Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

window 7 pop ups

Started by tnn86 , Dec 21 2011 11:40 AM

  • Please log in to reply

#1
tnn86
Posted 21 December 2011 - 11:40 AM

tnn86

    Member

  • Member
  • PipPipPip
  • 110 posts
Hello,

I am starting a new post from the one I posted up on the 13th that was never replied.

On the 13th I kept getting windows 7 internet security pop up saying that I have a virus. I knew it could not be legit because I never recalled downloading windows 7 internet security. The internet was also not working so I had to download OTL from my other computer and putting it on a flash drive to run on the infected laptop. The OTL ran but the text box never showed up.
I posted it on the website and after no reply I checked the laptop again and there were no more pop ups but the internet was still down. So I tried running OTL again this time it worked.

here is the OTL text:

OTL logfile created on: 12/21/2011 11:59:39 AM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = G:\
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 2.15 Gb Available Physical Memory | 71.98% Memory free
5.98 Gb Paging File | 5.12 Gb Available in Paging File | 85.72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.97 Gb Total Space | 14.66 Gb Free Space | 10.55% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.11 Gb Free Space | 51.12% Space Free | Partition Type: NTFS
Drive F: | 3.68 Gb Total Space | 0.15 Gb Free Space | 4.09% Space Free | Partition Type: FAT32
Drive G: | 3.79 Gb Total Space | 2.46 Gb Free Space | 64.88% Space Free | Partition Type: FAT32

Computer Name: TONY-PC | User Name: Tony | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/16 08:22:40 | 000,584,192 | ---- | M] (OldTimer Tools) -- G:\OTL.exe
PRC - [2011/07/25 21:18:04 | 001,030,112 | ---- | M] (NETGEAR) -- C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe
PRC - [2011/07/15 02:00:16 | 000,797,152 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe
PRC - [2011/07/15 02:00:16 | 000,467,424 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\genie_tray.exe
PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/05/10 07:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/05/10 07:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/03/17 15:55:42 | 001,565,696 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Verizon\McciTrayApp.exe


========== Modules (No Company Name) ==========

MOD - [2011/07/25 03:47:10 | 001,135,104 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Internet.dll
MOD - [2011/07/25 03:29:36 | 000,837,632 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll
MOD - [2011/07/25 03:13:54 | 001,305,088 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\Genie.dll
MOD - [2011/07/18 04:22:32 | 001,747,456 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Map.dll
MOD - [2011/07/18 03:49:22 | 005,945,856 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Resource.dll
MOD - [2011/07/17 21:28:56 | 000,409,088 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\InnerPlugin_TrafficMeter.dll
MOD - [2011/07/17 20:17:14 | 001,003,520 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll
MOD - [2011/07/15 02:00:16 | 000,797,152 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe
MOD - [2011/07/15 02:00:16 | 000,467,424 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\genie_tray.exe
MOD - [2011/07/15 01:56:44 | 000,149,504 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\DiagnoseDll.dll
MOD - [2011/07/14 22:29:18 | 000,270,336 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\InnerPlugin_FirmwareUpdate.dll
MOD - [2011/07/14 22:19:42 | 000,613,888 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Statistics.dll
MOD - [2011/06/23 02:09:24 | 000,495,104 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll
MOD - [2011/06/22 03:29:30 | 000,573,952 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Wireless.dll
MOD - [2011/06/22 03:29:30 | 000,134,656 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\DiagnosePlugin.dll
MOD - [2011/06/21 20:28:18 | 000,116,224 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\WSetupApiPlugin.dll
MOD - [2011/06/21 20:28:18 | 000,076,288 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\WSetupDll.dll
MOD - [2011/06/21 04:59:36 | 000,467,456 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll
MOD - [2011/06/21 04:59:36 | 000,188,416 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Info.dll
MOD - [2011/06/21 04:15:36 | 000,186,368 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\DragonNetTool.dll
MOD - [2011/06/21 04:14:28 | 000,433,664 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\topologylib.dll
MOD - [2011/06/21 04:14:28 | 000,180,224 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\ping.dll
MOD - [2011/06/21 04:14:28 | 000,093,184 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\netscanlib.dll
MOD - [2011/06/21 04:14:28 | 000,091,136 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\netbioslib.dll
MOD - [2011/06/21 04:14:28 | 000,089,088 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\pinglib.dll
MOD - [2011/06/21 04:14:28 | 000,076,800 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\netscan.dll
MOD - [2011/06/21 04:14:28 | 000,072,704 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\netbios.dll
MOD - [2011/06/21 03:52:00 | 000,128,512 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_FeedBack.dll
MOD - [2011/06/21 02:43:56 | 009,814,016 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\QtGui4.dll
MOD - [2011/06/21 02:43:56 | 002,537,472 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\QtCore4.dll
MOD - [2011/06/21 02:43:56 | 001,140,224 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\QtNetwork4.dll
MOD - [2011/06/21 02:43:56 | 000,399,360 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\QtXml4.dll
MOD - [2011/06/21 02:43:56 | 000,287,232 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\imageformats\qjpeg4.dll
MOD - [2011/06/21 02:43:56 | 000,159,232 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\QtTest4.dll
MOD - [2011/06/21 02:43:56 | 000,083,456 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\imageformats\qico4.dll
MOD - [2011/06/21 02:43:56 | 000,083,456 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\imageformats\qgif4.dll
MOD - [2011/06/21 02:43:56 | 000,043,008 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\libgcc_s_dw2-1.dll
MOD - [2011/06/21 02:43:56 | 000,011,362 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\mingwm10.dll
MOD - [2011/02/06 10:32:14 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2007/08/18 02:54:28 | 000,380,928 | ---- | M] () -- C:\Windows\System32\ac3filter.acm


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (IHA_MessageCenter)
SRV - [2011/12/13 00:15:46 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/07/25 21:18:04 | 001,030,112 | ---- | M] (NETGEAR) [Auto | Running] -- C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe -- (NETGEARGenieDaemon)
SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/05/10 07:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/04/10 20:31:19 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/07/13 20:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)


========== Driver Services (SafeList) ==========

DRV - [2011/11/09 17:11:27 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2011/05/10 07:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/05/10 07:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/05/10 07:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/05/10 06:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/05/10 06:59:44 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/05/10 06:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/04/08 22:01:54 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d)
DRV - [2010/11/20 07:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 07:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 07:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 05:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 04:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 04:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 04:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/07/13 08:56:36 | 000,065,640 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2010/04/19 18:29:20 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010/03/17 15:53:38 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/03/17 15:53:22 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/07/13 17:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) Broadcom NetLink ™
DRV - [2009/06/25 15:58:10 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2009/06/25 15:25:58 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2009/06/25 15:10:48 | 000,044,544 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?...l_date=20111023
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BF 65 F5 E5 3A F6 CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://mp3tubetoolba...8cfb84c60a6464e
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search..defaultengine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..defaultenginename: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..order.1: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..selectedEngine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search..selectedEngineURL: "http://mp3tubetoolba...={searchTerms}"
FF - prefs.js..browser.search.defaultengine: "Yahoo-Mp3Tube"
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "Bing"
FF - prefs.js..browser.search.order.1: "Bing"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.selectedEngineURL: "http://mp3tubetoolba...={searchTerms}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..keyword.URL: "http://mp3tubetoolba...removelink2&q="

FF - user.js..keyword.URL: "http://mp3tubetoolba...removelink2&q="
FF - user.js..keyword.enabled: 1

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=4.0: C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Tony\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Tony\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Tony\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Tony\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/05/24 18:50:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/04/28 15:56:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\Firefox [2011/04/28 15:57:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/04/29 13:07:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/12 21:36:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/12/12 21:36:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/04/28 15:56:21 | 000,000,000 | ---D | M]

[2011/04/08 17:22:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tony\AppData\Roaming\Mozilla\Extensions
[2011/12/12 16:05:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\vamazwbw.default\extensions
[2011/12/12 16:05:17 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\vamazwbw.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/12/06 10:08:42 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\vamazwbw.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2011/11/14 15:57:26 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\vamazwbw.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/10/23 16:31:58 | 000,000,000 | ---D | M] (SmartDeals) -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\vamazwbw.default\extensions\[email protected]
[2011/04/08 22:31:58 | 000,002,568 | ---- | M] () -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\vamazwbw.default\searchplugins\askcom.xml
[2011/10/23 16:31:58 | 000,001,945 | ---- | M] () -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\vamazwbw.default\searchplugins\bing-zugo.xml
[2011/08/11 19:16:42 | 000,001,211 | ---- | M] () -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\vamazwbw.default\searchplugins\Mp3Tube.xml
[2011/11/29 16:29:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/11/29 16:29:15 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/05/04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/09/30 23:08:28 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml.old
[2011/08/11 19:16:42 | 000,001,211 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Mp3Tube.xml
[2011/11/29 16:29:15 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========


Hosts file not found
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {46897C77-E7A6-4C33-BFFB-E9C2E2718942} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe (Alcatel-Lucent)
O4 - HKCU..\Run: [NETGEARGenie] C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - %SystemRoot%\System32\winrnr.dll File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: vzTCPConfig http://my.verizon.co...vzTCPConfig.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0B8E4A03-3CE1-468F-8929-C61A65DD52A6}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6BB2ABFC-9E17-4F09-BBA5-DABF54D30FD2}: DhcpNameServer = 172.26.38.1 172.26.38.2 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{79588A27-FE72-40A1-B107-B6F3D370187A}: DhcpNameServer = 10.0.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{f68699a7-622f-11e0-a138-00217077dac4}\Shell - "" = AutoRun
O33 - MountPoints2\{f68699a7-622f-11e0-a138-00217077dac4}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = Kbf] -- "C:\Users\Tony\AppData\Local\yhx.exe" -a "%1" %* (Microsoft Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2011/12/19 18:57:17 | 000,000,000 | ---D | C] -- C:\Users\Tony\AppData\Local\Diagnostics
[2011/12/12 21:29:35 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Users\Tony\AppData\Local\yhx.exe
[2011/12/02 12:21:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PKR
[2011/12/02 12:21:17 | 000,000,000 | ---D | C] -- C:\Program Files\PKR

========== Files - Modified Within 30 Days ==========

[2011/12/21 12:03:18 | 000,628,320 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/12/21 12:03:18 | 000,108,466 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/12/21 11:58:19 | 000,014,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/21 11:58:19 | 000,014,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/21 11:49:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/21 11:49:23 | 2408,034,304 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/19 18:45:03 | 000,010,614 | -HS- | M] () -- C:\Users\Tony\AppData\Local\q8ek34q6dk3uce
[2011/12/19 18:45:03 | 000,010,614 | -HS- | M] () -- C:\ProgramData\q8ek34q6dk3uce
[2011/12/12 23:53:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3004916349-4188257596-3473950004-1001UA.job
[2011/12/12 23:17:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/12 18:17:00 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/10 21:43:27 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3004916349-4188257596-3473950004-1001Core.job
[2011/12/02 12:21:17 | 000,001,767 | ---- | M] () -- C:\Users\Public\Desktop\Play PKR Lite.lnk
[2011/12/02 12:21:17 | 000,000,899 | ---- | M] () -- C:\Users\Public\Desktop\Play PKR.lnk
[2011/11/21 16:19:29 | 000,111,316 | ---- | M] () -- C:\Users\Tony\Desktop\password to all medical.png

========== Files Created - No Company Name ==========

[2011/12/12 21:29:52 | 000,010,614 | -HS- | C] () -- C:\Users\Tony\AppData\Local\q8ek34q6dk3uce
[2011/12/12 21:29:52 | 000,010,614 | -HS- | C] () -- C:\ProgramData\q8ek34q6dk3uce
[2011/12/02 12:21:17 | 000,001,767 | ---- | C] () -- C:\Users\Public\Desktop\Play PKR Lite.lnk
[2011/12/02 12:21:17 | 000,000,899 | ---- | C] () -- C:\Users\Public\Desktop\Play PKR.lnk
[2011/11/21 16:19:29 | 000,111,316 | ---- | C] () -- C:\Users\Tony\Desktop\password to all medical.png
[2011/10/23 16:31:56 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/10/23 16:31:56 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/06/21 19:30:51 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2011/06/13 20:46:35 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/04/28 15:49:28 | 000,207,001 | ---- | C] () -- C:\Windows\hpoins46.dat
[2010/03/31 19:34:36 | 000,000,574 | ---- | C] () -- C:\Windows\hpomdl46.dat
[2009/09/23 18:16:08 | 002,050,952 | ---- | C] () -- C:\Windows\System32\igkrng400.bin
[2009/07/13 23:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 23:33:53 | 000,410,528 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 21:05:48 | 000,628,320 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 21:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 21:05:48 | 000,108,466 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 21:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 21:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 21:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 18:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

========== LOP Check ==========

[2011/09/02 23:11:26 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\FrostWire
[2011/05/29 21:01:48 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\LolClient
[2011/05/10 18:47:41 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Softplicity
[2011/04/23 08:43:18 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\TechWizard
[2011/12/21 11:49:43 | 000,017,138 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >


Please reply to my post this time and help me resolve my issue.
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP