Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer with serious issues. [Closed]


  • This topic is locked This topic is locked

#1
The Cool Panda Guy

The Cool Panda Guy

    New Member

  • Member
  • Pip
  • 4 posts
Hi there. My computer has been having issues for awhile now but I could never figure out how to fix it or where to go for help, but then I came across this site. My firefox browser has developed a problem. When I open a new tab it goes to a "conduit" search bar, also "a toolbar download was blocked by mcafee" pops up from time to time and I'm assuming it's a virus. One last thing, my computer has this strange habit when I watch youtube or any type of video, I'll watch a video and have something else open like a forum or even another youtube page and when I switch tabs contents from the previous tab are pasted onto the screen. For example, I'll watch a video, switch to my other tab, and the contents from the last page are displayed even though I changed the tab. "Youtube broadcast yourself" will be on my other tab and will disappear after I scroll up and down continuously.

My computer's only 3 months old and it's already dying. :( help?



OTL.Txt
|
V
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
OTL logfile created on: 8/14/2012 5:35:11 AM - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Nick\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

11.96 Gb Total Physical Memory | 8.78 Gb Available Physical Memory | 73.39% Memory free
23.93 Gb Paging File | 19.97 Gb Available in Paging File | 83.46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1850.72 Gb Total Space | 1788.23 Gb Free Space | 96.62% Space Free | Partition Type: NTFS

Computer Name: NICK-PC | User Name: Nick | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/14 05:34:37 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Nick\Downloads\OTL.exe
PRC - [2012/08/02 16:06:28 | 000,173,056 | ---- | M] (Dell Products, LP.) -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
PRC - [2012/08/02 12:49:46 | 000,997,408 | ---- | M] (iolo technologies, LLC) -- C:\Program Files (x86)\iolo\System Mechanic\SystemGuardAlerter.exe
PRC - [2012/08/02 11:25:10 | 001,027,792 | ---- | M] (iolo technologies, LLC) -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
PRC - [2012/07/27 09:37:21 | 001,536,712 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe
PRC - [2012/07/16 02:27:47 | 001,677,856 | ---- | M] (bProtector) -- C:\ProgramData\bProtectorForWindows\2.2.463.83\bProtect.exe
PRC - [2012/07/13 17:17:11 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/07/03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/02/18 07:59:28 | 000,282,648 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
PRC - [2012/02/16 23:33:34 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/01/21 09:35:24 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/01/21 09:35:22 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/01/21 09:35:18 | 000,128,280 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2011/12/29 16:12:06 | 000,158,880 | ---- | M] (Atheros) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011/12/26 18:53:00 | 000,076,960 | ---- | M] (Atheros) -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
PRC - [2011/11/29 18:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/11/29 18:04:54 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/11/20 20:23:51 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schtasks.exe


========== Modules (No Company Name) ==========

MOD - [2012/07/27 09:37:20 | 009,465,032 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll
MOD - [2012/07/16 02:27:47 | 002,008,096 | ---- | M] () -- c:\ProgramData\bProtectorForWindows\2.2.463.83\protector.dll
MOD - [2012/07/13 17:17:14 | 002,003,424 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/06/12 23:16:43 | 000,487,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\33e53ffe7ba7362a2d483ef4ea79bfe3\IAStorUtil.ni.dll
MOD - [2012/06/12 23:12:53 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/12 23:12:49 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/05/28 00:36:53 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\acc563eb665e430df4375afb9697a5d9\IAStorCommon.ni.dll
MOD - [2012/05/27 22:00:48 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/27 22:00:25 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/27 22:00:23 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/27 22:00:21 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/27 22:00:20 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/27 22:00:17 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/06/22 07:38:04 | 000,177,144 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012/06/11 10:19:14 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/05/25 16:59:02 | 000,210,616 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012/05/25 16:58:32 | 000,199,304 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2012/04/19 08:22:48 | 000,502,032 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2012/01/10 19:01:52 | 000,627,936 | ---- | M] (Intel® Corporation) [Auto | Running] -- c:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2010/09/22 16:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/11/17 19:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/08/02 16:06:28 | 000,173,056 | ---- | M] (Dell Products, LP.) [Auto | Running] -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)
SRV - [2012/08/02 11:25:10 | 001,027,792 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2012/07/29 13:18:37 | 000,013,160 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe -- (GoToAssist)
SRV - [2012/07/27 09:37:23 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/16 02:27:47 | 001,677,856 | ---- | M] (bProtector) [Auto | Running] -- C:\ProgramData\bProtectorForWindows\2.2.463.83\bProtect.exe -- (bProtector)
SRV - [2012/07/13 17:17:12 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/02/16 10:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) [Disabled | Stopped] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2012/01/21 09:35:24 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/01/21 09:35:22 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/01/21 09:35:18 | 000,128,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2011/12/29 16:12:06 | 000,158,880 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent)
SRV - [2011/12/29 15:53:48 | 000,106,144 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2011/12/26 18:53:00 | 000,076,960 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent)
SRV - [2011/11/29 18:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/08/25 18:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/26 10:01:28 | 000,082,160 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PDFsFilter.sys -- (PDFsFilter)
DRV:64bit: - [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/06/22 07:38:16 | 000,335,784 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012/06/22 07:36:12 | 000,752,672 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012/06/22 07:34:00 | 000,169,320 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/06/11 11:59:38 | 010,248,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/06/11 09:26:14 | 000,367,616 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/05/16 16:30:57 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/05/16 16:30:57 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/04/17 08:25:02 | 000,031,432 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElRawDsk.sys -- (ElRawDisk)
DRV:64bit: - [2012/04/10 12:04:32 | 000,025,072 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/23 05:32:04 | 000,095,760 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/02/22 13:29:46 | 000,487,296 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012/02/22 13:29:46 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,100,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2012/02/22 13:29:46 | 000,075,936 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,065,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2012/01/27 00:39:34 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/01/27 00:39:34 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/01/27 00:39:34 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2011/12/29 16:02:50 | 000,548,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011/12/29 16:02:24 | 000,280,992 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011/12/29 16:02:12 | 000,068,256 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011/12/29 16:01:42 | 000,167,584 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011/12/29 16:01:24 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011/12/29 16:01:12 | 000,030,368 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011/12/29 16:00:54 | 000,110,752 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2011/12/29 16:00:42 | 000,338,592 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011/12/13 09:32:22 | 002,797,056 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/12/06 04:23:08 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/11/29 20:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/11/24 00:02:20 | 000,648,808 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/11/10 18:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/11/20 20:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 20:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 20:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006/11/01 02:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {CFD2041D-3ED7-4510-BCCC-B7934704B569}
IE:64bit: - HKLM\..\SearchScopes\{CFD2041D-3ED7-4510-BCCC-B7934704B569}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes,DefaultScope = {CFD2041D-3ED7-4510-BCCC-B7934704B569}
IE - HKLM\..\SearchScopes\{CFD2041D-3ED7-4510-BCCC-B7934704B569}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.condui...&ctid=CT3227975
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT3227975
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {cdf97ee2-ded0-4369-835e-99dd08225fa5} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {AE80EF95-4894-464D-8B22-54F2719F0C3D}
IE - HKCU\..\SearchScopes\{AE80EF95-4894-464D-8B22-54F2719F0C3D}: "URL" = http://search.yahoo....p={SearchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "appbario2 Customized Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "appbario2 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.order.1: "appbario2 Customized Web Search"
FF - prefs.js..browser.search.selectedEngine: "Secure Search"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "google.com"
FF - prefs.js..keyword.URL: "http://search.condui...rchSource=2&q="
FF - prefs.js..network.proxy.type: 0

FF - user.js..network.proxy.type: 0
FF - user.js..network.proxy.http: ""
FF - user.js..network.proxy.http_port:
FF - user.js..network.proxy.no_proxies_on: ""

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: File not found
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@vizzed.com/VizzedRGR: C:\Program Files (x86)\Vizzed\Vizzed Retro Game Room\NpVizzedRgr.dll (Vizzed.com)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/08/03 09:19:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012/08/14 01:06:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/29 14:26:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\bProtectorForWindows\2.2.463.83\FirefoxExtension [2012/07/16 02:27:47 | 000,000,000 | ---D | M]

[2012/05/27 13:09:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nick\AppData\Roaming\Mozilla\Extensions
[2012/07/25 02:38:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\o6db83fi.default\extensions
[2012/07/16 02:28:00 | 000,000,000 | ---D | M] (appbario2 Community Toolbar) -- C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\o6db83fi.default\extensions\{cdf97ee2-ded0-4369-835e-99dd08225fa5}
[2012/07/25 02:38:24 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\o6db83fi.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2012/07/08 13:55:38 | 000,000,921 | ---- | M] () -- C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\o6db83fi.default\searchplugins\bProtect.xml
[2012/07/08 13:55:38 | 000,000,921 | ---- | M] () -- C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\o6db83fi.default\searchplugins\conduit.xml
[2012/07/29 14:26:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/08/14 01:06:01 | 000,000,000 | ---D | M] (McAfee ScriptScan for Firefox) -- C:\PROGRAM FILES (X86)\COMMON FILES\MCAFEE\SYSTEMCORE
[2012/08/03 09:19:15 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2012/07/13 17:17:47 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/07/13 17:16:36 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/08/08 21:48:39 | 000,002,024 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/07/13 17:16:36 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://search.condui...SearchSource=48
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://search.condui...SearchSource=48
CHR - Extension: No name found = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: SiteAdvisor = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.2\
CHR - Extension: SiteAdvisor = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2\
CHR - Extension: SiteAdvisor = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\
CHR - Extension: No name found = C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120729134633.dll (McAfee, Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120814010601.dll (McAfee, Inc.)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [DelayShred] c:\Program Files\McAfee\MQS\ShrCL.exe ()
O4 - HKLM..\RunOnce: [SMRequiresRestart] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{91BBACDE-8A6F-4073-9078-8A4A0CFB0AA6}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - AppInit_DLLs: (c:\progra~3\bprote~1\22463~1.83\protec~1.dll) - c:\ProgramData\bProtectorForWindows\2.2.463.83\protector.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\615\G2AWinLogon_x64.dll) - C:\Program Files (x86)\Citrix\GoToAssist\615\g2awinlogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{b2c25948-9faf-11e1-ad26-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b2c25948-9faf-11e1-ad26-806e6f6e6963}\Shell\AutoRun\command - "" = D:\AirPortSetup.exe
O34 - HKLM BootExecute: ("autocheck autochk *")
O34 - HKLM BootExecute: (autocheck smrgdf C:\Users\Nick\AppData\Roaming\iolo\)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/13 20:02:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/08/12 22:58:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/08/12 22:58:17 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/08/12 21:55:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/08/12 21:55:32 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/08/12 21:55:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/08/12 00:13:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\bProtectorForWindows
[2012/08/08 03:18:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Vizzed
[2012/08/08 03:18:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vizzed Retro Game Room
[2012/08/08 03:17:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vizzed
[2012/08/06 23:44:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hide Your IP Address
[2012/08/06 23:44:00 | 000,000,000 | ---D | C] -- C:\Users\Nick\Desktop\Downloads
[2012/08/06 23:43:57 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Roaming\GetRightToGo
[2012/08/06 22:51:25 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Roaming\Malwarebytes
[2012/08/06 22:51:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/08/03 17:15:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell Digital Delivery
[2012/08/01 13:32:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/08/01 13:32:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012/08/01 13:32:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/08/01 13:17:21 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\MetaGeek,_LLC
[2012/08/01 13:16:33 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek
[2012/08/01 13:16:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MetaGeek
[2012/07/29 14:39:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AirPort
[2012/07/29 13:46:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee.com
[2012/07/29 13:46:33 | 000,010,248 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeclnk.sys
[2012/07/29 13:46:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\McAfee
[2012/07/29 13:46:32 | 000,487,296 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfefirek.sys
[2012/07/29 13:46:32 | 000,229,528 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeavfk.sys
[2012/07/29 13:46:32 | 000,100,912 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mferkdet.sys
[2012/07/29 13:46:32 | 000,075,936 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfenlfk.sys
[2012/07/29 13:46:32 | 000,065,264 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\cfwids.sys
[2012/07/29 13:46:31 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2012/07/29 13:46:31 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2012/07/29 13:46:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2012/07/29 13:46:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee
[2012/07/29 13:42:14 | 000,177,144 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\mfevtps.exe
[2012/07/29 13:42:12 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/07/29 13:38:59 | 000,000,000 | ---D | C] -- C:\mfe
[2012/07/29 13:21:54 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Roaming\McAfee
[2012/07/29 12:50:03 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Roaming\McAFee TechCheck
[2012/07/29 12:48:54 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Roaming\TechCheck
[2012/07/28 02:50:32 | 000,082,160 | ---- | C] (Raxco Software, Inc.) -- C:\Windows\SysNative\drivers\PDFsFilter.sys
[2012/07/16 15:10:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2012/07/16 02:46:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/07/16 02:28:08 | 000,000,000 | ---D | C] -- C:\ProgramData\IBUpdaterService
[2012/07/16 02:27:58 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Roaming\PerformerSoft
[2012/07/16 02:27:57 | 000,019,000 | ---- | C] (PerformerSoft LLC) -- C:\Windows\SysNative\roboot64.exe
[2012/07/16 02:27:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012/07/16 02:27:56 | 000,000,000 | ---D | C] -- C:\Users\Nick\AppData\Local\Conduit
[2012/07/16 02:27:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2012/07/16 02:27:47 | 000,000,000 | ---D | C] -- C:\ProgramData\bProtectorForWindows
[2012/07/16 02:18:14 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/07/16 02:18:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour

========== Files - Modified Within 30 Days ==========

[2012/08/14 05:37:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/13 20:02:11 | 000,001,830 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2012/08/13 19:49:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2012/08/13 18:12:35 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/08/13 18:12:16 | 000,684,832 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/08/13 18:12:16 | 000,129,368 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/08/13 18:07:27 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/13 18:07:27 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/13 18:06:09 | 000,816,078 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/08/13 18:00:15 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2012/08/13 18:00:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/13 18:00:11 | 1044,824,062 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/13 04:43:45 | 000,000,258 | ---- | M] () -- C:\Users\Nick\Documents\cc_20120813_044343.reg
[2012/08/12 23:02:35 | 000,030,898 | ---- | M] () -- C:\Users\Nick\Documents\cc_20120812_230219.reg
[2012/08/12 22:58:18 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/08/12 21:55:39 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/08 21:28:15 | 000,007,593 | ---- | M] () -- C:\Users\Nick\AppData\Local\Resmon.ResmonCfg
[2012/08/06 23:02:35 | 000,829,736 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/08/06 12:50:33 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/08/03 01:07:09 | 000,002,221 | ---- | M] () -- C:\Users\Nick\Desktop\System Mechanic.lnk
[2012/08/02 12:45:44 | 000,056,472 | ---- | M] (iolo technologies, LLC) -- C:\Windows\SysNative\iolobtdfg.exe
[2012/08/02 12:45:34 | 000,025,072 | ---- | M] (iolo technologies, LLC) -- C:\Windows\SysNative\smrgdf.exe
[2012/08/02 11:27:36 | 002,154,576 | ---- | M] (iolo technologies, LLC) -- C:\Windows\SysNative\Incinerator64.dll
[2012/08/02 11:27:34 | 002,096,360 | ---- | M] (iolo technologies, LLC) -- C:\Windows\SysWow64\Incinerator32.dll
[2012/08/01 13:16:33 | 000,003,039 | ---- | M] () -- C:\Users\Nick\Desktop\inSSIDer.lnk
[2012/07/29 14:26:22 | 000,001,132 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/07/29 13:58:56 | 000,002,421 | ---- | M] () -- C:\Users\Nick\Desktop\AirPort Utility.lnk
[2012/07/29 13:18:34 | 000,103,784 | ---- | M] () -- C:\Users\Nick\GoToAssistDownloadHelper.exe
[2012/07/29 06:50:33 | 000,000,074 | ---- | M] () -- C:\Users\Nick\Desktop\lol - Copy - Copy.vbs
[2012/07/29 06:49:00 | 000,000,073 | ---- | M] () -- C:\Users\Nick\Desktop\arby - Copy.vbs
[2012/07/28 02:49:34 | 000,074,703 | ---- | M] () -- C:\Windows\SysWow64\mfc45.dat
[2012/07/26 10:01:28 | 000,082,160 | ---- | M] (Raxco Software, Inc.) -- C:\Windows\SysNative\drivers\PDFsFilter.sys
[2012/07/16 07:30:52 | 000,000,117 | ---- | M] () -- C:\Users\Nick\Documents\lol - Copy.vbs
[2012/07/16 07:28:41 | 000,000,054 | ---- | M] () -- C:\Users\Nick\Desktop\computer_gender - Copy.vbs

========== Files Created - No Company Name ==========

[2012/08/13 04:43:44 | 000,000,258 | ---- | C] () -- C:\Users\Nick\Documents\cc_20120813_044343.reg
[2012/08/12 23:02:22 | 000,030,898 | ---- | C] () -- C:\Users\Nick\Documents\cc_20120812_230219.reg
[2012/08/12 22:58:18 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/08/12 21:55:39 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/06 23:02:40 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/08/01 13:16:33 | 000,003,039 | ---- | C] () -- C:\Users\Nick\Desktop\inSSIDer.lnk
[2012/07/29 14:39:03 | 000,002,421 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirPort Utility.lnk
[2012/07/29 14:26:22 | 000,001,144 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/07/29 14:26:22 | 000,001,132 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/07/29 13:58:56 | 000,002,421 | ---- | C] () -- C:\Users\Nick\Desktop\AirPort Utility.lnk
[2012/07/29 13:46:43 | 000,001,830 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2012/07/29 13:21:19 | 000,002,164 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Virtual Technician.lnk
[2012/07/29 13:18:33 | 000,103,784 | ---- | C] () -- C:\Users\Nick\GoToAssistDownloadHelper.exe
[2012/07/28 02:49:34 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dat
[2012/07/16 07:33:04 | 000,000,073 | ---- | C] () -- C:\Users\Nick\Desktop\arby - Copy.vbs
[2012/07/16 07:32:12 | 000,000,117 | ---- | C] () -- C:\Users\Nick\Documents\lol - Copy.vbs
[2012/07/16 07:31:35 | 000,000,074 | ---- | C] () -- C:\Users\Nick\Desktop\lol - Copy - Copy.vbs
[2012/06/17 03:34:42 | 000,007,593 | ---- | C] () -- C:\Users\Nick\AppData\Local\Resmon.ResmonCfg
[2012/06/11 09:50:16 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/06/11 09:50:16 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/05/30 16:41:01 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2012/05/16 16:20:25 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012/05/16 15:08:47 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/05/10 16:35:16 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/01/10 18:39:16 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011/02/10 09:10:51 | 000,829,736 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== LOP Check ==========

[2012/08/06 23:44:21 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\GetRightToGo
[2012/08/13 18:03:07 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\iolo
[2012/05/27 17:02:16 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\PCDr
[2012/07/16 02:30:09 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\PerformerSoft
[2012/07/29 12:50:03 | 000,000,000 | ---D | M] -- C:\Users\Nick\AppData\Roaming\TechCheck
[2012/08/13 18:00:15 | 000,000,828 | ---- | M] () -- C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2012/08/13 19:49:01 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2012/08/06 12:50:33 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2012/06/30 14:27:44 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/06/17 16:22:19 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2012/08/07 21:58:38 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?) -- C:\Windows\SysNative\토
[2012/08/07 21:58:38 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?) -- C:\Windows\SysNative\토

< End of report >
  • 0

Advertisements


#2
ali.B

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
hi

Step 1

Run OTL
  • Click the Run Fix button at the top
  • It will ask you for a Fix file, chose the Attached Fix file.
  • Click Run Fix
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Step 2

Update MalwareBytes AntiMalware and Run a Quick Scan.
Post the log it produces


Things I would like to see in your reply:
  • OTL log
  • MBAM log

Attached Files

  • Attached File  Fix.txt   4.43KB   32 downloads

  • 0

#3
The Cool Panda Guy

The Cool Panda Guy

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Alright I added everything in. Just one question. Is system mechanic good to use for your computer?

Attached Files


  • 0

#4
ali.B

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
what are your current problems ?
  • 0

#5
The Cool Panda Guy

The Cool Panda Guy

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Not sure if it's malware related but the text from one tab carrying over to the other is an eye sore but not a big deal. Other than that.. it's just slower than it used to be. WAY slower. The damage is probably permanent. Thanks for the help =). It's definitely improved my computers performance.
  • 0

#6
ali.B

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
hi

when you first ran OTL scan it produced another log, it should be in the location of OTL.txt its called Extras.txt please post that.

if you do not find this file, open OTL and check the box next to Extras and click Run Scan then post the logs.
  • 0

#7
The Cool Panda Guy

The Cool Panda Guy

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Alright. It was deleted somehow but I rescanned my computer with OTL and got it.

Attached Files


  • 0

#8
ali.B

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
you might want to check your installed program and see uninstall/remove what you don't need and reinstall programs you are having problems with.
  • 0

#9
ali.B

ali.B

    Trusted Helper

  • Malware Removal
  • 3,086 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP