Jump to content

Bobc11

Honorary Members
  • Posts

    813
  • Joined

  • Last visited

Reputation

0 Neutral

About Bobc11

  • Birthday 10/08/1991

Profile Information

  • Location
    Remote Host Closed Socket
  • Interests
    Computers plants
  1. Does anyone have a reccomendation for this? I know about mibbit but Im not too happy with it. Thanks, Bobc11
  2. Only happens on 1 mouse. I prefer to use this mouse though. Is it possibly a driver issue?
  3. Windows 7 64bit SP1 Hey everyone, I reinstalled this PC to a 64 bit edition of windows, now when I do a single click, the program will act as if I did a double click. Why might this be happening? I checked the folder options setting and it is set to double click. Any ideas?
  4. Thanks for your help. By the way, your dogs are really cute! :)

  5. Thanks MrC. I think I might have a bad driver or something for this. Thanks for your help.
  6. It appears to be running ok... however the mouse still freezes every couple of seconds and then unfreezes after 1 second. Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.06.04.04 Windows 7 x86 NTFS Internet Explorer 9.0.8112.16421 angelo :: SHERRY-DELL [administrator] 6/4/2012 11:15:05 AM mbam-log-2012-06-04 (11-15-05).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 190845 Time elapsed: 3 minute(s), 12 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  7. ComboFix 12-06-03.01 - angelo 06/03/2012 11:18:57.2.2 - x86 Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.2046.1404 [GMT -4:00] Running from: c:\users\angelo\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Spybot - Search and Destroy *Enabled/Updated* {1EAF1D03-5480-F3B2-EB14-11F0F5EE2699} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2012-05-03 to 2012-06-03 ))))))))))))))))))))))))))))))) . . 2012-06-03 15:23 . 2012-06-03 15:23 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-06-03 13:37 . 2012-06-03 13:37 -------- d-----w- C:\_OTL 2012-06-03 03:06 . 2012-06-03 03:06 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{196EF7A5-B355-4D27-861C-2C0C3B4919FC}\offreg.dll 2012-06-03 01:43 . 2012-06-03 01:43 -------- d-----w- c:\users\angelo\AppData\Local\Diagnostics 2012-06-02 23:48 . 2012-05-15 05:43 6737808 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{196EF7A5-B355-4D27-861C-2C0C3B4919FC}\mpengine.dll 2012-06-01 20:31 . 2011-06-21 04:09 200976 ----a-w- c:\windows\system32\drivers\tmcomm.sys 2012-06-01 19:31 . 2012-06-01 19:31 -------- d-----w- c:\program files\TeamViewer 2012-06-01 01:34 . 2012-06-01 01:34 -------- d-----w- c:\program files\Mozilla Maintenance Service 2012-06-01 01:34 . 2012-06-01 01:34 157352 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice_installer.exe 2012-06-01 01:34 . 2012-06-01 01:34 129976 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice.exe 2012-06-01 01:30 . 2012-06-01 01:30 12872 ----a-w- c:\windows\system32\bootdelete.exe 2012-06-01 01:28 . 2012-06-01 01:30 -------- d-----w- c:\programdata\HitmanPro 2012-05-31 20:45 . 2012-05-15 05:43 6737808 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-05-22 01:09 . 2012-05-22 01:09 -------- d-----w- c:\windows\system32\SPReview 2012-05-22 01:08 . 2012-05-22 01:08 -------- d-----w- c:\windows\system32\EventProviders 2012-05-22 01:05 . 2012-05-22 01:05 -------- d-----w- c:\programdata\NVIDIA 2012-05-22 01:03 . 2012-05-22 01:03 -------- d-----w- c:\program files\Common Files\Java 2012-05-22 01:02 . 2012-05-22 01:02 -------- d-----w- c:\program files\Oracle 2012-05-22 01:01 . 2012-04-04 22:47 772504 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-05-22 00:53 . 2012-05-22 00:53 -------- d-----w- C:\NVIDIA 2012-05-21 22:05 . 2007-03-22 02:02 37376 ----a-w- c:\windows\system32\drivers\rixdptsk.sys 2012-05-21 22:05 . 2007-02-24 18:42 39936 ----a-w- c:\windows\system32\drivers\rimmptsk.sys 2012-05-21 22:05 . 2007-01-23 20:40 42496 ----a-w- c:\windows\system32\drivers\rimsptsk.sys 2012-05-21 22:05 . 2004-09-04 07:00 90112 ----a-w- c:\windows\system32\snymsico.dll 2012-05-21 22:04 . 2012-05-21 22:04 282756 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll 2012-05-21 22:04 . 2012-05-21 22:04 163972 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll 2012-05-21 22:04 . 2002-12-05 18:12 692224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll 2012-05-21 22:04 . 2002-12-05 18:10 155648 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll 2012-05-21 22:04 . 2002-12-02 19:22 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe 2012-05-21 22:04 . 2002-12-02 17:33 57344 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll 2012-05-21 22:04 . 2002-12-02 17:33 237568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll 2012-05-21 21:30 . 2012-05-27 01:29 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2012-05-21 21:29 . 2009-01-25 17:14 15224 ----a-w- c:\windows\system32\sdnclean.exe 2012-05-21 21:29 . 2012-05-21 21:32 -------- d-----w- c:\program files\Spybot - Search & Destroy 2 2012-05-18 01:43 . 2012-05-18 01:43 -------- d-----w- c:\users\angelo\AppData\Roaming\Malwarebytes 2012-05-18 01:43 . 2012-05-18 01:43 -------- d-----w- c:\programdata\Malwarebytes 2012-05-18 01:43 . 2012-04-04 19:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-05-18 01:43 . 2012-05-18 01:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-05-18 01:35 . 2012-05-18 01:35 -------- d-----w- c:\program files\CCleaner 2012-05-18 01:30 . 2012-03-30 10:29 1287024 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-05-18 01:30 . 2012-04-02 04:41 1221632 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2012-05-18 01:30 . 2012-04-02 04:40 989184 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll 2012-05-18 01:30 . 2012-04-02 04:40 969216 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2012-05-18 01:30 . 2012-04-02 04:40 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2012-05-18 01:30 . 2012-04-02 04:46 3902320 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-18 01:30 . 2012-04-02 02:43 2342400 ----a-w- c:\windows\system32\win32k.sys 2012-05-18 01:30 . 2012-04-02 04:46 3958128 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-18 01:30 . 2012-03-17 07:20 56688 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-05-18 01:29 . 2012-03-03 05:40 1170944 ----a-w- c:\windows\system32\d3d10warp.dll 2012-05-18 01:29 . 2012-03-03 05:40 218624 ----a-w- c:\windows\system32\d3d10_1core.dll 2012-05-18 01:29 . 2012-03-03 05:40 1074176 ----a-w- c:\windows\system32\DWrite.dll 2012-05-18 01:29 . 2012-03-03 05:40 739840 ----a-w- c:\windows\system32\d2d1.dll 2012-05-18 01:29 . 2012-03-03 05:40 161792 ----a-w- c:\windows\system32\d3d10_1.dll 2012-05-16 10:25 . 2012-02-09 17:17 713784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9DEF83DB-94BE-4BCA-A372-466A9B0616EA}\gapaengine.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-04-04 22:47 . 2010-07-10 23:18 687504 ----a-w- c:\windows\system32\deployJava1.dll 2012-03-21 00:44 . 2010-10-25 01:25 74112 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2012-03-21 00:44 . 2010-03-26 01:30 171064 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2011-04-25 05:58 . 2011-04-25 05:58 124864 ----a-w- c:\program files\mozilla firefox\plugins\CCMSDK.dll 2011-04-25 06:48 . 2011-04-25 06:48 13760 ----a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll 2011-04-25 06:00 . 2011-04-25 06:00 71104 ----a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll 2011-04-25 05:59 . 2011-04-25 05:59 92096 ----a-w- c:\program files\mozilla firefox\plugins\confmgr.dll 2011-04-25 05:58 . 2011-04-25 05:58 22976 ----a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll 2011-04-25 05:57 . 2011-04-25 05:57 255936 ----a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll 2011-04-25 05:58 . 2011-04-25 05:58 32192 ----a-w- c:\program files\mozilla firefox\plugins\icafile.dll 2011-04-25 05:58 . 2011-04-25 05:58 40896 ----a-w- c:\program files\mozilla firefox\plugins\icalogon.dll 2011-04-25 05:51 . 2011-04-25 05:51 898480 ----a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll 2011-04-25 06:00 . 2011-04-25 06:00 24512 ----a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll 2012-06-01 01:34 . 2012-02-22 01:17 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Spybot-S&D Cleaning"="c:\program files\Spybot - Search & Destroy 2\SDCleaner.exe" [2012-05-10 2959336] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-06-14 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-14 8433664] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-14 81920] "NVHotkey"="c:\windows\system32\nvHotkey.dll" [2007-06-14 67584] "SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-09-13 405504] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-07-02 159744] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2011-04-25 305088] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200] "SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2012-05-10 3349488] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-01 129976] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-21 74112] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 214952] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-09 1343400] S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2011-04-25 65584] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\aestsrv.exe [2007-09-20 73728] S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-05-10 1122296] S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-05-10 838136] S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-03-22 166528] S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880] S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360] S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992] S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504] . . Contents of the 'Scheduled Tasks' folder . 2012-05-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3865153123-2725526692-2838595902-1001Core.job - c:\users\angelo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-24 17:15] . 2012-06-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3865153123-2725526692-2838595902-1001UA.job - c:\users\angelo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-24 17:15] . . ------- Supplementary Scan ------- . uStart Page = IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\angelo\AppData\Roaming\Mozilla\Firefox\Profiles\xtao028n.default\ . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'Explorer.exe'(2456) c:\windows\system32\fxsst.dll . Completion time: 2012-06-03 11:25:09 ComboFix-quarantined-files.txt 2012-06-03 15:25 ComboFix2.txt 2012-05-29 23:05 . Pre-Run: 223,263,088,640 bytes free Post-Run: 223,213,424,640 bytes free . - - End Of File - - 53955455AB66B1515620C07507DC9AE0
  8. All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ef80d754-fb77-4a7f-be75-489beebb20c9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ef80d754-fb77-4a7f-be75-489beebb20c9}\ not found. HKU\S-1-5-21-3865153123-2725526692-2838595902-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Registry key HKEY_USERS\S-1-5-21-3865153123-2725526692-2838595902-1001\Software\Microsoft\Internet Explorer\SearchScopes\{B9B00739-F5FD-4019-8EBA-2429AD2AE369}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B9B00739-F5FD-4019-8EBA-2429AD2AE369}\ not found. Registry key HKEY_USERS\S-1-5-21-3865153123-2725526692-2838595902-1001\Software\Microsoft\Internet Explorer\SearchScopes\{ef80d754-fb77-4a7f-be75-489beebb20c9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ef80d754-fb77-4a7f-be75-489beebb20c9}\ not found. ========== COMMANDS ========== [EMPTYJAVA] User: All Users User: angelo ->Java cache emptied: 1752249 bytes User: Default User: Default User User: Public Total Java Files Cleaned = 2.00 mb [EMPTYTEMP] User: All Users User: angelo ->Temp folder emptied: 77578233 bytes ->Temporary Internet Files folder emptied: 4494181 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 54481206 bytes ->Google Chrome cache emptied: 11103319 bytes ->Flash cache emptied: 963 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes ->Flash cache emptied: 56504 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 571778 bytes %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 17966930 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 159.00 mb OTL by OldTimer - Version 3.2.45.0 log created on 06032012_093710 Files\Folders moved on Reboot... Registry entries deleted on Reboot...
  9. RogueKiller V7.5.2 [05/30/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7600 ) 32 bits version Started in : Normal mode User: angelo [Admin rights] Mode: Scan -- Date: 06/02/2012 21:33:03 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 3 ¤¤¤ [HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD2500BEKT-00F3T0 ATA Device +++++ --- User --- [MBR] b7ee7d0642669375442eea279e6539cf [bSP] 68bc32e9635031b6d3d1859dd4dd30c5 : Windows 7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 238372 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1].txt >> RKreport[1].txt OTL logfile created on: 6/2/2012 9:44:44 PM - Run 1 OTL by OldTimer - Version 3.2.45.0 Folder = C:\Users\angelo\Downloads Professional (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.25 Gb Available Physical Memory | 62.39% Memory free 4.00 Gb Paging File | 3.03 Gb Available in Paging File | 75.74% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 232.79 Gb Total Space | 207.87 Gb Free Space | 89.30% Space Free | Partition Type: NTFS Computer Name: SHERRY-DELL | User Name: angelo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/06/02 21:39:26 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\angelo\Downloads\OTL(1).exe PRC - [2012/05/31 21:34:09 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2012/05/10 16:29:50 | 003,349,488 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe PRC - [2012/05/10 16:29:02 | 000,838,136 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe PRC - [2012/05/10 16:28:58 | 001,122,296 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe PRC - [2012/03/26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe PRC - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe PRC - [2012/03/22 10:55:02 | 000,166,528 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe PRC - [2012/03/19 07:38:48 | 002,279,296 | ---- | M] (TeamViewer GmbH) -- c:\Program Files\TeamViewer\Version7\TeamViewer_Desktop.exe PRC - [2012/03/19 07:38:47 | 007,357,824 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer.exe PRC - [2012/03/19 07:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2012/03/19 07:29:38 | 000,106,368 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\tv_w32.exe PRC - [2011/07/16 00:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2011/04/25 02:24:16 | 000,726,976 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\wfcrun32.exe PRC - [2011/04/25 02:22:40 | 000,305,088 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\concentr.exe PRC - [2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/07/13 21:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2007/09/20 14:31:10 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe PRC - [2007/09/13 14:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe PRC - [2007/09/13 14:44:48 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe PRC - [2007/07/02 13:29:22 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe PRC - [2007/06/06 16:44:44 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe PRC - [2007/05/22 14:18:56 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe PRC - [2006/09/08 15:10:22 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe ========== Modules (No Company Name) ========== MOD - [2012/05/31 21:34:09 | 001,952,696 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2012/05/10 16:28:12 | 000,046,592 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl MOD - [2012/05/10 16:28:10 | 000,517,632 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl MOD - [2012/05/10 16:28:10 | 000,410,112 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDWSCService) SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDUpdateService) SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDScannerService) SRV - [2012/05/31 21:34:09 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/03/26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV - [2012/03/19 07:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2010/07/09 19:21:53 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2009/07/13 21:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009/07/13 21:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\mprdim.dll -- (RemoteAccess) SRV - [2009/07/13 21:15:38 | 000,067,584 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\Mcx2Svc.dll -- (Mcx2Svc) SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/06/10 17:14:05 | 000,128,848 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing) SRV - [2007/09/20 14:31:10 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters) SRV - [2007/09/13 14:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\angelo\AppData\Local\Temp\catchme.sys -- (catchme) DRV - [2012/03/20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv) DRV - [2011/04/25 01:49:16 | 000,065,584 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\ctxusbm.sys -- (ctxusbm) DRV - [2009/07/13 21:20:28 | 000,022,096 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk) DRV - [2009/07/13 21:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2009/07/13 21:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2009/07/13 21:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2009/07/13 19:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2009/07/13 19:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2009/07/13 19:14:09 | 000,246,784 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\udfs.sys -- (udfs) DRV - [2009/07/13 19:11:15 | 000,070,656 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\cdfs.sys -- (cdfs) DRV - [2007/09/13 14:46:06 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2007/06/25 18:53:10 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2007/06/14 16:25:00 | 007,110,880 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2007/03/21 22:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007/02/24 14:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2007/01/23 16:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{ef80d754-fb77-4a7f-be75-489beebb20c9}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=RGxdm007CQus&ptnrS=RGxdm007CQus&ptb=ECE14587-7489-4C38-B2F8-8CB9AD5BCD2D&ind=2012030705&n=77ed26f1&psa=&st=sb&searchfor={searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3865153123-2725526692-2838595902-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml?n=77DE8857&ptnrS=RGxdm007CQus&ptb=ECE14587-7489-4C38-B2F8-8CB9AD5BCD2D IE - HKU\S-1-5-21-3865153123-2725526692-2838595902-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKU\S-1-5-21-3865153123-2725526692-2838595902-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0F DF 76 89 94 F5 CC 01 [binary data] IE - HKU\S-1-5-21-3865153123-2725526692-2838595902-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-3865153123-2725526692-2838595902-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3865153123-2725526692-2838595902-1001\..\SearchScopes\{B9B00739-F5FD-4019-8EBA-2429AD2AE369}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=PGL&o=102946&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=6J&apn_dtid=YYYYYYYYUS&apn_uid=e099235d-55f5-44f5-9958-8126f6a9c4d4&apn_sauid=856288CC-A644-456F-948B-CE00F3F3540E IE - HKU\S-1-5-21-3865153123-2725526692-2838595902-1001\..\SearchScopes\{ef80d754-fb77-4a7f-be75-489beebb20c9}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=RGxdm007CQus&ptnrS=RGxdm007CQus&ptb=ECE14587-7489-4C38-B2F8-8CB9AD5BCD2D&ind=2012030705&n=77ed26f1&psa=&st=sb&searchfor={searchTerms} IE - HKU\S-1-5-21-3865153123-2725526692-2838595902-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\angelo\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\angelo\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/05/31 21:34:10 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/05/16 00:40:24 | 000,000,000 | ---D | M] [2010/07/10 18:45:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\angelo\AppData\Roaming\mozilla\Extensions [2012/05/21 17:19:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\angelo\AppData\Roaming\mozilla\Firefox\Profiles\xtao028n.default\extensions [2012/02/16 06:42:03 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\angelo\AppData\Roaming\mozilla\Firefox\Profiles\xtao028n.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2012/01/03 17:27:44 | 000,002,333 | ---- | M] () -- C:\Users\angelo\AppData\Roaming\Mozilla\Firefox\Profiles\xtao028n.default\searchplugins\askcom.xml [2012/05/31 21:35:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012/05/31 21:34:10 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011/04/25 01:58:10 | 000,124,864 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CCMSDK.dll [2011/04/25 02:00:08 | 000,071,104 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll [2011/04/25 01:59:06 | 000,092,096 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\confmgr.dll [2011/04/25 01:58:38 | 000,022,976 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll [2010/07/10 19:18:08 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011/04/25 02:49:00 | 000,485,288 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll [2011/04/25 02:00:04 | 000,024,512 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll [2012/05/31 21:34:06 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012/05/31 21:34:06 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - default_search_provider: Ask (Enabled) CHR - default_search_provider: search_url = http://websearch.ask.com/redirect?client=cr&src=kw&tb=PGL&o=102946&locale=en_US&apn_uid=e099235d-55f5-44f5-9958-8126f6a9c4d4&apn_ptnrs=6J&apn_sauid=856288CC-A644-456F-948B-CE00F3F3540E&apn_dtid=YYYYYYYYUS&q={searchTerms} CHR - default_search_provider: suggest_url = http://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\angelo\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\angelo\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\angelo\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\angelo\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: RivalGaming Addon (Enabled) = C:\Users\angelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\adhmhclafdhfabmmglbcngpddpdeijgd\npRivalGamingGC.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java Platform SE 6 U20 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: Google Update (Enabled) = C:\Users\angelo\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - Extension: RivalGaming = C:\Users\angelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\adhmhclafdhfabmmglbcngpddpdeijgd\ CHR - Extension: YouTube = C:\Users\angelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google Search = C:\Users\angelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Gmail = C:\Users\angelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012/05/29 19:03:14 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.) O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation) O4 - HKLM..\Run: [sDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.) O4 - HKLM..\Run: [sigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (IDT, Inc.) O4 - HKU\S-1-5-21-3865153123-2725526692-2838595902-1001..\Run: [spybot-S&D Cleaning] C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3865153123-2725526692-2838595902-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3865153123-2725526692-2838595902-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3865153123-2725526692-2838595902-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 10.4.1) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 10.4.1) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06675B40-6114-4299-BAA8-07663045CB45}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FE8E32F5-877D-4A07-BC31-299D0EE1A13E}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012/06/02 21:43:44 | 000,000,000 | ---D | C] -- C:\Users\angelo\AppData\Local\Diagnostics [2012/06/02 21:31:44 | 000,000,000 | ---D | C] -- C:\Users\angelo\Desktop\RK_Quarantine [2012/06/01 16:31:15 | 000,200,976 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmcomm.sys [2012/06/01 15:31:08 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer [2012/05/31 21:34:11 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service [2012/05/31 21:34:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012/05/31 21:30:59 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe [2012/05/31 21:28:26 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro [2012/05/30 16:56:56 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\angelo\Desktop\dds.scr [2012/05/29 19:05:32 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012/05/29 19:05:30 | 000,000,000 | ---D | C] -- C:\Windows\temp [2012/05/29 18:49:30 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2012/05/21 21:09:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview [2012/05/21 21:08:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders [2012/05/21 21:05:11 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2012/05/21 21:03:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012/05/21 21:02:35 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle [2012/05/21 20:53:54 | 000,000,000 | ---D | C] -- C:\NVIDIA [2012/05/21 18:05:08 | 000,042,496 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimsptsk.sys [2012/05/21 18:05:08 | 000,039,936 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimmptsk.sys [2012/05/21 18:05:08 | 000,037,376 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rixdptsk.sys [2012/05/21 17:30:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2012/05/21 17:29:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 [2012/05/21 17:29:23 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\Windows\System32\sdnclean.exe [2012/05/21 17:29:17 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2 [2012/05/21 17:09:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt [2012/05/17 21:43:35 | 000,000,000 | ---D | C] -- C:\Users\angelo\AppData\Roaming\Malwarebytes [2012/05/17 21:43:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/05/17 21:43:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/05/17 21:43:24 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012/05/17 21:43:23 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012/05/17 21:35:19 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012/05/10 06:50:18 | 000,000,000 | ---D | C] -- C:\Config.Msi ========== Files - Modified Within 30 Days ========== [2012/06/02 21:38:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3865153123-2725526692-2838595902-1001UA.job [2012/06/02 19:44:56 | 000,014,304 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/06/02 19:44:56 | 000,014,304 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/06/02 19:43:28 | 000,626,278 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012/06/02 19:43:28 | 000,107,522 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012/06/02 19:37:54 | 000,027,430 | ---- | M] () -- C:\Users\angelo\AppData\Roaming\nvModes.001 [2012/06/02 19:37:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/06/02 19:37:26 | 1609,072,640 | -HS- | M] () -- C:\hiberfil.sys [2012/06/01 16:30:58 | 000,000,036 | ---- | M] () -- C:\Users\angelo\AppData\Local\housecall.guid.cache [2012/06/01 15:31:12 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk [2012/05/31 21:30:59 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe [2012/05/31 14:38:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3865153123-2725526692-2838595902-1001Core.job [2012/05/30 16:57:43 | 000,853,862 | ---- | M] () -- C:\Users\angelo\Desktop\SecurityCheck.exe [2012/05/30 16:56:56 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\angelo\Desktop\dds.scr [2012/05/30 16:48:17 | 000,002,409 | ---- | M] () -- C:\Users\angelo\Desktop\Google Chrome.lnk [2012/05/29 19:03:14 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2012/05/26 22:58:28 | 187,456,401 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012/05/21 17:44:33 | 000,409,072 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012/05/21 17:29:30 | 000,002,123 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk [2012/05/17 21:43:29 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/05/17 21:35:23 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012/05/16 06:33:02 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif ========== Files Created - No Company Name ========== [2012/06/01 16:30:58 | 000,000,036 | ---- | C] () -- C:\Users\angelo\AppData\Local\housecall.guid.cache [2012/06/01 15:31:12 | 000,001,136 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk [2012/06/01 15:31:12 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk [2012/05/30 16:57:39 | 000,853,862 | ---- | C] () -- C:\Users\angelo\Desktop\SecurityCheck.exe [2012/05/21 17:43:16 | 187,456,401 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012/05/21 17:29:30 | 000,002,135 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk [2012/05/21 17:29:30 | 000,002,123 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk [2012/05/20 15:43:15 | 000,409,072 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2012/05/17 21:43:29 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/05/17 21:35:23 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012/05/16 06:33:00 | 000,001,915 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk [2010/10/04 12:24:57 | 000,027,430 | ---- | C] () -- C:\Users\angelo\AppData\Roaming\nvModes.dat [2010/10/04 12:24:57 | 000,027,430 | ---- | C] () -- C:\Users\angelo\AppData\Roaming\nvModes.001 [2010/07/10 18:45:01 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat ========== LOP Check ========== [2012/03/04 08:01:33 | 000,000,000 | -H-D | M] -- C:\Users\angelo\AppData\Roaming\006F30C2 [2012/04/11 10:51:07 | 000,000,000 | ---D | M] -- C:\Users\angelo\AppData\Roaming\ICAClient [2012/03/03 06:00:35 | 000,032,582 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report >
  10. Windows 7- mouse freezes for about 1 second then unfreezes. When I search on the firefox homepage it goes through my web search. Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.05.30.07 Windows 7 x86 NTFS Internet Explorer 9.0.8112.16421 angelo :: SHERRY-DELL [administrator] 5/30/2012 5:09:50 PM mbam-log-2012-05-30 (17-09-50).txt Scan type: Full scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 284473 Time elapsed: 26 minute(s), 18 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.4.1 Run by angelo at 17:23:06 on 2012-05-30 Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.2046.1050 [GMT -4:00] . AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Spybot - Search and Destroy *Enabled/Updated* {1EAF1D03-5480-F3B2-EB14-11F0F5EE2699} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\Dwm.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\Explorer.EXE C:\Windows\system32\aestsrv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\STacSV.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe C:\Program Files\DellTPad\Apoint.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Citrix\ICA Client\concentr.exe C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Citrix\ICA Client\wfcrun32.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files\DellTPad\HidFind.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\System32\svchost.exe -k swprv C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://home.mywebsearch.com/index.jhtml?n=77DE8857&ptnrS=RGxdm007CQus&ptb=ECE14587-7489-4C38-B2F8-8CB9AD5BCD2D BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy 2\SDHelper.dll BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll uRun: [spybot-S&D Cleaning] "c:\program files\spybot - search & destroy 2\SDCleaner.exe" /autoclean mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start mRun: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe mRun: [Apoint] c:\program files\delltpad\Apoint.exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [sDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mPolicies-system: ConsentPromptbehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptbehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000 IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} - hxxp://archives.gametap.com/static/cab_headless/GameTapWebPlayer.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{06675B40-6114-4299-BAA8-07663045CB45} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{06675B40-6114-4299-BAA8-07663045CB45}\E4544574541425 : DhcpNameServer = 10.0.0.1 TCP: Interfaces\{06675B40-6114-4299-BAA8-07663045CB45}\E6F6167656E646163747275616D6E236F6D6 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{FE8E32F5-877D-4A07-BC31-299D0EE1A13E} : DhcpNameServer = 75.75.75.75 75.75.76.76 Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\users\angelo\appdata\roaming\mozilla\firefox\profiles\xtao028n.default\ FF - prefs.js: browser.startup.homepage - hxxp://google.com/ FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npicaN.dll FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll FF - plugin: c:\users\angelo\appdata\local\google\update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: c:\windows\system32\npDeployJava1.dll FF - plugin: c:\windows\system32\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 171064] R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2011-4-25 65584] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128] R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2010-7-9 73728] R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2012-5-21 1122296] R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2012-5-21 838136] R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2012-5-21 166528] R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-5-30 40776] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 74112] S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2012-3-26 214952] S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-7-9 1343400] . =============== Created Last 30 ================ . 2012-05-30 21:08:47 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2012-05-30 02:41:55 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{3db49430-fcd9-44a0-885b-9229bdaf389a}\offreg.dll 2012-05-30 02:40:39 6737808 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{3db49430-fcd9-44a0-885b-9229bdaf389a}\mpengine.dll 2012-05-29 23:05:32 -------- d-sh--w- C:\$RECYCLE.BIN 2012-05-22 01:09:59 -------- d-----w- c:\windows\system32\SPReview 2012-05-22 01:08:46 -------- d-----w- c:\windows\system32\EventProviders 2012-05-22 01:02:35 -------- d-----w- c:\program files\Oracle 2012-05-22 01:01:49 772504 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-05-22 00:53:54 -------- d-----w- C:\NVIDIA 2012-05-21 22:05:08 90112 ----a-w- c:\windows\system32\snymsico.dll 2012-05-21 22:05:08 42496 ----a-w- c:\windows\system32\drivers\rimsptsk.sys 2012-05-21 22:05:08 39936 ----a-w- c:\windows\system32\drivers\rimmptsk.sys 2012-05-21 22:05:08 37376 ----a-w- c:\windows\system32\drivers\rixdptsk.sys 2012-05-21 22:04:49 692224 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iKernel.dll 2012-05-21 22:04:49 57344 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\ctor.dll 2012-05-21 22:04:49 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\DotNetInstaller.exe 2012-05-21 22:04:49 282756 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\setup.dll 2012-05-21 22:04:49 237568 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iscript.dll 2012-05-21 22:04:49 163972 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iGdi.dll 2012-05-21 22:04:49 155648 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iuser.dll 2012-05-21 21:30:42 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2012-05-21 21:29:23 15224 ----a-w- c:\windows\system32\sdnclean.exe 2012-05-21 21:29:17 -------- d-----w- c:\program files\Spybot - Search & Destroy 2 2012-05-21 21:23:33 6737808 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2012-05-21 21:09:57 -------- d-----w- c:\windows\system32\appmgmt 2012-05-18 01:43:35 -------- d-----w- c:\users\angelo\appdata\roaming\Malwarebytes 2012-05-18 01:43:25 -------- d-----w- c:\programdata\Malwarebytes 2012-05-18 01:43:24 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-05-18 01:43:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-05-18 01:35:19 -------- d-----w- c:\program files\CCleaner 2012-05-18 01:30:51 1287024 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-05-18 01:30:37 989184 ----a-w- c:\program files\windows journal\JNTFiltr.dll 2012-05-18 01:30:37 1221632 ----a-w- c:\program files\windows journal\NBDoc.DLL 2012-05-18 01:30:36 969216 ----a-w- c:\program files\windows journal\JNWDRV.dll 2012-05-18 01:30:36 936960 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll 2012-05-18 01:30:09 3902320 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-18 01:30:09 2342400 ----a-w- c:\windows\system32\win32k.sys 2012-05-18 01:30:08 3958128 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-18 01:30:03 56688 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-05-18 01:29:55 218624 ----a-w- c:\windows\system32\d3d10_1core.dll 2012-05-18 01:29:55 1170944 ----a-w- c:\windows\system32\d3d10warp.dll 2012-05-18 01:29:54 739840 ----a-w- c:\windows\system32\d2d1.dll 2012-05-18 01:29:54 161792 ----a-w- c:\windows\system32\d3d10_1.dll 2012-05-18 01:29:54 1074176 ----a-w- c:\windows\system32\DWrite.dll 2012-05-16 10:25:42 713784 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{9def83db-94be-4bca-a372-466a9b0616ea}\gapaengine.dll . ==================== Find3M ==================== . 2012-04-04 22:47:02 687504 ----a-w- c:\windows\system32\deployJava1.dll 2012-03-21 00:44:12 74112 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2012-03-21 00:44:12 171064 ----a-w- c:\windows\system32\drivers\MpFilter.sys . ============= FINISH: 17:23:42.12 ===============
  11. Hey- Thanks for your help, Im just going to reinstall windows. I can afford to do that on this pc, and have been meaning to. Meanwhile I need to open a thread about a laptop... but anyway, thanks your your help. It is appreciated.
  12. Ive enabled back the services I use, and all seems to be running normally, but I will see how it behaves over tomorrow. 2 Things: Xchat WDK Freezes when opening channels when it is first opened (this has been going on the whole time) Do I have to re enable other things one by one to see which one specificly which is causing the problem
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.