Eganrac1239

Infected with Widgi Toolbar and have MBAM Pro

11 posts in this topic

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30

Run by Eganrac at 15:15:23 on 2012-05-10

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.44.1033.18.8172.6144 [GMT -7:00]

.

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\PROGRA~2\AVG\AVG2012\avgrsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe

C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskhost.exe

C:\Windows\Explorer.EXE

C:\Program Files\Logitech\Gaming Software\LWEMon.exe

C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe

C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe

C:\Program Files\Microsoft IntelliType Pro\itype.exe

C:\Program Files (x86)\Creative\Shared Files\CTSched.exe

C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe

C:\Windows\SysWOW64\Ctxfihlp.exe

C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe

C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe

C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe

C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe

C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt

C:\Windows\system32\IProsetMonitor.exe

C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgemca.exe

C:\Program Files\Windows Media Player\WMPSideShowGadget.exe

C:\Program Files (x86)\Windows Media Player\wmplayer.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Windows\system32\taskhost.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\sppsvc.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k HPService

C:\Windows\SysWOW64\CTXFISPI.EXE

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files\Ventrilo\Ventrilo.exe

C:\Users\Eganrac\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Eganrac\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Eganrac\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Eganrac\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Eganrac\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Eganrac\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Eganrac\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Eganrac\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Eganrac\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Eganrac\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\World of Warcraft\Launcher.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uURLSearchHooks: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\5.6\youtubedownloaderToolbarIE.dll

uURLSearchHooks: H - No File

mWinlogon: Userinit=userinit.exe,

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\5.6\youtubedownloaderToolbarIE.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

TB: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\5.6\youtubedownloaderToolbarIE.dll

EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll

uRun: [Google Update] "C:\Users\Eganrac\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [CreativeTaskScheduler] "C:\Program Files (x86)\Creative\Shared Files\CTSched.exe" /logon

uRun: [PlayNC Launcher]

uRun: [Creative Software Update] "C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe" /Silent

mRun: [CTxfiHlp] CTXFIHLP.EXE

mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun: [<NO NAME>]

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 0 (0x0)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe"

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15116/CTPID.cab

TCP: DhcpNameServer = 192.168.0.1 205.171.3.25

TCP: Interfaces\{A4042599-6155-4B2F-AC7B-6E46F7B5B00B} : DhcpNameServer = 192.168.0.1 205.171.3.25

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

BHO-X64: HP Print Enhancer - No File

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: YouTube Downloader Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\5.6\youtubedownloaderToolbarIE.dll

BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

BHO-X64: HP Smart BHO Class - No File

TB-X64: YouTube Downloader Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\5.6\youtubedownloaderToolbarIE.dll

EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File

mRun-x64: [CTxfiHlp] CTXFIHLP.EXE

mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun-x64: [(Default)]

IE-X64: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe"

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Eganrac\AppData\Roaming\Mozilla\Firefox\Profiles\5br2vx7q.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/home.php?ref=hp

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=

FF - component: C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll

FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll

FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll

FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll

FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll

FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll

FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll

FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll

FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll

FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll

FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll

FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll

FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll

FF - component: C:\Users\Eganrac\AppData\Roaming\Mozilla\Firefox\Profiles\5br2vx7q.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\plugins\nphpclipbook.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

FF - plugin: C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nppl3260.dll

FF - plugin: C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nprpjplug.dll

FF - plugin: C:\Users\Eganrac\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll

FF - plugin: C:\Users\Eganrac\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - Ext: Targeted Advertising Cookie Opt-Out (TACO): optout@dubfire.net - C:\Program Files (x86)\Mozilla Firefox\extensions\optout@dubfire.net

FF - Ext: Skype extension: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

FF - Ext: Update Notifier: {95f24680-9e31-11da-a746-0800200c9a66} - C:\Program Files (x86)\Mozilla Firefox\extensions\{95f24680-9e31-11da-a746-0800200c9a66}

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}

FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Program Files (x86)\Mozilla Firefox\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

FF - Ext: BetterPrivacy: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3} - C:\Program Files (x86)\Mozilla Firefox\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}

FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com

FF - Ext: Flashblock: {3d7eb24f-2740-49df-8937-200b1cc08f8a} - %profile%\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}

FF - Ext: XHTML Mobile Profile: {8ea9957e-2953-402f-80e0-bceb5f169d6f} - %profile%\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}

FF - Ext: wmlbrowser: {c4dc572a-3295-40eb-b30f-b54aa4cdc4b7} - %profile%\extensions\{c4dc572a-3295-40eb-b30f-b54aa4cdc4b7}

FF - Ext: EWOQ Mobile Setup extension: {f035aa18-ee32-4e6e-81d2-57e32867f8a7} - %profile%\extensions\{f035aa18-ee32-4e6e-81d2-57e32867f8a7}

FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - C:\Program Files (x86)\AVG\AVG2012\Firefox

FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF - Ext: FiddlerHook: fiddlerhook@fiddler2.com - C:\Program Files (x86)\Fiddler2\FiddlerHook

FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]

R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]

R2 Application Updater;Application Updater;C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2012-4-23 785304]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]

R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2011-2-25 23680]

R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\system32\IProsetMonitor.exe --> C:\Windows\system32\IProsetMonitor.exe [?]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-5-10 654408]

R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-4-30 2348352]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-2-29 382272]

R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]

R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]

R3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]

R3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]

R3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]

R3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;C:\Windows\system32\DRIVERS\e1c62x64.sys --> C:\Windows\system32\DRIVERS\e1c62x64.sys [?]

R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\system32\drivers\LGBusEnum.sys --> C:\Windows\system32\drivers\LGBusEnum.sys [?]

R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\system32\drivers\LGVirHid.sys --> C:\Windows\system32\drivers\LGVirHid.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 VaneFltr;Lachesis Mouse Driver;C:\Windows\system32\drivers\Lachesis.sys --> C:\Windows\system32\drivers\Lachesis.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 Amazon Download Agent;Amazon Download Agent;C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [2011-6-18 401920]

S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-5-19 79360]

S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-3-2 79360]

S3 CT20XUT;CT20XUT;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]

S3 CTEXFIFX;CTEXFIFX;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]

S3 CTHWIUT;CTHWIUT;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]

S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]

S3 SSMO3v2Filter;MMO3v2 Mouse;C:\Windows\system32\drivers\MO3v2Driver.sys --> C:\Windows\system32\drivers\MO3v2Driver.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S4 BCSWAP;BCSWAP;C:\Windows\system32\drivers\BCSWAP.sys --> C:\Windows\system32\drivers\BCSWAP.sys [?]

.

=============== Created Last 30 ================

.

2012-05-10 20:03:04 -------- d-----w- C:\Windows\pss

2012-05-07 22:56:26 -------- d-----w- C:\Users\Eganrac\AppData\Local\Red 5 Studios

2012-05-07 22:03:49 -------- d-----w- C:\Program Files (x86)\Xiph.Org

2012-05-07 22:00:10 -------- d-----w- C:\Program Files (x86)\Red 5 Studios

2012-05-05 16:51:19 -------- d-----w- C:\Program Files (x86)\YouTube Downloader Toolbar

2012-05-05 16:51:19 -------- d-----w- C:\Program Files (x86)\Common Files\Spigot

2012-05-05 16:51:19 -------- d-----w- C:\Program Files (x86)\Application Updater

2012-04-12 16:27:46 -------- d--h--w- C:\$AVG

.

==================== Find3M ====================

.

2012-04-04 22:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-02-29 21:00:22 3089728 ----a-w- C:\Windows\System32\nvsvc64.dll

2012-02-29 21:00:09 6074176 ----a-w- C:\Windows\System32\nvcpl.dll

2012-02-29 20:59:47 889664 ----a-w- C:\Windows\System32\nvvsvc.exe

2012-02-29 20:59:47 63296 ----a-w- C:\Windows\System32\nvshext.dll

2012-02-29 20:59:47 118080 ----a-w- C:\Windows\System32\nvmctray.dll

2012-02-29 20:26:56 416064 ----a-w- C:\Windows\SysWow64\nvStreaming.exe

2012-01-23 04:31:45 859497 ----a-w- C:\Program Files (x86)\BPClientSetup.exe

2012-01-23 04:31:41 229060345 ----a-w- C:\Program Files (x86)\BPClientSetup-2b.bin

2012-01-23 04:29:26 1566000000 ----a-w- C:\Program Files (x86)\BPClientSetup-2a.bin

2012-01-23 04:14:59 1566000000 ----a-w- C:\Program Files (x86)\BPClientSetup-1c.bin

2012-01-23 03:59:24 1566000000 ----a-w- C:\Program Files (x86)\BPClientSetup-1b.bin

2012-01-23 03:41:32 1565140352 ----a-w- C:\Program Files (x86)\BPClientSetup-1a.bin

2011-02-15 21:45:50 1867776 ----a-w- C:\Program Files (x86)\LaunchKaros.exe

2011-02-09 05:54:46 1088786096 ----a-w- C:\Program Files (x86)\KarosOnline_02_1067.exe

2011-01-25 22:45:06 1583104 ----a-w- C:\Program Files (x86)\AMo.exe

2011-01-21 04:27:36 200704 ----a-w- C:\Program Files (x86)\Karos_Launcher.dll

2010-09-21 00:20:04 726016 ----a-w- C:\Program Files (x86)\7z.dll

2009-12-12 00:01:00 292545 ----a-w- C:\Program Files (x86)\GameGuard.des

2009-09-09 05:30:08 4378632 ----a-w- C:\Program Files (x86)\D3DX9_40.dll

2009-09-09 05:29:54 991752 ----a-w- C:\Program Files (x86)\dbghelp.dll

2009-09-09 05:29:36 484872 ----a-w- C:\Program Files (x86)\msvcm80.dll

2009-09-09 05:29:18 554504 ----a-w- C:\Program Files (x86)\msvcp80.dll

2009-09-09 05:29:02 632328 ----a-w- C:\Program Files (x86)\msvcr80.dll

2009-09-09 05:28:00 101896 ----a-w- C:\Program Files (x86)\atl80.dll

2009-08-14 19:32:08 425984 ----a-w- C:\Program Files (x86)\WeberForClient.dll

2009-08-14 19:22:22 1875968 ----a-w- C:\Program Files (x86)\WeberForClientD.dll

2009-08-11 04:33:46 180224 ----a-w- C:\Program Files (x86)\HanReportForClient.dll

2009-08-11 04:33:44 651264 ----a-w- C:\Program Files (x86)\HanReportForClientD.dll

.

============= FINISH: 15:16:23.13 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 1/7/2005 8:20:43 AM

System Uptime: 5/10/2012 3:10:56 PM (0 hours ago)

.

Motherboard: ASUSTeK Computer INC. | | P8P67 PRO

Processor: Intel® Core i5-2500K CPU @ 3.30GHz | LGA1155 | 3301/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 466 GiB total, 53.278 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}

Description: Photosmart D110 series

Device ID: ROOT\MULTIFUNCTION\0000

Manufacturer: HP

Name: Photosmart D110 series

PNP Device ID: ROOT\MULTIFUNCTION\0000

Service:

.

Class GUID:

Description: PCI Simple Communications Controller

Device ID: PCI\VEN_8086&DEV_1C3A&SUBSYS_844D1043&REV_04\3&11583659&0&B0

Manufacturer:

Name: PCI Simple Communications Controller

PNP Device ID: PCI\VEN_8086&DEV_1C3A&SUBSYS_844D1043&REV_04\3&11583659&0&B0

Service:

.

Class GUID:

Description:

Device ID: USB\VID_0CF3&PID_3000\6&F57D961&0&7

Manufacturer:

Name:

PNP Device ID: USB\VID_0CF3&PID_3000\6&F57D961&0&7

Service:

.

Class GUID:

Description: Universal Serial Bus (USB) Controller

Device ID: PCI\VEN_1033&DEV_0194&SUBSYS_84131043&REV_03\4&12102E1&0&00E4

Manufacturer:

Name: Universal Serial Bus (USB) Controller

PNP Device ID: PCI\VEN_1033&DEV_0194&SUBSYS_84131043&REV_03\4&12102E1&0&00E4

Service:

.

Class GUID:

Description: SM Bus Controller

Device ID: PCI\VEN_8086&DEV_1C22&SUBSYS_844D1043&REV_04\3&11583659&0&FB

Manufacturer:

Name: SM Bus Controller

PNP Device ID: PCI\VEN_8086&DEV_1C22&SUBSYS_844D1043&REV_04\3&11583659&0&FB

Service:

.

Class GUID:

Description: Universal Serial Bus (USB) Controller

Device ID: PCI\VEN_1033&DEV_0194&SUBSYS_84131043&REV_03\4&1E524C1D&0&00E1

Manufacturer:

Name: Universal Serial Bus (USB) Controller

PNP Device ID: PCI\VEN_1033&DEV_0194&SUBSYS_84131043&REV_03\4&1E524C1D&0&00E1

Service:

.

==== System Restore Points ===================

.

RP145: 5/9/2012 2:34:43 AM - Scheduled Checkpoint

.

==== Installed Programs ======================

.

Adobe Flash Player 10 Plugin

Adobe Reader X (10.1.0)

Adobe Shockwave Player 11.5

Aion

Alice Madness Returns

Amazon Games & Software Downloader

And Yet It Moves 1.2.0

Apple Application Support

Apple Software Update

Aquaria

Assassin's Creed

Assassin's Creed II

Atom Zombie Smasher

µTorrent

Audiosurf

Avid Codecs LE

Batman: Arkham Asylum GOTY Edition

BCWipe 3.0

Beat Hazard

BioShock

Black Prophecy

Braid

BufferChm

Charles

Cogs

Crayon Physics Deluxe version 55

Creative ALchemy

Creative Audio Control Panel

Creative Console Launcher

Creative MediaSource 5

Creative Software AutoUpdate

Creative Sound Blaster Properties x64 Edition

Creative WaveStudio 7

CrimeCraft GangWars

Curse Client

D110

Day of Defeat: Source

Destinations

DeviceDiscovery

Diablo III Beta

Dota 2

Dragonsphere

EasyBits GO

EVEREST Ultimate Edition

Fallout

Fiddler2

FINAL FANTASY XI: Chains of Promathia

FINAL FANTASY XI: Rise of the Zilart

FINAL FANTASY XI: Treasures of Aht Urhgan

FINAL FANTASY XI: Wings of the Goddess

Gish

Global Agenda Launcher

GOM Player

GOMTV Streamer

Google Chrome

Google Talk Plugin

HandBrake 0.9.5

Hellgate

HPAppStudio

HPPhotoGadget

ioquake3

Java Auto Updater

Java 6 Update 22

Java 6 Update 30

KarosOnline

Killing Floor

LastPass (uninstall only)

League of Legends

Magicka

Malwarebytes Anti-Malware version 1.61.0.1400

Microsoft Games for Windows - LIVE

Microsoft Games for Windows - LIVE Redistributable

Microsoft Office Excel Viewer

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft XNA Framework Redistributable 3.1

Microsoft XNA Framework Redistributable 4.0

mIRC

Mozilla Firefox (en-US)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Mumble 1.2.3

Music Manager

NCsoft Launcher

Need For Speed™ World

NVIDIA PhysX

NVIDIA Stereoscopic 3D Driver

OpenAL

OpenOffice.org 3.3

Orcs Must Die!

Origin

Pando Media Booster

Plants vs. Zombies: Game of the Year

Pokemon World Online version 1.73

Portal 2

PS_AIO_07_D110_SW_Min

Quake III Arena

QuickPar 0.9

QuickTime

QuickTransfer

Revenge of the Titans

RIFT

Saints Row: The Third

Scan

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Sequence

Skype Toolbars

Skype™ 5.3

SmartWebPrinting

Spiral Knights

Spotify

Star Wars: The Old Republic

StarCraft II

Status

Steam

Steel Storm - Burning Retribution (remove only)

System Requirements Lab CYRI

Team Fortress 2

Terraria

The Elder Scrolls V: Skyrim

Toolbox

TrayApp

Treasure Adventure Game

Ubisoft Game Launcher

Ultima 4 - Quest of the Avatar

Unity Web Player

Universal Extractor 1.6

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Visual Studio 2008 x64 Redistributables

VLC media player 1.1.9

VVVVVV version 2.0

WebReg

Win7codecs

World of Warcraft

World of Warcraft Beta

World of Warcraft Public Test

Worms Ultimate Mayhem

Xiph.Org Open Codecs 0.85.17777

YouTube Downloader 3.4

YouTube Downloader Toolbar v5.6

.

==== Event Viewer Messages From Past Week ========

.

5/10/2012 12:24:10 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Hi-Rez Studios Authenticate and Update Service service to connect.

5/10/2012 12:24:10 PM, Error: Service Control Manager [7000] - The Hi-Rez Studios Authenticate and Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

.

==== End Of File ===========================

Hope these help!

DDS.txt

Attach DDS.txt

Share this post


Link to post
Share on other sites

Hello and :welcome:

COMBOFIX

---------------

Please download ComboFix from one of these locations:


Bleepingcomputer
ForoSpyware

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.

Query_RC.gif

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

RC_successful.gif

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\Combofix.txt in your next reply.

Share this post


Link to post
Share on other sites

0_0 im so sorry. Apparently malwarebytes didnt e-mail me a notification letting me know someone commented on my post. Here is my combofix log. Thanks again!

_________________________________________________________________________________________________________________________________

ComboFix 12-05-19.01 - Eganrac 05/19/2012 11:20:04.1.4 - x64

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.44.1033.18.8172.5392 [GMT -7:00]

Running from: c:\users\Eganrac\Downloads\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\Install.exe

c:\program files (x86)\KarosOnline_02_1067.exe

c:\users\Eganrac\AppData\Local\assembly\tmp

c:\users\Eganrac\AppData\Roaming\Love

c:\users\Eganrac\AppData\Roaming\Love\not_tetris_2\highscoresA.txt

c:\users\Eganrac\AppData\Roaming\Love\not_tetris_2\highscoresB.txt

c:\users\Eganrac\AppData\Roaming\Love\not_tetris_2\options.txt

.

.

((((((((((((((((((((((((( Files Created from 2012-04-19 to 2012-05-19 )))))))))))))))))))))))))))))))

.

.

2012-05-19 18:27 . 2012-05-19 18:27 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-05-18 17:18 . 2012-05-18 17:18 -------- d-----w- c:\program files (x86)\YouTube Downloader Toolbar

2012-05-18 17:18 . 2012-05-18 17:18 -------- d-----w- c:\program files (x86)\Common Files\Spigot

2012-05-18 17:18 . 2012-05-18 17:18 -------- d-----w- c:\program files (x86)\Application Updater

2012-05-14 16:56 . 2012-05-14 17:10 -------- d-----w- c:\program files (x86)\Diablo III

2012-05-12 23:05 . 2012-05-12 23:05 -------- d-----w- c:\program files (x86)\Diablo 3

2012-05-11 20:38 . 2012-05-11 20:38 -------- d-----w- c:\users\Eganrac\AppData\Roaming\Amazon

2012-05-11 20:38 . 2012-05-11 20:38 -------- d-----w- c:\users\Eganrac\AppData\Local\Amazon

2012-05-07 22:56 . 2012-05-07 22:56 -------- d-----w- c:\users\Eganrac\AppData\Local\Red 5 Studios

2012-05-07 22:03 . 2012-05-07 22:03 -------- d-----w- c:\program files (x86)\Xiph.Org

2012-05-07 22:00 . 2012-05-07 22:00 -------- d-----w- c:\program files (x86)\Red 5 Studios

2012-04-30 20:12 . 2012-05-10 19:25 -------- d-----w- c:\users\UpdatusUser

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-04-04 22:56 . 2011-04-24 18:50 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-03-01 00:02 . 2011-11-15 10:46 2301248 ----a-w- c:\windows\SysWow64\nvapi.dll

2012-03-01 00:02 . 2011-11-15 10:46 1737536 ----a-w- c:\windows\system32\nvdispco64.dll

2012-03-01 00:02 . 2011-11-15 10:46 15009600 ----a-w- c:\windows\SysWow64\nvd3dum.dll

2012-03-01 00:02 . 2011-11-15 10:46 1466176 ----a-w- c:\windows\system32\nvgenco64.dll

2012-03-01 00:02 . 2010-07-10 05:38 2660160 ----a-w- c:\windows\system32\nvapi64.dll

2012-03-01 00:02 . 2009-07-13 21:59 9717568 ----a-w- c:\windows\system32\nvwgf2umx.dll

2012-02-29 21:00 . 2011-02-23 08:39 3089728 ----a-w- c:\windows\system32\nvsvc64.dll

2012-02-29 21:00 . 2011-02-23 08:39 6074176 ----a-w- c:\windows\system32\nvcpl.dll

2012-02-29 20:59 . 2011-02-23 08:38 889664 ----a-w- c:\windows\system32\nvvsvc.exe

2012-02-29 20:59 . 2011-02-23 08:38 118080 ----a-w- c:\windows\system32\nvmctray.dll

2012-02-29 20:59 . 2010-07-09 16:27 63296 ----a-w- c:\windows\system32\nvshext.dll

2012-02-29 20:26 . 2012-02-29 20:26 416064 ----a-w- c:\windows\SysWow64\nvStreaming.exe

2012-01-23 04:31 . 2012-01-23 04:31 859497 ----a-w- c:\program files (x86)\BPClientSetup.exe

2012-01-23 04:31 . 2012-01-23 04:29 229060345 ----a-w- c:\program files (x86)\BPClientSetup-2b.bin

2012-01-23 04:29 . 2012-01-23 04:14 1566000000 ----a-w- c:\program files (x86)\BPClientSetup-2a.bin

2012-01-23 04:14 . 2012-01-23 03:59 1566000000 ----a-w- c:\program files (x86)\BPClientSetup-1c.bin

2012-01-23 03:59 . 2012-01-23 03:41 1566000000 ----a-w- c:\program files (x86)\BPClientSetup-1b.bin

2012-01-23 03:41 . 2012-01-23 03:23 1565140352 ----a-w- c:\program files (x86)\BPClientSetup-1a.bin

2011-02-15 21:45 . 2011-03-30 00:48 1867776 ----a-w- c:\program files (x86)\LaunchKaros.exe

2011-01-25 22:45 . 2011-03-30 00:48 1583104 ----a-w- c:\program files (x86)\AMo.exe

2011-01-21 04:27 . 2011-03-30 00:48 200704 ----a-w- c:\program files (x86)\Karos_Launcher.dll

2010-09-21 00:20 . 2010-09-21 00:20 726016 ----a-w- c:\program files (x86)\7z.dll

2009-12-12 00:01 . 2011-03-30 00:48 292545 ----a-w- c:\program files (x86)\GameGuard.des

2009-09-09 05:30 . 2011-03-30 00:48 4378632 ----a-w- c:\program files (x86)\D3DX9_40.dll

2009-09-09 05:29 . 2011-03-30 00:48 991752 ----a-w- c:\program files (x86)\dbghelp.dll

2009-09-09 05:29 . 2011-03-30 00:48 484872 ----a-w- c:\program files (x86)\msvcm80.dll

2009-09-09 05:29 . 2011-03-30 00:48 554504 ----a-w- c:\program files (x86)\msvcp80.dll

2009-09-09 05:29 . 2011-03-30 00:48 632328 ----a-w- c:\program files (x86)\msvcr80.dll

2009-09-09 05:28 . 2011-03-30 00:48 101896 ----a-w- c:\program files (x86)\atl80.dll

2009-08-14 19:32 . 2011-03-30 00:48 425984 ----a-w- c:\program files (x86)\WeberForClient.dll

2009-08-14 19:22 . 2011-03-30 00:48 1875968 ----a-w- c:\program files (x86)\WeberForClientD.dll

2009-08-11 04:33 . 2011-03-30 00:48 180224 ----a-w- c:\program files (x86)\HanReportForClient.dll

2009-08-11 04:33 . 2011-03-30 00:48 651264 ----a-w- c:\program files (x86)\HanReportForClientD.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CreativeTaskScheduler"="c:\program files (x86)\Creative\Shared Files\CTSched.exe" [2006-11-17 53341]

"Creative Software Update"="c:\program files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe" [2009-01-15 430968]

"MusicManager"="c:\users\Eganrac\AppData\Local\Programs\Google\MusicManager\MusicManager.exe" [2012-05-10 13805568]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"CTxfiHlp"="CTXFIHLP.EXE" [2010-05-05 25600]

"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-25 2416480]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]

"SearchSettings"="c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [2012-05-17 992648]

.

c:\users\Eganrac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

CurseClientStartup.ccip [2012-5-11 0]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 0 (0x0)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [2011-04-21 23680]

R3 ALSysIO;ALSysIO;c:\users\Eganrac\AppData\Local\Temp\ALSysIO64.sys [x]

R3 Amazon Download Agent;Amazon Download Agent;c:\program files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [2009-10-23 401920]

R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-05-19 79360]

R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-03-03 79360]

R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [x]

R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [x]

R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [x]

R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]

R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\GameGuard\dump_wmimmc.sys [x]

R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]

R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]

R3 SSMO3v2Filter;MMO3v2 Mouse;c:\windows\system32\drivers\MO3v2Driver.sys [x]

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 BCSWAP;BCSWAP; [x]

S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]

S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2012-05-17 785344]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]

S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [x]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272]

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]

S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [x]

S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [x]

S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [x]

S3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\DRIVERS\e1c62x64.sys [x]

S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [x]

S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 VaneFltr;Lachesis Mouse Driver;c:\windows\system32\drivers\Lachesis.sys [x]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - WS2IFSL

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Contents of the 'Scheduled Tasks' folder

.

2012-05-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3997576125-1133855517-1033892153-1000Core.job

- c:\users\Eganrac\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-03 05:11]

.

2012-05-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3997576125-1133855517-1033892153-1000UA.job

- c:\users\Eganrac\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-03 05:11]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2009-09-17 190472]

"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2009-08-14 415752]

"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2009-08-14 2093064]

"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2009-08-14 4195848]

"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-11 1873256]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

TCP: DhcpNameServer = 192.168.0.1 205.171.3.25

FF - ProfilePath - c:\users\Eganrac\AppData\Roaming\Mozilla\Firefox\Profiles\5br2vx7q.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/home.php?ref=hp

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=

FF - Ext: Targeted Advertising Cookie Opt-Out (TACO): optout@dubfire.net - c:\program files (x86)\Mozilla Firefox\extensions\optout@dubfire.net

FF - Ext: Skype extension: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

FF - Ext: Update Notifier: {95f24680-9e31-11da-a746-0800200c9a66} - c:\program files (x86)\Mozilla Firefox\extensions\{95f24680-9e31-11da-a746-0800200c9a66}

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}

FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - c:\program files (x86)\Mozilla Firefox\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

FF - Ext: BetterPrivacy: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3} - c:\program files (x86)\Mozilla Firefox\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}

FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com

FF - Ext: Flashblock: {3d7eb24f-2740-49df-8937-200b1cc08f8a} - %profile%\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}

FF - Ext: XHTML Mobile Profile: {8ea9957e-2953-402f-80e0-bceb5f169d6f} - %profile%\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}

FF - Ext: wmlbrowser: {c4dc572a-3295-40eb-b30f-b54aa4cdc4b7} - %profile%\extensions\{c4dc572a-3295-40eb-b30f-b54aa4cdc4b7}

FF - Ext: EWOQ Mobile Setup extension: {f035aa18-ee32-4e6e-81d2-57e32867f8a7} - %profile%\extensions\{f035aa18-ee32-4e6e-81d2-57e32867f8a7}

FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - c:\program files (x86)\AVG\AVG2012\Firefox

FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF - Ext: FiddlerHook: fiddlerhook@fiddler2.com - c:\program files (x86)\Fiddler2\FiddlerHook

FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

.

- - - - ORPHANS REMOVED - - - -

.

URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)

Wow6432Node-HKCU-Run-PlayNC Launcher - (no file)

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-3997576125-1133855517-1033892153-1000\Software\SecuROM\License information*]

"datasecu"=hex:7f,79,b0,52,45,47,9e,d0,d6,d9,95,bb,a7,ef,f2,ca,65,56,68,29,d2,

cf,c0,00,cb,f3,2f,7f,f2,db,75,25,31,ec,3c,9e,3f,21,3e,f7,27,e6,e7,f0,6b,77,\

"rkeysecu"=hex:b7,86,a4,1d,e9,d1,63,3d,ad,54,a8,46,4c,8b,0d,37

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe

c:\windows\SysWOW64\Ctxfihlp.exe

c:\program files\Logitech\GamePanel Software\Applets\LCDMedia.exe

c:\windows\SysWOW64\CTXFISPI.EXE

.

**************************************************************************

.

Completion time: 2012-05-19 11:35:33 - machine was rebooted

ComboFix-quarantined-files.txt 2012-05-19 18:35

.

Pre-Run: 36,837,146,624 bytes free

Post-Run: 37,807,017,984 bytes free

.

- - End Of File - - 208A7A661ACF3EE11C6A4A3318CD1CEF

Share this post


Link to post
Share on other sites

No problem, notifications don't always work as they should, best is to check your Content on the site as well. :)

P2P WARNING

-------------------

Going over your logs I noticed that you have uTorrent installed.

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.

I would recommend that you uninstall uTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.

If you wish to keep it, please do not use it until your computer is cleaned.

Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.

  • Download the latest version of Java Runtime Environment (JRE) Version 7u3.
  • Look for "JDK 7u3 (JDK or JRE).
  • Click the "Download JRE" button at the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
    • Select "Windows x86 Offline" and click on jre-7-windows-i586.exe

    [*]Save it to your desktop

    [*]Close any programs you may have running - especially your web browser.

    [*]Uninstall all older versions of Java (any item with Java Runtime Environment, JRE or J2SE in the name).

    [*]Reboot your computer once all Java components are removed.

    [*]Install the newest version by double clicking (run as Administrator for Windows Vista/Seven) the downloaded file.

Please launch MBAM, update it and run a full scan. Post me the resulting log.

Share this post


Link to post
Share on other sites

<p> </p>

<div>Malwarebytes Anti-Malware (PRO) 1.61.0.1400</div>

<div>www.malwarebytes.org</div>

<div> </div>

<div>Database version: v2012.05.22.01</div>

<div> </div>

<div>Windows 7 Service Pack 1 x64 NTFS</div>

<div>Internet Explorer 9.0.8112.16421</div>

<div>Eganrac :: EGANRAC-PC [administrator]</div>

<div> </div>

<div>Protection: Enabled</div>

<div> </div>

<div>5/22/2012 8:51:29 PM</div>

<div>mbam-log-2012-05-22 (20-51-29).txt</div>

<div> </div>

<div>Scan type: Full scan</div>

<div>Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM</div>

<div>Scan options disabled: P2P</div>

<div>Objects scanned: 489899</div>

<div>Time elapsed: 1 hour(s), 34 minute(s), 22 second(s)</div>

<div> </div>

<div>Memory Processes Detected: 0</div>

<div>(No malicious items detected)</div>

<div> </div>

<div>Memory Modules Detected: 0</div>

<div>(No malicious items detected)</div>

<div> </div>

<div>Registry Keys Detected: 0</div>

<div>(No malicious items detected)</div>

<div> </div>

<div>Registry Values Detected: 0</div>

<div>(No malicious items detected)</div>

<div> </div>

<div>Registry Data Items Detected: 0</div>

<div>(No malicious items detected)</div>

<div> </div>

<div>Folders Detected: 0</div>

<div>(No malicious items detected)</div>

<div> </div>

<div>Files Detected: 0</div>

<div>(No malicious items detected)</div>

<div> </div>

<div>(end)</div>

<div> </div>

<div> </div>

<div>Got rid of the old java and got the new one. Don't even use UTorrent anymore. Haven't in a long time and won't be anymore :) Nothing malicious but Widgi still comes up on startup.</div>

Share this post


Link to post
Share on other sites

Hi, the following should take care of that. :)

CF-SCRIPT

-------------

We need to execute a CF-script.

  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Click Start > Run and in the box that opens type notepad and press enter. Copy/paste the text in the codebox below into it:


Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SearchSettings"=-

Folder::
c:\program files (x86)\Common Files\Spigot

Firefox::
FF - ProfilePath - C:\Users\Eganrac\AppData\Roaming\Mozilla\Firefox\Profiles\5br2vx7q.default\
FF - component: C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll

Save this as CFScript.txt, in the same location as ComboFix.exe

CFScriptB-4.gif

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

ESET ONLINE SCANNER

----------------------------

I'd like us to scan your machine with ESET OnlineScan

  1. Hold down Control and click on this link to open ESET OnlineScan in a new window.
  2. Click the esetonlinebtn.png button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    1. Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the esetsmartinstaller_enu.png
      icon on your desktop.

    3. Check "YES, I accept the Terms of Use."
    4. Click the Start button.
    5. Accept any security warnings from your browser.
    6. Under scan settings, check "Scan Archives" and "Remove found threats"
    7. Click Advanced settings and select the following:
      • Scan potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth technology

[*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

[*]When the scan completes, click List Threats

[*]Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

[*]Click the Back button.

[*]Click the Finish button.

Share this post


Link to post
Share on other sites

The ESET link isnt working so I went to their main page and tried to use the link to run the scanner and that link isn't working either unfortunately. Here's the combofix log :)

ComboFix 12-05-19.01 - Eganrac 05/22/2012 23:10:13.2.4 - x64

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.44.1033.18.8172.5294 [GMT -7:00]

Running from: c:\users\Eganrac\Downloads\ComboFix.exe

Command switches used :: c:\users\Eganrac\Downloads\CFScript.txt

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\Common Files\Spigot

c:\program files (x86)\Common Files\Spigot\Search Settings\baidu_ff.xml

c:\program files (x86)\Common Files\Spigot\Search Settings\baidu_ie.xml

c:\program files (x86)\Common Files\Spigot\Search Settings\config.ini

c:\program files (x86)\Common Files\Spigot\Search Settings\Lang\res1031.ini

c:\program files (x86)\Common Files\Spigot\Search Settings\Lang\res1033.ini

c:\program files (x86)\Common Files\Spigot\Search Settings\Lang\res1034.ini

c:\program files (x86)\Common Files\Spigot\Search Settings\Lang\res1036.ini

c:\program files (x86)\Common Files\Spigot\Search Settings\Lang\res1040.ini

c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe

c:\program files (x86)\Common Files\Spigot\Search Settings\wth.dll

c:\program files (x86)\Common Files\Spigot\Search Settings\yahoo_ff.xml

c:\program files (x86)\Common Files\Spigot\Search Settings\yahoo_ie.xml

c:\program files (x86)\Common Files\Spigot\Search Settings\yandex_ff.xml

c:\program files (x86)\Common Files\Spigot\Search Settings\yandex_ie.xml

c:\program files (x86)\Common Files\Spigot\wtxpcom\chrome.manifest

c:\program files (x86)\Common Files\Spigot\wtxpcom\components\chrome.manifest

c:\program files (x86)\Common Files\Spigot\wtxpcom\components\IFBHOHelperWidgiToolbar.xpt

c:\program files (x86)\Common Files\Spigot\wtxpcom\components\IFBHOWidgiToolbar.xpt

c:\program files (x86)\Common Files\Spigot\wtxpcom\components\install.rdf

c:\program files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll

c:\program files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.10

c:\program files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.11

c:\program files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.12

c:\program files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.13

c:\program files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.14

c:\program files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.5

c:\program files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.6

c:\program files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.7

c:\program files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.8

c:\program files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.9

c:\program files (x86)\Common Files\Spigot\wtxpcom\install.rdf

.

.

((((((((((((((((((((((((( Files Created from 2012-04-23 to 2012-05-23 )))))))))))))))))))))))))))))))

.

.

2012-05-23 06:15 . 2012-05-23 06:15 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-05-23 04:32 . 2012-05-23 04:32 -------- d-----w- c:\program files (x86)\Common Files\Java

2012-05-23 04:31 . 2012-05-23 04:31 -------- d-----w- c:\program files (x86)\Oracle

2012-05-23 04:31 . 2012-04-05 01:47 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-05-23 03:40 . 2012-05-23 03:40 839112 ----a-w- c:\windows\system32\deployJava1.dll

2012-05-23 03:40 . 2012-05-23 03:40 955848 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-05-23 03:40 . 2012-05-23 03:40 -------- d-----w- c:\program files\Java

2012-05-22 23:10 . 2011-07-07 20:51 1452648 ----a-w- c:\windows\system32\nvhdagenco6420102.dll

2012-05-22 23:08 . 2011-10-20 09:50 3074368 ----a-r- c:\windows\system32\nvsvcr.dll

2012-05-22 23:06 . 2012-05-15 10:48 68928 ----a-w- c:\windows\system32\OpenCL.dll

2012-05-22 23:06 . 2012-05-15 10:48 61248 ----a-w- c:\windows\SysWow64\OpenCL.dll

2012-05-22 23:06 . 2012-05-15 10:48 18044224 ----a-w- c:\windows\system32\nvd3dumx.dll

2012-05-22 23:06 . 2012-05-15 10:48 15322432 ----a-w- c:\windows\SysWow64\nvd3dum.dll

2012-05-22 23:00 . 2012-05-15 09:29 2621723 ----a-w- c:\windows\system32\nvcoproc.bin

2012-05-18 17:18 . 2012-05-18 17:18 -------- d-----w- c:\program files (x86)\YouTube Downloader Toolbar

2012-05-18 17:18 . 2012-05-18 17:18 -------- d-----w- c:\program files (x86)\Application Updater

2012-05-15 09:21 . 2012-05-15 09:21 423744 ----a-w- c:\windows\SysWow64\nvStreaming.exe

2012-05-14 16:56 . 2012-05-14 17:10 -------- d-----w- c:\program files (x86)\Diablo III

2012-05-12 23:05 . 2012-05-12 23:05 -------- d-----w- c:\program files (x86)\Diablo 3

2012-05-11 20:38 . 2012-05-11 20:38 -------- d-----w- c:\users\Eganrac\AppData\Roaming\Amazon

2012-05-11 20:38 . 2012-05-11 20:38 -------- d-----w- c:\users\Eganrac\AppData\Local\Amazon

2012-05-07 22:56 . 2012-05-07 22:56 -------- d-----w- c:\users\Eganrac\AppData\Local\Red 5 Studios

2012-05-07 22:03 . 2012-05-07 22:03 -------- d-----w- c:\program files (x86)\Xiph.Org

2012-05-07 22:00 . 2012-05-07 22:00 -------- d-----w- c:\program files (x86)\Red 5 Studios

2012-04-30 20:12 . 2012-05-22 23:10 -------- d-----w- c:\users\UpdatusUser

2012-04-30 20:10 . 2012-05-15 10:48 949056 ----a-w- c:\windows\system32\nvumdshimx.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-05-15 10:48 . 2011-11-15 10:46 1738048 ----a-w- c:\windows\system32\nvdispco64.dll

2012-05-15 10:48 . 2011-11-15 10:46 1468224 ----a-w- c:\windows\system32\nvgenco64.dll

2012-05-15 10:48 . 2010-07-10 05:38 2741568 ----a-w- c:\windows\system32\nvapi64.dll

2012-05-15 10:48 . 2009-07-13 21:59 10194752 ----a-w- c:\windows\system32\nvwgf2umx.dll

2012-05-15 09:29 . 2011-02-23 08:38 889664 ----a-w- c:\windows\system32\nvvsvc.exe

2012-05-15 09:29 . 2011-02-23 08:38 118080 ----a-w- c:\windows\system32\nvmctray.dll

2012-05-15 09:29 . 2010-07-09 16:27 63296 ----a-w- c:\windows\system32\nvshext.dll

2012-05-15 09:29 . 2011-02-23 08:39 3149632 ----a-w- c:\windows\system32\nvsvc64.dll

2012-05-15 09:28 . 2011-02-23 08:39 6151488 ----a-w- c:\windows\system32\nvcpl.dll

2012-04-05 01:47 . 2011-03-03 11:21 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-04-04 22:56 . 2011-04-24 18:50 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-01-23 04:31 . 2012-01-23 04:31 859497 ----a-w- c:\program files (x86)\BPClientSetup.exe

2012-01-23 04:31 . 2012-01-23 04:29 229060345 ----a-w- c:\program files (x86)\BPClientSetup-2b.bin

2012-01-23 04:29 . 2012-01-23 04:14 1566000000 ----a-w- c:\program files (x86)\BPClientSetup-2a.bin

2012-01-23 04:14 . 2012-01-23 03:59 1566000000 ----a-w- c:\program files (x86)\BPClientSetup-1c.bin

2012-01-23 03:59 . 2012-01-23 03:41 1566000000 ----a-w- c:\program files (x86)\BPClientSetup-1b.bin

2012-01-23 03:41 . 2012-01-23 03:23 1565140352 ----a-w- c:\program files (x86)\BPClientSetup-1a.bin

2011-02-15 21:45 . 2011-03-30 00:48 1867776 ----a-w- c:\program files (x86)\LaunchKaros.exe

2011-01-25 22:45 . 2011-03-30 00:48 1583104 ----a-w- c:\program files (x86)\AMo.exe

2011-01-21 04:27 . 2011-03-30 00:48 200704 ----a-w- c:\program files (x86)\Karos_Launcher.dll

2010-09-21 00:20 . 2010-09-21 00:20 726016 ----a-w- c:\program files (x86)\7z.dll

2009-12-12 00:01 . 2011-03-30 00:48 292545 ----a-w- c:\program files (x86)\GameGuard.des

2009-09-09 05:30 . 2011-03-30 00:48 4378632 ----a-w- c:\program files (x86)\D3DX9_40.dll

2009-09-09 05:29 . 2011-03-30 00:48 991752 ----a-w- c:\program files (x86)\dbghelp.dll

2009-09-09 05:29 . 2011-03-30 00:48 484872 ----a-w- c:\program files (x86)\msvcm80.dll

2009-09-09 05:29 . 2011-03-30 00:48 554504 ----a-w- c:\program files (x86)\msvcp80.dll

2009-09-09 05:29 . 2011-03-30 00:48 632328 ----a-w- c:\program files (x86)\msvcr80.dll

2009-09-09 05:28 . 2011-03-30 00:48 101896 ----a-w- c:\program files (x86)\atl80.dll

2009-08-14 19:32 . 2011-03-30 00:48 425984 ----a-w- c:\program files (x86)\WeberForClient.dll

2009-08-14 19:22 . 2011-03-30 00:48 1875968 ----a-w- c:\program files (x86)\WeberForClientD.dll

2009-08-11 04:33 . 2011-03-30 00:48 180224 ----a-w- c:\program files (x86)\HanReportForClient.dll

2009-08-11 04:33 . 2011-03-30 00:48 651264 ----a-w- c:\program files (x86)\HanReportForClientD.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2012-05-19_18.30.37 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-07-14 04:54 . 2012-05-23 06:16 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-07-14 04:54 . 2012-05-18 17:18 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-07-14 04:54 . 2012-05-18 17:18 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2012-05-23 06:16 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-07-14 04:54 . 2012-05-18 17:18 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:54 . 2012-05-23 06:16 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2011-03-03 05:09 . 2012-05-23 03:19 36968 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 05:10 . 2012-05-23 03:19 27590 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2012-05-22 23:17 . 2012-04-18 17:08 31040 c:\windows\system32\nvhdap64.dll

- 2009-07-14 05:30 . 2012-04-30 20:12 86016 c:\windows\system32\DriverStore\infpub.dat

+ 2009-07-14 05:30 . 2012-05-22 23:19 86016 c:\windows\system32\DriverStore\infpub.dat

+ 2012-05-22 23:10 . 2011-07-07 20:51 29288 c:\windows\system32\DriverStore\FileRepository\nvhda.inf_amd64_neutral_d9dc0257f3c16ec3\nvhdap64.dll

+ 2012-05-22 23:10 . 2011-07-07 20:51 70760 c:\windows\system32\DriverStore\FileRepository\nvhda.inf_amd64_neutral_d9dc0257f3c16ec3\nvapo64v.dll

+ 2012-05-22 23:17 . 2012-04-18 17:08 31040 c:\windows\system32\DriverStore\FileRepository\nvhda.inf_amd64_neutral_9f01b2372a747820\nvhdap64.dll

+ 2012-05-22 23:17 . 2012-04-18 17:08 72512 c:\windows\system32\DriverStore\FileRepository\nvhda.inf_amd64_neutral_9f01b2372a747820\nvapo64v.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 68928 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\OpenCL64.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 61248 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\OpenCL.dll

+ 2012-05-22 23:06 . 2011-10-20 09:50 68928 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_1fea808aa86028da\OpenCL64.dll

+ 2012-05-22 23:06 . 2011-10-20 09:50 61248 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_1fea808aa86028da\OpenCL.dll

+ 2005-01-07 16:14 . 2012-05-22 23:08 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2005-01-07 16:14 . 2012-05-10 19:32 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2005-01-07 16:14 . 2012-05-10 19:32 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2005-01-07 16:14 . 2012-05-22 23:08 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-07-14 04:54 . 2012-05-10 19:32 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:54 . 2012-05-22 23:08 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2012-02-11 23:41 . 2012-05-23 06:15 4222 c:\windows\system32\wdi\ERCQueuedResolutions.dat

+ 2005-01-07 16:23 . 2012-05-23 03:19 9918 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3997576125-1133855517-1033892153-1000_UserData.bin

+ 2012-05-22 23:17 . 2012-05-15 10:48 4096 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvdetx.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 4096 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvdet.dll

+ 2012-05-23 06:16 . 2012-05-23 06:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2012-05-19 18:30 . 2012-05-19 18:30 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-05-23 06:16 . 2012-05-23 06:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2012-05-19 18:30 . 2012-05-19 18:30 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2012-05-22 23:17 . 2012-05-15 10:48 818496 c:\windows\SysWOW64\nvumdshim.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 202048 c:\windows\SysWOW64\nvinit.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 301376 c:\windows\SysWOW64\nvdecodemft.dll

+ 2012-05-23 04:31 . 2012-04-05 01:47 227720 c:\windows\SysWOW64\javaws.exe

+ 2012-05-23 04:30 . 2012-05-23 04:30 174024 c:\windows\SysWOW64\javaw.exe

+ 2012-05-23 04:30 . 2012-05-23 04:30 174024 c:\windows\SysWOW64\java.exe

+ 2009-07-14 02:36 . 2012-05-22 23:12 666718 c:\windows\system32\perfh009.dat

- 2009-07-14 02:36 . 2012-05-15 07:02 666718 c:\windows\system32\perfh009.dat

+ 2009-07-14 02:36 . 2012-05-22 23:12 126444 c:\windows\system32\perfc009.dat

- 2009-07-14 02:36 . 2012-05-15 07:02 126444 c:\windows\system32\perfc009.dat

+ 2012-05-22 23:17 . 2012-05-15 10:48 246592 c:\windows\system32\nvinitx.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 364352 c:\windows\system32\nvdecodemft.dll

+ 2012-05-23 03:40 . 2012-05-23 03:40 268744 c:\windows\system32\javaws.exe

+ 2012-05-23 03:40 . 2012-05-23 03:40 189384 c:\windows\system32\javaw.exe

+ 2012-05-23 03:40 . 2012-05-23 03:40 188872 c:\windows\system32\java.exe

+ 2009-07-14 05:30 . 2012-05-22 23:19 239616 c:\windows\system32\DriverStore\infstrng.dat

- 2009-07-14 05:30 . 2012-04-30 20:12 239616 c:\windows\system32\DriverStore\infstrng.dat

+ 2009-07-14 05:30 . 2012-05-22 23:19 143360 c:\windows\system32\DriverStore\infstor.dat

- 2009-07-14 05:30 . 2012-04-30 20:12 143360 c:\windows\system32\DriverStore\infstor.dat

+ 2012-05-22 23:17 . 2012-05-15 12:55 398656 c:\windows\system32\DriverStore\FileRepository\nvstusb.inf_amd64_neutral_9040728c38bb13af\nvstusb64.sys

+ 2012-05-22 23:09 . 2011-10-20 12:45 291648 c:\windows\system32\DriverStore\FileRepository\nvstusb.inf_amd64_neutral_6bd42d842972ff19\nvstusb64.sys

+ 2012-05-22 23:10 . 2011-07-07 20:51 174184 c:\windows\system32\DriverStore\FileRepository\nvhda.inf_amd64_neutral_d9dc0257f3c16ec3\nvhda64v.sys

+ 2012-05-22 23:10 . 2011-07-07 20:51 150120 c:\windows\system32\DriverStore\FileRepository\nvhda.inf_amd64_neutral_d9dc0257f3c16ec3\nvhda64.sys

+ 2012-05-22 23:17 . 2012-04-18 17:08 188736 c:\windows\system32\DriverStore\FileRepository\nvhda.inf_amd64_neutral_9f01b2372a747820\nvhda64v.sys

+ 2012-05-22 23:17 . 2012-04-18 17:08 156480 c:\windows\system32\DriverStore\FileRepository\nvhda.inf_amd64_neutral_9f01b2372a747820\nvhda64.sys

+ 2012-05-22 23:17 . 2012-05-15 10:48 949056 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvumdshimx.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 818496 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvumdshim.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 313664 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvml.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 246592 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvinitx.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 202048 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvinit.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 202560 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvidia-smi.exe

+ 2012-05-22 23:17 . 2012-05-15 10:48 333120 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvEncodeAPI64.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 282432 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvEncodeAPI.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 249856 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvdxgiwrapx.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 220480 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvdxgiwrap.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 301376 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvdecodemft32.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 364352 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvdecodemft.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 316928 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\Nvd3d9wrapx.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 285504 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\Nvd3d9wrap.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 232768 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\dbInstaller.exe

+ 2012-05-22 23:06 . 2011-10-20 09:50 284480 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_1fea808aa86028da\nvml.dll

+ 2012-05-22 23:06 . 2011-10-20 09:50 200512 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_1fea808aa86028da\nvidia-smi.exe

+ 2012-05-22 23:06 . 2011-10-20 09:50 316928 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_1fea808aa86028da\nvdrsdb.bin

+ 2012-05-22 23:06 . 2011-10-20 09:50 224064 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_1fea808aa86028da\dbInstaller.exe

+ 2012-05-22 23:17 . 2012-04-18 17:08 188736 c:\windows\system32\drivers\nvhda64v.sys

- 2009-07-14 05:01 . 2012-05-19 18:29 281292 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2009-07-14 05:01 . 2012-05-23 06:15 281292 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2012-05-23 04:31 . 2012-05-23 04:31 179200 c:\windows\Installer\43a9c3.msi

+ 2012-05-23 04:31 . 2012-05-23 04:31 461312 c:\windows\Installer\43a9be.msi

+ 2012-05-23 03:39 . 2012-05-23 03:39 891392 c:\windows\Installer\15afb2.msi

+ 2012-05-22 23:17 . 2012-05-15 10:48 8105280 c:\windows\SysWOW64\nvwgf2um.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 2524992 c:\windows\SysWOW64\nvcuvid.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 2445120 c:\windows\SysWOW64\nvcuvenc.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 5982528 c:\windows\SysWOW64\nvcuda.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 2368832 c:\windows\SysWOW64\nvapi.dll

+ 2012-05-22 23:17 . 2012-04-18 17:08 1451840 c:\windows\system32\nvhdagenco6420103.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 2681664 c:\windows\system32\nvcuvid.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 2881856 c:\windows\system32\nvcuvenc.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 8139072 c:\windows\system32\nvcuda.dll

+ 2012-05-22 23:17 . 2012-05-15 12:55 1468224 c:\windows\system32\DriverStore\FileRepository\nvstusb.inf_amd64_neutral_9040728c38bb13af\nvgenco64.dll

+ 2012-05-22 23:09 . 2011-10-20 12:45 1454912 c:\windows\system32\DriverStore\FileRepository\nvstusb.inf_amd64_neutral_6bd42d842972ff19\nvgenco64.dll

+ 2012-05-22 23:10 . 2011-07-07 20:51 1452648 c:\windows\system32\DriverStore\FileRepository\nvhda.inf_amd64_neutral_d9dc0257f3c16ec3\nvgenco64.dll

+ 2012-05-22 23:17 . 2012-04-18 17:08 1451840 c:\windows\system32\DriverStore\FileRepository\nvhda.inf_amd64_neutral_9f01b2372a747820\nvgenco64.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 8105280 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvwgf2um.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 1468224 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvgenco64.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 1066872 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvdrsdb.bin

+ 2012-05-22 23:17 . 2012-05-15 10:48 1738048 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvdispco64.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 2524992 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvcuvid32.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 2681664 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvcuvid.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 2881856 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvcuvenc64.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 2445120 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvcuvenc.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 5982528 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvcuda32.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 8139072 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvcuda.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 2741568 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvapi64.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 2368832 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvapi.dll

+ 2012-05-22 23:06 . 2011-10-20 09:50 8791360 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_1fea808aa86028da\nvwgf2umx.dll

+ 2012-05-22 23:06 . 2011-10-20 09:50 7042368 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_1fea808aa86028da\nvwgf2um.dll

+ 2012-05-22 23:08 . 2011-10-20 09:50 1454400 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_1fea808aa86028da\nvgenco64.dll

+ 2012-05-22 23:08 . 2011-10-20 09:50 1533248 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_1fea808aa86028da\nvdispco64.dll

+ 2012-05-22 23:06 . 2011-10-20 09:50 2401600 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_1fea808aa86028da\nvcuvid32.dll

+ 2012-05-22 23:06 . 2011-10-20 09:50 2543936 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_1fea808aa86028da\nvcuvid.dll

+ 2012-05-22 23:06 . 2011-10-20 09:50 2232128 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_1fea808aa86028da\nvcuvenc64.dll

+ 2012-05-22 23:06 . 2011-10-20 09:50 2099520 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_1fea808aa86028da\nvcuvenc.dll

+ 2012-05-22 23:06 . 2011-10-20 09:50 5581632 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_1fea808aa86028da\nvcuda32.dll

+ 2012-05-22 23:06 . 2011-10-20 09:50 7585600 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_1fea808aa86028da\nvcuda.dll

+ 2012-05-22 23:06 . 2011-10-20 09:50 2808640 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_1fea808aa86028da\nvapi64.dll

+ 2012-05-22 23:06 . 2011-10-20 09:50 2458432 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_1fea808aa86028da\nvapi.dll

+ 2011-03-09 11:17 . 2012-05-23 06:15 9090192 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3997576125-1133855517-1033892153-1000-12288.dat

+ 2012-05-22 23:17 . 2012-05-15 10:48 19607872 c:\windows\SysWOW64\nvoglv32.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 17551680 c:\windows\SysWOW64\nvcompiler.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 25743168 c:\windows\system32\nvoglv64.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 25248064 c:\windows\system32\nvcompiler.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 10194752 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvwgf2umx.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 25743168 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvoglv64.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 19607872 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvoglv32.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 14298944 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvlddmkm.sys

+ 2012-05-22 23:17 . 2012-05-15 10:48 18044224 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvd3dumx.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 15322432 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvd3dum.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 30945512 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\NvCplSetupEng.exe

+ 2012-05-22 23:17 . 2012-05-15 10:48 17551680 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvcompiler32.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 25248064 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_a2030f0be10bcb45\nvcompiler.dll

+ 2012-05-22 23:06 . 2011-10-20 09:50 24743744 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_1fea808aa86028da\nvoglv64.dll

+ 2012-05-22 23:06 . 2011-10-20 09:50 18872128 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_1fea808aa86028da\nvoglv32.dll

+ 2012-05-22 23:06 . 2011-10-20 09:50 12972352 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_1fea808aa86028da\nvlddmkm.sys

+ 2012-05-22 23:06 . 2011-10-20 09:50 15694144 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_1fea808aa86028da\nvd3dumx.dll

+ 2012-05-22 23:06 . 2011-10-20 09:50 13205824 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_1fea808aa86028da\nvd3dum.dll

+ 2012-05-22 23:06 . 2011-10-20 09:50 17248576 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_1fea808aa86028da\nvcompiler32.dll

+ 2012-05-22 23:06 . 2011-10-20 09:50 24796992 c:\windows\system32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_1fea808aa86028da\nvcompiler.dll

+ 2012-05-22 23:17 . 2012-05-15 10:48 14298944 c:\windows\system32\drivers\nvlddmkm.sys

+ 2012-05-23 04:29 . 2012-05-23 04:29 17379840 c:\windows\Installer\43a9ba.msi

.

-- Snapshot reset to current date --

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CreativeTaskScheduler"="c:\program files (x86)\Creative\Shared Files\CTSched.exe" [2006-11-17 53341]

"Creative Software Update"="c:\program files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe" [2009-01-15 430968]

"MusicManager"="c:\users\Eganrac\AppData\Local\Programs\Google\MusicManager\MusicManager.exe" [2012-05-10 13805568]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"CTxfiHlp"="CTXFIHLP.EXE" [2010-05-05 25600]

"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-25 2416480]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]

.

c:\users\Eganrac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

CurseClientStartup.ccip [2012-5-11 0]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 0 (0x0)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 ALSysIO;ALSysIO;c:\users\Eganrac\AppData\Local\Temp\ALSysIO64.sys [x]

R3 Amazon Download Agent;Amazon Download Agent;c:\program files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [2009-10-23 401920]

R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-05-19 79360]

R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-03-03 79360]

R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [x]

R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [x]

R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [x]

R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]

R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\GameGuard\dump_wmimmc.sys [x]

R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]

R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]

R3 SSMO3v2Filter;MMO3v2 Mouse;c:\windows\system32\drivers\MO3v2Driver.sys [x]

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 BCSWAP;BCSWAP; [x]

S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]

S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2012-05-17 785344]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]

S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [2011-04-21 23680]

S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [x]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]

S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [x]

S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [x]

S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [x]

S3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\DRIVERS\e1c62x64.sys [x]

S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [x]

S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]

S3 VaneFltr;Lachesis Mouse Driver;c:\windows\system32\drivers\Lachesis.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Contents of the 'Scheduled Tasks' folder

.

2012-05-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3997576125-1133855517-1033892153-1000Core.job

- c:\users\Eganrac\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-03 05:11]

.

2012-05-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3997576125-1133855517-1033892153-1000UA.job

- c:\users\Eganrac\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-03 05:11]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2009-09-17 190472]

"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2009-08-14 415752]

"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2009-08-14 2093064]

"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2009-08-14 4195848]

"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-11 1873256]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

TCP: DhcpNameServer = 192.168.0.1 205.171.3.25

FF - ProfilePath - c:\users\Eganrac\AppData\Roaming\Mozilla\Firefox\Profiles\5br2vx7q.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/home.php?ref=hp

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=

FF - Ext: Targeted Advertising Cookie Opt-Out (TACO): optout@dubfire.net - c:\program files (x86)\Mozilla Firefox\extensions\optout@dubfire.net

FF - Ext: Skype extension: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

FF - Ext: Update Notifier: {95f24680-9e31-11da-a746-0800200c9a66} - c:\program files (x86)\Mozilla Firefox\extensions\{95f24680-9e31-11da-a746-0800200c9a66}

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - c:\program files (x86)\Mozilla Firefox\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

FF - Ext: BetterPrivacy: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3} - c:\program files (x86)\Mozilla Firefox\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}

FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com

FF - Ext: Flashblock: {3d7eb24f-2740-49df-8937-200b1cc08f8a} - %profile%\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}

FF - Ext: XHTML Mobile Profile: {8ea9957e-2953-402f-80e0-bceb5f169d6f} - %profile%\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}

FF - Ext: wmlbrowser: {c4dc572a-3295-40eb-b30f-b54aa4cdc4b7} - %profile%\extensions\{c4dc572a-3295-40eb-b30f-b54aa4cdc4b7}

FF - Ext: EWOQ Mobile Setup extension: {f035aa18-ee32-4e6e-81d2-57e32867f8a7} - %profile%\extensions\{f035aa18-ee32-4e6e-81d2-57e32867f8a7}

FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - c:\program files (x86)\AVG\AVG2012\Firefox

FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF - Ext: FiddlerHook: fiddlerhook@fiddler2.com - c:\program files (x86)\Fiddler2\FiddlerHook

FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-3997576125-1133855517-1033892153-1000\Software\SecuROM\License information*]

"datasecu"=hex:7f,79,b0,52,45,47,9e,d0,d6,d9,95,bb,a7,ef,f2,ca,65,56,68,29,d2,

cf,c0,00,cb,f3,2f,7f,f2,db,75,25,31,ec,3c,9e,3f,21,3e,f7,27,e6,e7,f0,6b,77,\

"rkeysecu"=hex:b7,86,a4,1d,e9,d1,63,3d,ad,54,a8,46,4c,8b,0d,37

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe

.

**************************************************************************

.

Completion time: 2012-05-22 23:39:10 - machine was rebooted

ComboFix-quarantined-files.txt 2012-05-23 06:39

ComboFix2.txt 2012-05-19 18:35

.

Pre-Run: 72,054,411,264 bytes free

Post-Run: 71,979,479,040 bytes free

.

- - End Of File - - 488574A439D060D2D118A9AFBB7CDFA2

Share this post


Link to post
Share on other sites

Is the widgi problem resolved now?

If ESET isn't running please run a full scan with your installed AVG and let me know what was found, if anything.

Share this post


Link to post
Share on other sites

ran a full scan with avg and nothing was found. =/ It doesnt seem to be causing any issues, just dont like seeing it in my startup knowing that it's spyware :P

Share this post


Link to post
Share on other sites

I can imagine that. :) To disable unnecessary startup items you can also use Startup Lite.

ALL CLEAN

--------------

Your machine appears to be clean, please take the time to read below on how to secure the machine and take the necessary steps to keep it clean :)

Please do the following to remove the remaining programs from your PC:

  • Delete the tools used during the disinfection:
    • Press windows key Windows_Logo_key.gif + r on your keyboard at the same time. In the run box type combofix /uninstall, then press OK.
      run-box.jpg
    • This will remove Combofix and other tools we used from your computer.

    [*]You can delete any other tool or log by simply deleting them.

Please read the following advice on how to prevent reinfecting your PC:

  1. Install and update the following programs regularly:
    • an outbound firewall. If you are connected to the internet through a router, you are already behind a hardware firewall and as such you do not need an extra software firewall.
      A comprehensive tutorial and a list of possible firewalls can be found here.
    • an AntiVirus Software
      It is imperative that you update your AntiVirus Software on regular basis.If you do not update your AntiVirus Software then it will not be able to catch the latest threats.
    • an Anti-Spyware program
      Malware Byte's Anti Malware is an excellent Anti-Spyware scanner. It's scan times are usually under ten minutes, and has excellent detection and removal rates.
      SUPERAntiSpyware is another good scanner with high detection and removal rates.
      Both programs are free for non commercial home use but provide a resident and do not nag if you purchase the paid versions.
    • Spyware Blaster
      A tutorial for Spywareblaster can be found here. If you wish, the commercial version provides automatic updating.

[*]Keep Windows (and your other Microsoft software) up to date!

I cannot stress how important this is enough. Often holes are found in Internet Explorer or Windows itself that require patching. Sometimes these holes will allow an attacker unrestricted access to your computer.

Therefore, please, visit the Microsoft Update Website and follow the on screen instructions to setup Microsoft Update. Also follow the instructions to update your system. Please REBOOT and repeat this process until there are no more updates to install!!

[*]Keep your other software up to date as well

Software does not need to be made by Microsoft to be insecure. You can use the Secunia Online Software occasionally to help you check for out of date software on yourmachine.

[*]Stay up to date!

The MOST IMPORTANT part of any security setup is keeping the software up to date. Malware writers release new variants every single day. If your software updates don't keep up, then the malware will always be one step ahead. Not a good thing.

Some more links you might find of interest:

Please reply to this topic if you have read the above information. If your computer is working fine, this topic will be closed afterwards.

Share this post


Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.