2010-08-26 00:31:30 4967424 ----a-w- C:\Windows\SysWow64\igdumd32.dll
2010-08-26 00:28:22 571904 ----a-w- C:\Windows\SysWow64\igdumdx32.dll
2010-08-26 00:26:32 4720128 ----a-w- C:\Windows\System32\igd10umd64.dll
2010-08-26 00:23:14 4411904 ----a-w- C:\Windows\SysWow64\igd10umd32.dll
2010-08-26 00:17:38 15032832 ----a-w- C:\Windows\System32\ig4icd64.dll
2010-08-26 00:09:34 11040256 ----a-w- C:\Windows\SysWow64\ig4icd32.dll
2010-08-26 00:04:48 380416 ----a-w- C:\Windows\System32\igfxTMM.dll
2010-08-26 00:04:48 243200 ----a-w- C:\Windows\System32\igfxpph.dll
2010-08-26 00:04:40 27648 ----a-w- C:\Windows\System32\igfxexps.dll
2010-08-26 00:04:28 61952 ----a-w- C:\Windows\System32\igfxsrvc.dll
2010-08-26 00:04:00 108032 ----a-w- C:\Windows\System32\hccutils.dll
2010-08-26 00:03:50 4096 ----a-w- C:\Windows\System32\IGFXDEVLib.dll
2010-08-26 00:03:50 271360 ----a-w- C:\Windows\System32\igfxdev.dll
2010-08-26 00:03:50 119808 ----a-w- C:\Windows\System32\gfxSrvc.dll
2010-08-26 00:03:24 87552 ----a-w- C:\Windows\System32\igfxrenu.lrc
2010-08-26 00:03:18 830464 ----a-w- C:\Windows\System32\igfxress.dll
2010-08-26 00:03:18 142336 ----a-w- C:\Windows\System32\igfxdo.dll
2010-08-26 00:00:00 23552 ----a-w- C:\Windows\SysWow64\igfxexps32.dll
2010-08-25 23:59:06 228864 ----a-w- C:\Windows\SysWow64\igfxdv32.dll
2010-08-17 14:54:20 273920 ----a-w- C:\Windows\System32\spoolsv.exe

============= FINISH: 10:50:11.65 ===============


Attach:


==== Installed Programs ======================


Absolute Notifier
Acrobat.com
Ad-Aware
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Reader 9.4.0
Adobe Setup
Adobe Shockwave Player 11.5
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Advanced Audio FX Engine
Akamai NetSession Interface
Apple Application Support
Apple Software Update
Ask Toolbar
µTorrent
avast! Free Antivirus
BatteryCare
BufferChm
CCleaner
CDisplay 1.8
Compatibility Pack for the 2007 Office system
Copy
CopyPod (remove only)
CopyTrans Suite Remove Only
CustomerResearchQFolder
DAEMON Tools Toolbar
DC++ 0.761
Dell Getting Started Guide
Dell Video Chat
Dell Webcam Central
Desktop Calendar 0.43b
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Setup
DivX Version Checker
DJ_AIO_03_F4200_ProductContext
DJ_AIO_03_F4200_Software
DJ_AIO_03_F4200_Software_Min
EA Download Manager
EA Download Manager UI
eSupportQFolder
F4200
F4200_Help
Facebook Plug-In
FrostWire 4.21.1
Google Toolbar for Internet Explorer
Google Update Helper
GoToAssist 8.0.0.514
GPBaseService
HiJackThis
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Photosmart Essential 2.5
HP Update
HPProductAssistant
HPSSupply
ImTOO iPod Computer Transfer
iTunes
Java Auto Updater
Java(TM) 6 Update 22
Junk Mail filter update
Live! Cam Avatar Creator
Magic ISO Maker v5.5 (build 0281)
Malwarebytes' Anti-Malware
MarketResearch
McAfee Security Scan Plus
McAfee SecurityCenter
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
Microsoft WSE 3.0 Runtime
Mobipocket Reader 6.2
Mozilla Firefox (3.6.12)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Norton Security Scan
NVIDIA PhysX
OpenOffice.org 3.1
Pando Media Booster
PDF Settings
PowerDVD DX
Prankhouse
Project64 1.6
PSSWCORE
QuickTime
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Scan
SD Formatter
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB2288953)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB982124)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Skype Toolbars
Skype™ 4.2
SmartWebPrintingOC
SolutionCenter
Spelling Dictionaries Support For Adobe Reader 9
Spybot - Search & Destroy
Status
Sympatico / MSN Toolbar
The Sims™ 3
Theme Park World Fix
Toolbox
TrayApp
TS3 Install Helper Monkey
TuneUp Companion 1.9.0
UnloadSupport
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2443839)
VC80CRTRedist - 8.0.50727.4053
VideoToolkit01
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 1.0.3
WebReg
Windows Live Call
Windows Live Communications Platform
Windows Live Mail
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
WinRAR archiver

==== End Of File ===========================

 

[turbokat]

Oh i didn't actually give any details on the issues I am currently having with my computer, there are many..

-can't save any word, powerpoint, excel documents etc. (also have openoffice on my computer and those programs won't save anythin either)
-can't install many things, and if they do install it will not create any shortcuts for either my desktop or my start panel
-many programs I try to open (dell webcam, skype) just bring up a screen that says 'X' has stopped working, windows is checking for a solution to the problem
-Ad-aware is stuck at the loading screen
-I'm sure there's more issues but thats a start

 

[Broni]

Welcome aboard

Download SUPERAntiSpyware Free for Home Users:
http://www.superantispyware.com/

• Double-click SUPERAntiSpyware.exe and use the default settings for installation.
• An icon will be created on your desktop. Double-click that icon to launch the program.
• If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here: http://www.superantispyware.com/definitions.html.)
• Close SUPERAntiSpyware.

Restart computer in Safe Mode.
To enter Safe Mode, restart computer, and keep tapping F8 key, until menu appears; pick Safe Mode; you'll see "Safe Mode" in all four corners of your screen

• Open SUPERAntiSpyware.
• Under "Configuration and Preferences", click the Preferences button.
• Click the Scanning Control tab.
• Under Scanner Options make sure the following are checked (leave all others unchecked):
  • Close browsers before scanning.
  • Terminate memory threats before quarantining.
• Click the "Close" button to leave the control center screen.
• Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
• On the left, make sure you check C:\Fixed Drive.
• On the right, under "Complete Scan", choose Perform Complete Scan.
• Click "Next" to start the scan. Please be patient while it scans your computer.
• After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
• Make sure everything has a checkmark next to it and click "Next".
• A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
• If asked if you want to reboot, click "Yes".
• To retrieve the removal information after reboot, launch SUPERAntispyware again.
  • Click Preferences, then click the Statistics/Logs tab.
  • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
  • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
  • Copy and paste the Scan Log results in your next reply.
• Click Close to exit the program.

Post SUPERAntiSpyware log.

===================================================================

Download MBRCheck to your desktop

Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
It will show a black screen with some data on it.
Enter N to exit.
A report called MBRcheckxxxx.txt will be on your desktop
Open this report and post its content in your next reply.

 

[turbokat]

can't install superantispyware because it couldnt create shortcuts

all it says is "error creating shortcuts, aborting installation." then it closes

MBR Check:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 64-bit
Base Board Manufacturer: Dell Inc.
BIOS Manufacturer: Dell Inc.
System Manufacturer: Dell Inc.
System Product Name: Studio 1555
Logical Drives Mask: 0x0000003c

Kernel Drivers (total 159):
0x02407000 \SystemRoot\system32\ntoskrnl.exe
0x0291E000 \SystemRoot\system32\hal.dll
0x00609000 \SystemRoot\system32\kdcom.dll
0x00613000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x0064E000 \SystemRoot\system32\PSHED.dll
0x00662000 \SystemRoot\system32\CLFS.SYS
0x006BF000 \SystemRoot\system32\CI.dll
0x0080D000 \SystemRoot\system32\drivers\Wdf01000.sys
0x008E7000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00A00000 \SystemRoot\System32\Drivers\spmr.sys
0x00B26000 \SystemRoot\System32\Drivers\WMILIB.SYS
0x00B2F000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
0x00B5D000 \SystemRoot\system32\drivers\acpi.sys
0x00BB3000 \SystemRoot\system32\drivers\msisadrv.sys
0x00BBD000 \SystemRoot\system32\drivers\pci.sys
0x008F5000 \SystemRoot\System32\drivers\partmgr.sys
0x00BED000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00BF1000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x0090A000 \SystemRoot\system32\drivers\volmgr.sys
0x0091E000 \SystemRoot\System32\drivers\volmgrx.sys
0x00984000 \SystemRoot\System32\drivers\mountmgr.sys
0x00997000 \SystemRoot\system32\drivers\atapi.sys
0x0099F000 \SystemRoot\system32\drivers\ataport.SYS
0x009C3000 \SystemRoot\system32\drivers\msahci.sys
0x009CD000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x00771000 \SystemRoot\system32\drivers\fltmgr.sys
0x009DD000 \SystemRoot\system32\drivers\fileinfo.sys
0x00C03000 \SystemRoot\system32\drivers\mfehidk.sys
0x00C82000 \SystemRoot\system32\DRIVERS\Lbd.sys
0x00C97000 \SystemRoot\System32\Drivers\PxHlpa64.sys
0x00CA4000 \SystemRoot\System32\Drivers\ksecdd.sys
0x00E06000 \SystemRoot\system32\drivers\ndis.sys
0x00D2B000 \SystemRoot\system32\drivers\msrpc.sys
0x00D7B000 \SystemRoot\system32\drivers\NETIO.SYS
0x01007000 \SystemRoot\System32\drivers\tcpip.sys
0x0117D000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x0120D000 \SystemRoot\System32\Drivers\Ntfs.sys
0x0138D000 \SystemRoot\system32\drivers\volsnap.sys
0x013D1000 \SystemRoot\System32\Drivers\spldr.sys
0x013D9000 \SystemRoot\System32\Drivers\mup.sys
0x011A9000 \SystemRoot\System32\drivers\ecache.sys
0x013EB000 \SystemRoot\system32\drivers\disk.sys
0x00FC9000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x01200000 \SystemRoot\system32\drivers\crcdisk.sys
0x00DD4000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x00FF5000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x02401000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
0x02E20000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x02F03000 \SystemRoot\System32\drivers\watchdog.sys
0x02F13000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x02F1F000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x02F65000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x03005000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x03202000 \SystemRoot\system32\DRIVERS\bcmwl664.sys
0x0337A000 \SystemRoot\system32\DRIVERS\k57nd60a.sys
0x033BD000 \SystemRoot\system32\DRIVERS\ohci1394.sys
0x033CF000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
0x033DF000 \SystemRoot\system32\DRIVERS\sdbus.sys
0x030F2000 \SystemRoot\system32\DRIVERS\rimmpx64.sys
0x03107000 \SystemRoot\system32\DRIVERS\rimspx64.sys
0x0311E000 \SystemRoot\system32\DRIVERS\rixdpx64.sys
0x03175000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x0318B000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x03199000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x03200000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x031DF000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x02F76000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x02F92000 \SystemRoot\System32\Drivers\aoaamzuz.SYS
0x031EB000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x02FD7000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x03000000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x007B8000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x03409000 \SystemRoot\system32\DRIVERS\storport.sys
0x03466000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x03473000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x03496000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x034A2000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x034D3000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x034E3000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x03501000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x03519000 \SystemRoot\system32\DRIVERS\termdd.sys
0x0352C000 \SystemRoot\system32\DRIVERS\swenum.sys
0x0352E000 \SystemRoot\system32\DRIVERS\ks.sys
0x03562000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x0356D000 \SystemRoot\system32\DRIVERS\umbus.sys
0x0357D000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x035C5000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x0400A000 \SystemRoot\system32\DRIVERS\stwrt64.sys
0x04083000 \SystemRoot\system32\DRIVERS\portcls.sys
0x040BE000 \SystemRoot\system32\DRIVERS\drmk.sys
0x040E1000 \SystemRoot\system32\drivers\ksthunk.sys
0x040E7000 \SystemRoot\system32\drivers\IntcHdmi.sys
0x0410B000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x04115000 \SystemRoot\System32\Drivers\Null.SYS
0x0411E000 \SystemRoot\System32\drivers\vga.sys
0x0412C000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x04151000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x0416D000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x04176000 \SystemRoot\system32\drivers\rdpencdd.sys
0x0417F000 \SystemRoot\System32\Drivers\Msfs.SYS
0x0418A000 \SystemRoot\System32\Drivers\Npfs.SYS
0x0419B000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x041A4000 \SystemRoot\system32\drivers\mfewfpk.sys
0x035D9000 \SystemRoot\system32\DRIVERS\tdx.sys
0x0420F000 \SystemRoot\system32\DRIVERS\OA008Vid.sys
0x0425C000 \SystemRoot\System32\Drivers\aswTdi.SYS
0x0426C000 \SystemRoot\system32\DRIVERS\OA008Ufd.sys
0x04294000 \SystemRoot\system32\DRIVERS\smb.sys
0x042AF000 \SystemRoot\system32\DRIVERS\CtClsFlt.sys
0x042D7000 \SystemRoot\System32\DRIVERS\netbt.sys
0x0431B000 \SystemRoot\system32\drivers\afd.sys
0x04386000 \SystemRoot\System32\Drivers\aswRdr.SYS
0x04390000 \SystemRoot\system32\DRIVERS\pacer.sys
0x043AE000 \SystemRoot\system32\DRIVERS\mfenlfk.sys
0x043BF000 \SystemRoot\system32\DRIVERS\netbios.sys
0x043CE000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x0460F000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x0465C000 \SystemRoot\system32\drivers\nsiproxy.sys
0x04668000 \SystemRoot\System32\Drivers\dfsc.sys
0x04685000 \SystemRoot\System32\Drivers\aswSP.SYS
0x046A8000 \SystemRoot\system32\drivers\mfeavfk.sys
0x046D5000 \SystemRoot\system32\drivers\mfefirek.sys
0x0473F000 \SystemRoot\System32\Drivers\crashdmp.sys
0x0474D000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x04759000 \SystemRoot\System32\Drivers\dump_msahci.sys
0x000E0000 \SystemRoot\System32\win32k.sys
0x04763000 \SystemRoot\System32\drivers\Dxapi.sys
0x004B0000 \SystemRoot\System32\TSDDD.dll
0x006D0000 \SystemRoot\System32\cdd.dll
0x00820000 \SystemRoot\System32\ATMFD.DLL
0x04782000 \SystemRoot\system32\drivers\luafv.sys
0x047A4000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
0x047DE000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0x15A0A000 \SystemRoot\system32\drivers\spsys.sys
0x15AA4000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x15AB8000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x15AEC000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x15AF7000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x15B0F000 \SystemRoot\system32\drivers\HTTP.sys
0x15BB2000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x15BDB000 \SystemRoot\system32\DRIVERS\bowser.sys
0x02FE0000 \SystemRoot\System32\drivers\mpsdrv.sys
0x011D5000 \SystemRoot\system32\drivers\mrxdav.sys
0x1620A000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x16233000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x1627C000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x1629B000 \SystemRoot\System32\DRIVERS\srv2.sys
0x162CD000 \SystemRoot\System32\DRIVERS\srv.sys
0x17005000 \SystemRoot\system32\drivers\peauth.sys
0x170BB000 \SystemRoot\System32\Drivers\fastfat.SYS
0x170F0000 \SystemRoot\System32\Drivers\secdrv.SYS
0x170FB000 \SystemRoot\System32\drivers\tcpipreg.sys
0x17138000 \SystemRoot\system32\drivers\BCM42RLY.sys
0x1715D000 \SystemRoot\system32\drivers\cfwids.sys
0x1716B000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x171B6000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x1710B000 \SystemRoot\system32\DRIVERS\monitor.sys
0x17141000 \SystemRoot\system32\drivers\mfeapfk.sys
0x76F90000 \Windows\System32\ntdll.dll

Processes (total 84):
0 System Idle Process
4 System
596 C:\Windows\System32\smss.exe
672 csrss.exe
708 C:\Windows\System32\wininit.exe
728 csrss.exe
764 C:\Windows\System32\services.exe
784 C:\Windows\System32\lsass.exe
792 C:\Windows\System32\lsm.exe
860 C:\Windows\System32\winlogon.exe
976 C:\Windows\System32\svchost.exe
340 C:\Windows\System32\svchost.exe
680 C:\Windows\System32\svchost.exe
756 C:\Windows\System32\svchost.exe
224 C:\Windows\System32\svchost.exe
1028 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\stacsv64.exe
1104 C:\Windows\System32\audiodg.exe
1132 C:\Windows\System32\svchost.exe
1156 C:\Windows\System32\SLsvc.exe
1180 C:\Windows\System32\svchost.exe
1292 C:\Program Files\Dell\DellDock\DockLogin.exe
1416 C:\Windows\System32\svchost.exe
1604 C:\Windows\System32\WLTRYSVC.EXE
1616 C:\Windows\System32\BCMWLTRY.EXE
1624 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
2040 C:\Windows\System32\dwm.exe
1368 C:\Windows\explorer.exe
652 C:\Windows\System32\spoolsv.exe
2000 C:\Windows\System32\taskeng.exe
1216 C:\Windows\System32\svchost.exe
2124 C:\Windows\System32\taskeng.exe
2136 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2504 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
2536 C:\Windows\System32\WLTRAY.EXE
2552 C:\Program Files\Dell\QuickSet\quickset.exe
2560 C:\Program Files\IDT\WDM\sttray64.exe
2576 C:\Windows\System32\hkcmd.exe
2584 C:\Windows\System32\igfxpers.exe
2600 C:\Program Files (x86)\Desktop Calendar\Desktop Calendar.exe
2608 C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
2656 C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe
2812 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe
2824 C:\Windows\SysWOW64\svchost.exe
2860 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2872 C:\Program Files (x86)\Bonjour\mDNSResponder.exe
2916 C:\Windows\SysWOW64\svchost.exe
2964 C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
3056 C:\Windows\System32\svchost.exe
3068 C:\Windows\SysWOW64\rpcnet.exe
2572 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
1704 C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe
2016 C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
2836 C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
2852 C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
916 C:\Program Files\McAfee.com\Agent\mcagent.exe
1284 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
2248 C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
716 C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe
528 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
2444 C:\Windows\System32\igfxsrvc.exe
2704 C:\Windows\System32\svchost.exe
3148 C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
3216 C:\Program Files\Dell\DellDock\DellDock.exe
3236 C:\Windows\System32\svchost.exe
3356 C:\Windows\System32\SearchIndexer.exe
3484 C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
3588 C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
3664 C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
3748 C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
2348 WmiPrvSE.exe
4332 C:\Windows\SysWOW64\conime.exe
4128 C:\Windows\System32\wbem\unsecapp.exe
2084 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
568 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
5300 C:\Windows\splwow64.exe
5072 C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE
5788 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
5312 C:\Program Files (x86)\OpenOffice.org 3\program\simpress.exe
4120 C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
4956 C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
5196 C:\Program Files (x86)\Skype\Phone\Skype.exe
3956 C:\Windows\System32\SearchProtocolHost.exe
5356 C:\Windows\System32\SearchFilterHost.exe
1300 C:\Users\Jillian\Downloads\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000003`abf38a00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000000`02738a00 (NTFS)

PhysicalDrive0 Model Number: WDCWD2500BEVT-75ZCT2, Rev: 11.01A11

Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Dell Inspiron MBR code detected
SHA1: AE3E0A945D44C8EA304A19A8F50F69065C34344B


Done!

 

[Broni]

I'm not sure, if we're dealing with any infection here, but let's take another look...

Download OTL to your Desktop.

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Under the Custom Scan box paste this in:

netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop

• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
• When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

 

[turbokat]

well when the issue first started occuring I did a malware bytes scan and it found 6 things, i'll post that log. And OTL won't open it says OTL has stopped working. and it does a little scan to find out why its not working and it says

"Files that help describe the problem:
C:\Users\Jillian\AppData\Local\Temp\WER4CB5.tmp.version.txt
C:\Users\Jillian\AppData\Local\Temp\WER5F2D.tmp.appcompat.txt
C:\Users\Jillian\AppData\Local\Temp\WER6FD0.tmp.mdmp

so I don't know if maybe i got rid of the virus, and something else is just corrupt within my computer. Is it possible I will have to go to a store or something to get it fixed?


Ok and just went to go search for the malwarebytes log, and obviously it didn't save it, cause nothing it saving on my computer currently -__- thanks so much for your time even if it doesn't end up being a virus, probably just have to end up reformatting or something. Let me know though if you can think of anything else I could do to check if its a virus?

 

[Broni]

Let's see, if we can look at your computer booting from an external source.

Please download OTLPE (filesize 120,9 MB)

• When downloaded double click on OTLPENet.exe and make sure there is a blank CD in your CD drive. This will automatically create a bootable CD.
• Reboot your system using the boot CD you just created.
  • Note : If you do not know how to set your computer to boot from CD follow the steps here
• Your system should now display a REATOGO-X-PE desktop.
• Depending on your type of internet connection, you should be able to get online as well so you can access this topic more easily.
• Double-click on the OTLPE icon.
• When asked Do you wish to load the remote registry, select Yes
• When asked Do you wish to load remote user profile(s) for scanning, select Yes
• Ensure the box Automatically Load All Remaining Users" is checked and press OK
• OTL should now start.
• Press Run Scan to start the scan.
• When finished, the file will be saved in drive C:\OTL.txt
• Copy this file to your USB drive if you do not have internet connection on this system
• Please post the contents of the OTL.txt file in your reply.

 

[turbokat]

Ok I found a CD and installed the reatogo thing on to it, and when I restarted my computer and go into setup it doesn't recognize that there is even a CD in my drive. Am I doing something wrong? or is there seriously something wrong with my computer

 

[Broni]

Please, read the "Note" from in my previous reply.
You may need to set your computer to boot from the CD.

 

[turbokat]

Yeah I went into the boot menu and all.

but its ok, called dell and apparently my hard drive is corrupt or something so getting that replaced in a couple of days

Thank you for all of your help

 

[Broni]

Aha...thanks for letting me know

Good luck