sands00

November 14, 2013

Isn't this posted already above ur message .I know I ran it

November 14, 2013

can u post the otlfix so i can download it.

November 14, 2013

OTL logfile created on: 11/14/2013 12:57:52 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\v'cxxv'cv'cxxv'cv'cv\Documents\Downloads
64bit-Windows XP Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.80 Gb Total Physical Memory | 2.32 Gb Available Physical Memory | 61.06% Memory free
7.61 Gb Paging File | 5.85 Gb Available in Paging File | 76.98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453.98 Gb Total Space | 409.46 Gb Free Space | 90.19% Space Free | Partition Type: NTFS

Computer Name: -PC | User Name: v'cxxv'cv'cxxv'cv'cv | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/14 12:57:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\v'cxxv'cv'cxxv'cv'cv\My Documents\Downloads\OTL.com
PRC - [2013/10/20 08:33:11 | 000,274,840 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/10/09 09:11:16 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
PRC - [2013/05/11 05:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/09/05 10:57:26 | 000,271,808 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
PRC - [2009/12/09 18:21:56 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/12/09 18:21:52 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

========== Modules (No Company Name) ==========

MOD - [2013/10/20 08:33:11 | 003,279,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/10/09 09:11:16 | 016,233,864 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/09/28 14:30:28 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/02/05 19:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/07/28 17:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV - [2013/10/20 08:33:11 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/10/09 09:11:16 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/11 05:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2010/03/18 15:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/09 18:21:56 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/12/09 18:21:52 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/10/06 11:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/03/31 16:50:16 | 000,724,536 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2010/03/10 20:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/03/04 19:53:00 | 000,075,816 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/02/20 10:24:34 | 010,300,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/02/10 17:01:58 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/01 12:29:48 | 000,232,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/01/15 14:22:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/11/06 14:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/09/17 14:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/30 22:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 17:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/07 10:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2009/06/22 19:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {E0988084-C67F-4934-AD30-8C23E0BC6B76}
IE:64bit: - HKLM\..\SearchScopes\{E0988084-C67F-4934-AD30-8C23E0BC6B76}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{A9D8E67A-9BEE-4F9B-9027-327EE8236F45}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/g/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.toshiba.com/g/
IE - HKCU\..\SearchScopes,DefaultScope = {A9D8E67A-9BEE-4F9B-9027-327EE8236F45}
IE - HKCU\..\SearchScopes\{A9D8E67A-9BEE-4F9B-9027-327EE8236F45}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF_enUS534
IE - HKCU\..\SearchScopes\{F59515E6-EA5F-4EB8-93D6-C34735898DE9}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNF
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: firefox%40batbrowse.com:1.0.0
FF - prefs.js..extensions.enabledAddons: support%40tubedimmerapp.com:2.6.47
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/04/30 01:40:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Roaming\Mozilla\Extensions
[2013/11/14 08:34:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Roaming\Mozilla\Firefox\Profiles\drkjuegq.default-1372979702731\extensions
[2013/10/29 11:55:58 | 000,000,000 | ---D | M] (ScorpionSaver) -- C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Roaming\Mozilla\Firefox\Profiles\drkjuegq.default-1372979702731\extensions\ScorpionSaver@jetpack
[2013/11/11 14:45:45 | 000,000,000 | ---D | M] (Tube Dimmer) -- C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Roaming\Mozilla\Firefox\Profiles\drkjuegq.default-1372979702731\extensions\[email protected]
[2013/11/11 14:45:45 | 000,000,000 | ---D | M] (WordExtra) -- C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Roaming\Mozilla\Firefox\Profiles\drkjuegq.default-1372979702731\extensions\[email protected]
[2013/11/13 21:22:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Roaming\Mozilla\Firefox\Profiles\pseih4rn.default-1382107281861\extensions
[2013/10/29 10:58:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Roaming\Mozilla\Firefox\Profiles\pseih4rn.default-1382107281861\extensions\ScorpionSaver@jetpack
[2013/10/29 12:49:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Roaming\Mozilla\Firefox\Profiles\pseih4rn.default-1382107281861\extensions\staged
[2013/11/11 14:45:44 | 000,000,000 | ---D | M] (WordExtra) -- C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Roaming\Mozilla\Firefox\Profiles\pseih4rn.default-1382107281861\extensions\[email protected]
[2013/10/22 14:29:14 | 000,007,817 | ---- | M] () (No name found) -- C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Roaming\Mozilla\Firefox\Profiles\drkjuegq.default-1372979702731\extensions\[email protected]
[2013/11/14 08:34:29 | 000,477,497 | ---- | M] () (No name found) -- C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Roaming\Mozilla\Firefox\Profiles\drkjuegq.default-1372979702731\extensions\[email protected]
[2013/10/22 14:29:14 | 000,007,817 | ---- | M] () (No name found) -- C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Roaming\Mozilla\Firefox\Profiles\pseih4rn.default-1382107281861\extensions\[email protected]
[2013/11/08 10:04:59 | 000,002,568 | ---- | M] () -- C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Roaming\Mozilla\Firefox\Profiles\drkjuegq.default-1372979702731\searchplugins\aol-search.xml
[2013/11/14 08:34:28 | 000,002,544 | ---- | M] () -- C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Roaming\Mozilla\Firefox\Profiles\drkjuegq.default-1372979702731\searchplugins\ask-search.xml
[2013/10/29 12:38:34 | 000,003,746 | ---- | M] () -- C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Roaming\Mozilla\Firefox\Profiles\drkjuegq.default-1372979702731\searchplugins\safeguard-secure-search.xml
[2013/11/13 07:39:44 | 000,001,102 | ---- | M] () -- C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Roaming\Mozilla\Firefox\Profiles\drkjuegq.default-1372979702731\searchplugins\sweetpacks-a5-customized-web-search.xml
[2013/11/12 18:46:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/11/12 18:46:57 | 000,000,000 | ---D | M] () -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2013/11/12 18:46:57 | 000,000,000 | ---D | M] (WordExtra) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2013/11/12 18:46:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/11/12 18:47:04 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/11/12 18:46:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
[2013/11/12 18:46:57 | 000,000,000 | ---D | M] (AOL Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}

========== Chrome ==========

CHR - Extension: No name found = C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfaifkapfifnanhhiidacmhldddojchn\1.0_0\
CHR - Extension: No name found = C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Local\Google\Chrome\User Data\Default\Extensions\gohhkpbcblcpnaghfmnkfangnkkagacg\1.8.2.0_0\
CHR - Extension: No name found = C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.47_0\
CHR - Extension: No name found = C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: No name found = C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob\2014.6.0.27_0\
CHR - Extension: No name found = C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\
CHR - Extension: No name found = C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg\5.0_0\

O1 HOSTS File: ([2013/11/14 11:16:55 | 000,000,741 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4:64bit: - HKLM..\Run: [smartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [smoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ToshibaAppPlace] C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe (Toshiba)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 10.25.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.25.5.61 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{035763F2-93BA-4163-BBA3-93ABDC6EEE87}: DhcpNameServer = 24.25.5.61 8.8.8.8
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/11/14 11:25:32 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/11/14 11:23:47 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2013/11/14 11:23:47 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2013/11/14 11:23:47 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2013/11/14 11:23:42 | 000,000,000 | --SD | C] -- C:\ComboFix
[2013/11/14 11:22:36 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/11/14 11:22:15 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2013/11/14 11:22:13 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2013/11/14 11:14:47 | 000,000,000 | ---D | C] -- C:\Users\v'cxxv'cv'cxxv'cv'cv\Desktop\RK_Quarantine
[2013/11/14 10:40:44 | 000,000,000 | ---D | C] -- C:\windows\Sun
[2013/11/14 10:40:44 | 000,000,000 | ---D | C] -- C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Local\Sun
[2013/11/14 08:12:06 | 000,000,000 | ---D | C] -- C:\ProgramData\AskPartnerNetwork
[2013/11/14 08:12:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AskPartnerNetwork
[2013/11/14 08:11:49 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2013/11/13 22:41:33 | 000,000,000 | ---D | C] -- C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Roaming\Malwarebytes
[2013/11/13 22:38:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/11/13 22:38:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/11/13 22:38:29 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2013/11/13 22:38:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/11/13 22:18:18 | 000,000,000 | ---D | C] -- C:\windows\ERUNT
[2013/11/13 21:28:40 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll
[2013/11/13 21:28:39 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SmartcardCredentialProvider.dll
[2013/11/13 21:28:29 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll
[2013/11/13 21:28:29 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\credui.dll
[2013/11/13 21:28:28 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SmartcardCredentialProvider.dll
[2013/11/13 21:27:49 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\crypt32.dll
[2013/11/13 21:07:21 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/13 20:09:04 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2013/11/13 20:09:04 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
[2013/11/13 20:09:04 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
[2013/11/13 20:09:04 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
[2013/11/13 20:09:04 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll
[2013/11/13 19:59:52 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2013/11/13 19:59:52 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2013/11/13 19:59:51 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013/11/13 19:59:50 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013/11/13 19:59:50 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2013/11/13 19:59:50 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2013/11/13 19:59:50 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2013/11/13 19:59:50 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2013/11/13 19:59:49 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2013/11/13 19:59:49 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2013/11/13 19:59:49 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013/11/13 19:59:48 | 002,334,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013/11/13 19:59:48 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013/11/13 19:59:48 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013/11/13 19:59:48 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2013/11/13 19:58:21 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll
[2013/11/13 19:58:15 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nshwfp.dll
[2013/11/13 19:58:15 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\FWPUCLNT.DLL
[2013/11/13 19:58:14 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nshwfp.dll
[2013/11/13 19:58:14 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FWPUCLNT.DLL
[2013/11/10 09:29:17 | 000,000,000 | ---D | C] -- C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Local\WordExtra
[2013/11/10 09:26:19 | 000,000,000 | ---D | C] -- C:\Users\v'cxxv'cv'cxxv'cv'cv\Documents\Downloads
[2013/10/29 21:51:07 | 000,000,000 | ---D | C] -- C:\Users\v'cxxv'cv'cxxv'cv'cv\Documents\Symantec
[2013/10/29 16:00:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013/10/29 14:32:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vafmusic4
[2013/10/29 14:31:33 | 000,000,000 | ---D | C] -- C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Roaming\Uniblue
[2013/10/29 14:31:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uniblue
[2013/10/29 12:47:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Level Quality Watcher
[2013/10/29 12:46:34 | 000,000,000 | ---D | C] -- C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Local\Programs
[2013/10/29 12:39:10 | 000,000,000 | ---D | C] -- C:\Users\v'cxxv'cv'cxxv'cv'cv\Documents\Mobogenie
[2013/10/29 12:39:10 | 000,000,000 | ---D | C] -- C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Local\Mobogenie
[2013/10/29 12:39:10 | 000,000,000 | ---D | C] -- C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Local\cache
[2013/10/29 12:38:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mobogenie
[2013/10/29 12:38:26 | 000,000,000 | ---D | C] -- C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Local\AVG SafeGuard toolbar
[2013/10/29 12:38:11 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG SafeGuard toolbar
[2013/10/29 12:38:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG SafeGuard toolbar
[2013/10/29 12:35:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Common Files
[2013/10/29 12:28:26 | 000,000,000 | ---D | C] -- C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Local\Toshiba Corporation
[2013/10/29 12:09:25 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NSTx64
[2013/10/29 12:09:25 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\NSTx64\7DE06000.01B
[2013/10/29 12:09:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Identity Safe
[2013/10/29 10:58:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ScorpionSaver
[2013/10/29 10:57:15 | 000,000,000 | ---D | C] -- C:\temp
[2013/10/29 10:54:43 | 000,000,000 | ---D | C] -- C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Local\NativeMessaging
[2013/10/22 08:02:43 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbport.sys
[2013/10/22 08:02:43 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbd.sys
[2013/10/20 09:06:02 | 000,000,000 | ---D | C] -- C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
[2013/10/20 08:33:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/10/19 14:37:47 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\comctl32.dll
[2013/10/19 14:37:45 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidclass.sys
[2013/10/19 14:37:45 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidparse.sys
[2013/10/19 14:37:44 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll
[2013/10/19 14:37:44 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll
[2013/10/19 14:37:44 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lpk.dll
[2013/10/19 14:37:44 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dciman32.dll
[2013/10/19 14:37:43 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\davclnt.dll
[2013/10/19 14:37:43 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fontsub.dll
[2013/10/19 14:37:43 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fontsub.dll
[2013/10/19 14:37:43 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll
[2013/10/19 14:37:43 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll
[2013/10/19 14:37:39 | 005,549,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2013/10/19 14:37:38 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\advapi32.dll
[2013/10/19 14:37:37 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2013/10/19 14:37:37 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2013/10/19 14:37:37 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2013/10/19 14:37:37 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdh.dll
[2013/10/19 14:37:37 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdh.dll
[2013/10/19 14:37:36 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2013/10/19 14:37:36 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2013/10/19 14:37:36 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2013/10/19 14:37:36 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2013/10/19 14:37:36 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2013/10/19 14:37:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[2013/10/19 14:34:27 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2013/10/19 14:34:27 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2013/10/19 14:32:51 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scavengeui.dll
[2013/10/18 20:06:10 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013/10/18 19:54:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flash Player Pro
[2013/10/18 19:54:12 | 000,000,000 | ---D | C] -- C:\Users\v'cxxv'cv'cxxv'cv'cv\Documents\Flash Player Pro
[2013/10/18 19:54:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Flash Player Pro
[2013/10/18 18:32:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013/10/18 09:41:27 | 000,000,000 | ---D | C] -- C:\Users\v'cxxv'cv'cxxv'cv'cv\Desktop\Old Firefox Data-1
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/11/14 12:48:59 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/14 12:47:35 | 000,726,316 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/11/14 12:47:35 | 000,624,178 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/11/14 12:47:35 | 000,106,522 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/11/14 12:46:18 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/11/14 12:08:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/11/14 12:01:22 | 000,015,792 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/14 12:01:22 | 000,015,792 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/14 11:54:36 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/14 11:54:11 | 3063,033,856 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/14 11:16:55 | 000,000,741 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2013/11/13 23:14:26 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/03 21:19:13 | 000,275,712 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/10/29 12:49:50 | 000,000,404 | ---- | M] () -- C:\Users\v'cxxv'cv'cxxv'cv'cv\Desktop\FREE Games.url
[2013/10/29 12:38:20 | 000,003,746 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
[2013/10/20 09:57:32 | 000,001,266 | ---- | M] () -- C:\Users\v'cxxv'cv'cxxv'cv'cv\Desktop\Norton Installation Files.lnk
[2013/10/19 09:20:26 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/11/14 11:23:47 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2013/11/14 11:23:47 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2013/11/14 11:23:47 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2013/11/14 11:23:47 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2013/11/14 11:23:47 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2013/11/13 22:38:30 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/10/29 12:49:50 | 000,000,404 | ---- | C] () -- C:\Users\v'cxxv'cv'cxxv'cv'cv\Desktop\FREE Games.url
[2013/10/29 12:38:10 | 000,003,746 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
[2013/10/20 09:06:02 | 000,001,266 | ---- | C] () -- C:\Users\v'cxxv'cv'cxxv'cv'cv\Desktop\Norton Installation Files.lnk
[2013/10/19 09:20:26 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/10/19 09:20:24 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:373E1720

< End of report >

can't believe i got it

November 14, 2013

I haven't found anything else to run. Let me know what u need. I know u wish u had never heard of me. I am so blessed and thankful for your help.

November 14, 2013

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by v'cxxv'cv'cxxv'cv'cv on Wed 11/13/2013 at 22:18:19.88
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FE184143-F1A0-4252-9626-4E9273E3832C}
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"

~~~ Files

Successfully deleted: [File] "C:\Users\v'cxxv'cv'cxxv'cv'cv\appdata\locallow\SkwConfig.bin"
Successfully deleted: [File] "C:\users\default user\start menu\programs\startup\best buy pc app.lnk"

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\best buy pc app"
Successfully deleted: [Folder] "C:\Users\v'cxxv'cv'cxxv'cv'cv\appdata\local\best buy pc app"
Successfully deleted: [Folder] "C:\Users\v'cxxv'cv'cxxv'cv'cv\appdata\local\cre"
Successfully deleted: [Folder] "C:\Program Files (x86)\browsersafeguard"
Successfully deleted: [Folder] "C:\Program Files (x86)\social privacy"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pc fix speed"

~~~ FireFox

Successfully deleted: [Folder] C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Roaming\mozilla\firefox\profiles\drkjuegq.default-1372979702731\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
Emptied folder: C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Roaming\mozilla\firefox\profiles\drkjuegq.default-1372979702731\minidumps [21 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 11/13/2013 at 22:30:38.40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

couldn't get the last log. reran it again and it still didn 't come up.

November 14, 2013

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by v'cxxv'cv'cxxv'cv'cv on Wed 11/13/2013 at 22:18:19.88
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FE184143-F1A0-4252-9626-4E9273E3832C}
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"

~~~ Files

Successfully deleted: [File] "C:\Users\v'cxxv'cv'cxxv'cv'cv\appdata\locallow\SkwConfig.bin"
Successfully deleted: [File] "C:\users\default user\start menu\programs\startup\best buy pc app.lnk"

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\best buy pc app"
Successfully deleted: [Folder] "C:\Users\v'cxxv'cv'cxxv'cv'cv\appdata\local\best buy pc app"
Successfully deleted: [Folder] "C:\Users\v'cxxv'cv'cxxv'cv'cv\appdata\local\cre"
Successfully deleted: [Folder] "C:\Program Files (x86)\browsersafeguard"
Successfully deleted: [Folder] "C:\Program Files (x86)\social privacy"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pc fix speed"

~~~ FireFox

Successfully deleted: [Folder] C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Roaming\mozilla\firefox\profiles\drkjuegq.default-1372979702731\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
Emptied folder: C:\Users\v'cxxv'cv'cxxv'cv'cv\AppData\Roaming\mozilla\firefox\profiles\drkjuegq.default-1372979702731\minidumps [21 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 11/13/2013 at 22:30:38.40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

November 14, 2013

thank u

November 14, 2013

thin k i found it.

November 14, 2013

do u have it now

November 14, 2013

norton error fix 3043,1000

ips definition failed

the required .net framework is not found-

search.conduit.com please remove

gfxui not working

toshiba app place has stopped working --Smart audio II appl terminated

I have to keep refreshing when I'm in a site.

I have to go to restore recovery about every 45 moinutes

Sign In

sands00

Content Count

Joined

Last visited

Content Type

Profiles

Forums

Calendar

Posts posted by sands00

remove mess on computer and add whar is needed

remove mess on computer and add whar is needed

remove mess on computer and add whar is needed

remove mess on computer and add whar is needed

remove mess on computer and add whar is needed

remove mess on computer and add whar is needed

remove mess on computer and add whar is needed

remove mess on computer and add whar is needed

remove mess on computer and add whar is needed

remove mess on computer and add whar is needed

Browse

Activity