Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Cloudfront.net redirect [Closed]

Started by dl9796 , May 09 2013 11:32 AM

  • This topic is locked This topic is locked

#1
dl9796
Posted 09 May 2013 - 11:32 AM

dl9796

    Member

  • Member
  • PipPipPip
  • 109 posts
Hello,

i am getting redirected to cloudfront.net when browsing the internet. i ran mbam. Here is my OTL log. Thanks:

OTL logfile created on: 5/9/2013 1:04:20 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jack\Desktop\Virsu Utilities
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

894.83 Mb Total Physical Memory | 257.13 Mb Available Physical Memory | 28.73% Memory free
2.01 Gb Paging File | 0.66 Gb Available in Paging File | 32.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111.69 Gb Total Space | 58.04 Gb Free Space | 51.96% Space Free | Partition Type: NTFS
Drive D: | 111.43 Gb Total Space | 111.34 Gb Free Space | 99.92% Space Free | Partition Type: NTFS

Computer Name: JACK-PC | User Name: Jack | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/05/09 13:03:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jack\Desktop\Virsu Utilities\OTL.exe
PRC - [2013/05/08 16:22:48 | 000,022,528 | ---- | M] () -- C:\Program Files\DnsBasic\dnsbasic.exe
PRC - [2013/04/23 03:48:17 | 010,244,448 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\TeamViewer.exe
PRC - [2013/04/23 03:48:17 | 004,171,104 | ---- | M] (TeamViewer GmbH) -- c:\Program Files\TeamViewer\Version8\TeamViewer_Desktop.exe
PRC - [2013/04/23 03:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013/04/23 03:40:59 | 000,193,888 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\tv_w32.exe
PRC - [2013/04/09 04:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/02/28 13:37:14 | 000,188,760 | ---- | M] () -- C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe
PRC - [2012/12/04 21:40:03 | 000,143,928 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\20.2.1.22\ccsvchst.exe
PRC - [2012/09/17 12:41:58 | 000,508,336 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2012/03/14 06:48:58 | 003,051,619 | ---- | M] (Logitech Inc.) -- C:\Program Files\Squeezebox\SqueezeTray.exe
PRC - [2010/09/03 02:45:02 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.1.121\SSScheduler.exe
PRC - [2010/03/17 16:55:42 | 001,565,696 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Verizon\McciTrayApp.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/02/03 09:15:18 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2007/06/21 21:33:20 | 000,269,448 | ---- | M] (CyberLink) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
PRC - [2007/06/20 04:56:16 | 004,493,312 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/06/05 07:07:46 | 000,548,864 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\Program Files\SiS VGA Utilities\SiSTray.exe
PRC - [2007/05/31 19:35:20 | 000,326,440 | ---- | M] () -- C:\Acer\Empowering Technology\SysMonitor.exe
PRC - [2007/04/29 22:57:42 | 000,103,344 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 2300 Series\ezprint.exe
PRC - [2007/04/29 22:55:32 | 000,205,744 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 2300 Series\lxcgmon.exe
PRC - [2007/04/29 22:54:44 | 000,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxcgcoms.exe
PRC - [2007/04/25 19:34:30 | 000,457,512 | ---- | M] (HiTRSUT) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
PRC - [2007/04/25 19:33:36 | 000,457,216 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
PRC - [2007/04/16 21:48:12 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
PRC - [2007/02/09 09:35:54 | 000,397,312 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
PRC - [2007/01/30 12:02:28 | 000,303,104 | ---- | M] (FUJIFILM Corporation) -- C:\Program Files\FinePixViewerS\QuickDCF2.exe
PRC - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe


========== Modules (No Company Name) ==========

MOD - [2013/05/08 19:12:22 | 000,897,024 | ---- | M] () -- C:\Program Files\DnsBasic\dnsbasic.dll
MOD - [2013/05/08 16:41:35 | 000,024,701 | R--- | M] () -- C:\Users\Jack\AppData\Local\Temp\pdk-Jack-1316\93e7e3d6030f426844228042348210cf\Service.dll
MOD - [2013/05/08 16:41:33 | 000,184,414 | R--- | M] () -- C:\Users\Jack\AppData\Local\Temp\pdk-Jack-1316\bd5179a413bc0c4b82eedc22c6cab101\re.dll
MOD - [2013/05/08 16:41:32 | 000,053,340 | R--- | M] () -- C:\Users\Jack\AppData\Local\Temp\pdk-Jack-1316\de446fdd1ae335c7d2b9e62bb8cdf765\B.dll
MOD - [2013/05/08 16:41:30 | 000,094,334 | R--- | M] () -- C:\Users\Jack\AppData\Local\Temp\pdk-Jack-1316\eb138ef0e4282611dbf485a302784646\LibYAML.dll
MOD - [2013/05/08 16:41:28 | 000,061,540 | R--- | M] () -- C:\Users\Jack\AppData\Local\Temp\pdk-Jack-1316\e56c61f7248672819579325af3387035\POSIX.dll
MOD - [2013/05/08 16:41:27 | 000,024,676 | R--- | M] () -- C:\Users\Jack\AppData\Local\Temp\pdk-Jack-1316\32785c19dc6898fbbbf06f3b776edd08\Fcntl.dll
MOD - [2013/05/08 16:41:26 | 000,082,033 | R--- | M] () -- C:\Users\Jack\AppData\Local\Temp\pdk-Jack-1316\df1ba73f49c38cbbc7a11c779c3506d2\OLE.dll
MOD - [2013/05/08 16:41:25 | 000,020,590 | R--- | M] () -- C:\Users\Jack\AppData\Local\Temp\pdk-Jack-1316\5ffd05b2cbd58528e56519784ca9c869\Hostname.dll
MOD - [2013/05/08 16:41:24 | 000,036,964 | R--- | M] () -- C:\Users\Jack\AppData\Local\Temp\pdk-Jack-1316\f233f63b6654362865c7577442edb9e3\Win32.dll
MOD - [2013/05/08 16:41:24 | 000,020,576 | R--- | M] () -- C:\Users\Jack\AppData\Local\Temp\pdk-Jack-1316\31638f63e39b38d3e250a9a57cb9d1c5\Cwd.dll
MOD - [2013/05/08 16:41:23 | 000,082,048 | R--- | M] () -- C:\Users\Jack\AppData\Local\Temp\pdk-Jack-1316\3a7ccbf8181ee5a145227a6dfce3594c\WinError.dll
MOD - [2013/05/08 16:41:22 | 000,118,918 | R--- | M] () -- C:\Users\Jack\AppData\Local\Temp\pdk-Jack-1316\eaeabd54205de2f10c00aea80bbf0d83\Registry.dll
MOD - [2013/05/08 16:41:21 | 000,028,779 | R--- | M] () -- C:\Users\Jack\AppData\Local\Temp\pdk-Jack-1316\60ff464e01c2cd5526dbdad5a125081d\Dumper.dll
MOD - [2013/05/08 16:41:21 | 000,020,601 | R--- | M] () -- C:\Users\Jack\AppData\Local\Temp\pdk-Jack-1316\4461f48e31bde5c56b31b973b773de09\List.dll
MOD - [2013/05/08 16:41:20 | 000,024,701 | R--- | M] () -- C:\Users\Jack\AppData\Local\Temp\pdk-Jack-1316\d10c2c06ba2044cccc247c4315f5c7d3\Process.dll
MOD - [2013/05/08 16:41:19 | 000,032,878 | R--- | M] () -- C:\Users\Jack\AppData\Local\Temp\pdk-Jack-1316\7ef0d901bf4203fbcf7a0fff0e82aa5f\Encode.dll
MOD - [2013/05/08 16:41:18 | 000,024,679 | R--- | M] () -- C:\Users\Jack\AppData\Local\Temp\pdk-Jack-1316\c5cce8d16a1bd48692b421dcf46d3396\Util.dll
MOD - [2013/05/08 16:41:17 | 000,028,774 | R--- | M] () -- C:\Users\Jack\AppData\Local\Temp\pdk-Jack-1316\d1e7c33431cd8713f2ce3582829a8b14\Socket.dll
MOD - [2013/04/09 04:57:07 | 000,390,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll
MOD - [2013/04/09 04:57:06 | 013,130,704 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
MOD - [2013/04/09 04:57:05 | 004,050,896 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\pdf.dll
MOD - [2013/04/09 04:56:13 | 001,606,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
MOD - [2013/02/13 04:52:20 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e64304962098e90f0d3f4c33c1b080a6\System.Windows.Forms.ni.dll
MOD - [2013/01/09 13:12:43 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll
MOD - [2013/01/09 13:09:26 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll
MOD - [2013/01/09 13:04:42 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll
MOD - [2013/01/09 13:04:13 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2007/05/31 19:35:20 | 000,326,440 | ---- | M] () -- C:\Acer\Empowering Technology\SysMonitor.exe
MOD - [2007/04/25 19:31:00 | 000,028,672 | ---- | M] () -- C:\Windows\System32\BatchCrypto.dll
MOD - [2007/04/25 19:30:44 | 000,063,488 | ---- | M] () -- C:\Windows\System32\ShowErrMsg.dll
MOD - [2007/03/05 09:22:02 | 000,081,920 | ---- | M] () -- C:\Program Files\FinePixViewerS\wia_register_event.dll
MOD - [2005/12/13 15:52:02 | 000,122,880 | ---- | M] () -- C:\Program Files\Lexmark 2300 Series\lxcgdrec.dll
MOD - [2005/06/14 17:08:28 | 000,196,608 | ---- | M] () -- C:\Program Files\Lexmark 2300 Series\iptk.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Yontoo\Y2Desktop.Updater.exe C:\Users\Jack\AppData\Roaming\Yontoo\YontooDesktop.exe -- (Yontoo Desktop Updater)
SRV - [2013/05/08 18:59:25 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/08 16:22:48 | 000,022,528 | ---- | M] () [Auto | Running] -- C:\Program Files\DnsBasic\dnsbasic.exe -- (DnsBasic Service)
SRV - [2013/04/23 03:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/04/10 02:58:17 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/04/08 05:36:56 | 000,032,808 | ---- | M] (Just Develop It) [Auto | Stopped] -- C:\Program Files\MyPC Backup\BackupStack.exe -- (BackupStack)
SRV - [2013/02/28 13:37:14 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe -- (Updater By SweetPacks)
SRV - [2012/12/04 21:40:03 | 000,143,928 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\20.2.1.22\ccSvcHst.exe -- (NIS)
SRV - [2010/09/03 02:45:02 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.1.121\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/06/21 21:33:20 | 000,269,448 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service)
SRV - [2007/04/29 22:54:44 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxcgcoms.exe -- (lxcg_device)
SRV - [2007/04/25 19:34:30 | 000,457,512 | ---- | M] (HiTRSUT) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service)
SRV - [2007/04/16 21:48:12 | 000,028,672 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
SRV - [2007/02/13 09:26:50 | 000,053,248 | ---- | M] (Acer Inc.) [Auto | Stopped] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2013/01/16 12:02:08 | 001,603,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20130123.023\NAVEX15.SYS -- (NAVEX15)
DRV - [2013/01/16 12:02:08 | 000,093,296 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20130123.023\NAVENG.SYS -- (NAVENG)
DRV - [2013/01/15 22:51:12 | 000,997,464 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20130116.013\BHDrvx86.sys -- (BHDrvx86)
DRV - [2013/01/09 12:22:27 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2013/01/08 20:40:38 | 000,386,720 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20130123.001\IDSvix86.sys -- (IDSVix86)
DRV - [2012/10/08 21:00:02 | 000,586,400 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\NIS\1402010.016\srtsp.sys -- (SRTSP)
DRV - [2012/10/03 21:40:35 | 000,927,904 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\NIS\1402010.016\symefa.sys -- (SymEFA)
DRV - [2012/10/03 21:40:20 | 000,368,288 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NIS\1402010.016\symds.sys -- (SymDS)
DRV - [2012/09/06 22:05:14 | 000,350,368 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1402010.016\symtdiv.sys -- (SYMTDIv)
DRV - [2012/09/06 21:48:08 | 000,175,264 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1402010.016\ironx86.sys -- (SymIRON)
DRV - [2012/09/06 21:40:51 | 000,032,888 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1402010.016\srtspx.sys -- (SRTSPX)
DRV - [2012/08/20 15:49:49 | 000,134,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1402010.016\ccsetx86.sys -- (ccSet_NIS)
DRV - [2012/08/08 23:36:36 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/03/17 16:53:38 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/03/17 16:53:22 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2007/06/05 07:08:56 | 000,454,520 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SISGRKMD.sys -- (SiS6350)
DRV - [2007/01/24 05:08:06 | 000,056,184 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SISAGPX.SYS -- (SISAGP)
DRV - [2007/01/22 04:09:08 | 000,046,592 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SiSGB6.sys -- (SiSGbeLH)
DRV - [2006/12/07 21:12:02 | 000,076,584 | ---- | M] () [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
DRV - [2006/11/08 03:02:40 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\point32k.sys -- (Point32)
DRV - [2006/11/02 03:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpa...F-001C252D1A9B}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)
IE - HKLM\..\URLSearchHook: {f6f0f973-a4a3-48cf-9a7a-b7a69c30d71a} - C:\Program Files\MixiDJ_V5\prxtbMix0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0F954013-F85A-429F-9AD4-F43C58862B2E}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...nType=TB50TRie7
IE - HKLM\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.c...rchTerms}&crm=1
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...F-001C252D1A9B}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=79
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\YTNavAssist.dll (Yahoo! Inc.)
IE - HKCU\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll (Yahoo! Inc.)
IE - HKCU\..\URLSearchHook: {f6f0f973-a4a3-48cf-9a7a-b7a69c30d71a} - C:\Program Files\MixiDJ_V5\prxtbMix0.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0F954013-F85A-429F-9AD4-F43C58862B2E}
IE - HKCU\..\SearchScopes\{05388F34-5729-4C34-B576-C18831E5D523}: "URL" = http://delicious.com...p={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...nType=TB50TRie7
IE - HKCU\..\SearchScopes\{0F954013-F85A-429F-9AD4-F43C58862B2E}: "URL" = http://search.condui...2887491684&UM=2
IE - HKCU\..\SearchScopes\{231B6DD3-B146-49C0-8297-52D202B237F4}: "URL" = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\..\SearchScopes\{2D1F87F5-4B54-459C-837F-ABAFD00378CC}: "URL" = http://www.flickr.co...q={searchTerms}
IE - HKCU\..\SearchScopes\{4C4C7AAB-5854-4241-A414-E2F1EF119C4A}: "URL" = http://www.dnsbasic....s={searchTerms}
IE - HKCU\..\SearchScopes\{727FD5D9-964B-4B72-AA94-59409A0945B3}: "URL" = http://rover.ebay.co...e={searchTerms}
IE - HKCU\..\SearchScopes\{9923F804-4888-473C-A797-CC4F7D36643F}: "URL" = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...q={SEARCHTERMS}
IE - HKCU\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.c...rchTerms}&crm=1
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....=chr-acer&type=
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...F-001C252D1A9B}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaultthis.engineName: "WhiteSmoke New Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..keyword.URL: "http://start.sweetpa...1C252D1A9B}&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Yahoo"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://search.yahoo....ch?fr=ffsp1&p="
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\coFFPlgn\ [2013/02/28 15:07:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\IPSFFPlgn\ [2013/01/09 13:08:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox [2013/04/06 13:01:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/08 19:07:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/08 18:46:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\UnfriendApp\Firefox\ [2013/02/12 00:55:34 | 000,000,000 | ---D | M]

[2008/12/26 07:20:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jack\AppData\Roaming\Mozilla\Extensions
[2008/09/15 16:34:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\extensions
[2008/09/15 16:34:58 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2013/05/08 19:13:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\5zlx07cf.default\extensions
[2012/03/06 18:08:14 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\5zlx07cf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013/05/08 18:48:10 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\5zlx07cf.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013/04/18 21:17:03 | 000,000,000 | ---D | M] (WhiteSmoke New Community Toolbar) -- C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\5zlx07cf.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}
[2013/04/06 13:00:57 | 000,000,000 | ---D | M] (SweetPacks Toolbar for Firefox) -- C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\5zlx07cf.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2013/04/09 13:47:46 | 000,000,000 | ---D | M] (MixiDJ V5 Community Toolbar) -- C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\5zlx07cf.default\extensions\{f6f0f973-a4a3-48cf-9a7a-b7a69c30d71a}
[2013/04/06 13:26:41 | 000,001,720 | ---- | M] () -- C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\5zlx07cf.default\searchplugins\sweetim.xml
[2013/05/08 19:12:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/05/08 18:46:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013/05/08 19:12:26 | 000,000,000 | ---D | M] (DnsBasic) -- C:\Program Files\Mozilla Firefox\extensions\{650EED71-89E2-453B-8DCF-2AA1B4AE6EF3}
[2012/08/08 11:46:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/11/02 11:39:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
File not found (No name found) -- C:\USERS\JACK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5ZLX07CF.DEFAULT\EXTENSIONS\[email protected]
[2013/04/10 02:58:33 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013/04/10 02:57:54 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/04/10 02:57:54 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Motive Plugin (Enabled) = C:\Program Files\Common Files\Motive\npMotive.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U37 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.370.6 (Enabled) = C:\Windows\system32\npdeployJava1.dll
CHR - Extension: Google Docs = C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Google Docs = C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: Google Drive = C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Search = C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: UnfriendApp = C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.5.65267_0\
CHR - Extension: Gmail = C:\Users\Jack\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (LessTabs) - {3178A392-8963-471E-B7A2-969CB58D6496} - C:\Program Files\LessTabs\IE32\LessTabsClientIE.dll (LessTabs)
O2 - BHO: (UnfriendApp) - {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\Program Files\UnfriendApp\IE\common.dll (UnfriendApp)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\20.2.1.22\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\20.2.1.22\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (Updater By SweetPacks) - {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} - C:\Program Files\Updater By SweetPacks\Extension32.dll ()
O2 - BHO: (MixiDJ V5 Toolbar) - {f6f0f973-a4a3-48cf-9a7a-b7a69c30d71a} - C:\Program Files\MixiDJ_V5\prxtbMix0.dll (Conduit Ltd.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\20.2.1.22\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (MixiDJ V5 Toolbar) - {f6f0f973-a4a3-48cf-9a7a-b7a69c30d71a} - C:\Program Files\MixiDJ_V5\prxtbMix0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (MixiDJ V5 Toolbar) - {F6F0F973-A4A3-48CF-9A7A-B7A69C30D71A} - C:\Program Files\MixiDJ_V5\prxtbMix0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe ()
O4 - HKLM..\Run: [Acer Product Registration] C:\Program Files\Acer Registration\ACE1.exe (Leader Technologies)
O4 - HKLM..\Run: [Acer Tour] File not found
O4 - HKLM..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (Acer Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe (HiTRUST)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 2300 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [LXCGCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXCGtime.DLL ()
O4 - HKLM..\Run: [lxcgmon.exe] C:\Program Files\Lexmark 2300 Series\lxcgmon.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SiSTray] C:\Program Files\SiS VGA Utilities\SiSTray.exe (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe (Alcatel-Lucent)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [Acer Tour Reminder] File not found
O4 - HKCU..\Run: [Aim6] File not found
O4 - HKLM..\RunOnce: [SpUninstallCleanUp] REG delete HKEY_CURRENT_USER\Software\SearchProtect /f File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 157
O8 - Extra context menu item: &AIM Search - c:\Program Files\AOL\AIM Toolbar 5.0\resources\en-us\local\search.html ()
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O9 - Extra Button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_12)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.242.0.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{78665C2D-46DF-4788-BFC2-B06EFD46D2C3}: DhcpNameServer = 192.168.1.1 71.242.0.12
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\Acer03.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Acer03.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0c11747e-5d22-11e2-b4fc-001c252d1a9b}\Shell - "" = AutoRun
O33 - MountPoints2\{0c11747e-5d22-11e2-b4fc-001c252d1a9b}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/05/09 13:02:41 | 000,000,000 | ---D | C] -- C:\Users\Jack\Desktop\Virsu Utilities
[2013/05/08 19:11:21 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/05/08 19:09:47 | 000,000,000 | ---D | C] -- C:\ProgramData\DnsBasic
[2013/05/08 19:09:47 | 000,000,000 | ---D | C] -- C:\Program Files\DnsBasic
[2013/05/08 18:46:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/05/08 18:46:44 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013/05/08 16:32:09 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2013/05/08 16:24:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/05/08 16:21:56 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Local\Google
[2013/05/08 16:21:56 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/05/08 15:00:23 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013/05/08 12:49:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/05/08 12:49:06 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/05/08 12:49:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/04/18 21:19:21 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Local\SwvUpdater
[2013/04/18 21:19:15 | 000,000,000 | ---D | C] -- C:\Program Files\LessTabs
[2013/04/13 13:24:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/04/13 13:23:26 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/04/13 13:22:34 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/04/13 13:22:34 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/04/09 13:49:37 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2013/04/09 13:49:17 | 000,000,000 | ---D | C] -- C:\Program Files\MixiDJ_V5
[2013/04/09 13:49:17 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Local\Conduit
[2013/04/09 13:48:42 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
[2013/04/09 13:48:35 | 000,000,000 | ---D | C] -- C:\Program Files\MyPC Backup
[2013/04/09 13:47:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Pro
[2013/04/09 13:47:40 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Roaming\Yontoo
[2013/04/09 13:47:40 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo
[2013/04/09 13:47:34 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Roaming\Driver Pro
[2013/04/09 13:47:33 | 000,000,000 | ---D | C] -- C:\Program Files\Driver Pro
[2013/04/09 13:47:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/05/09 12:41:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/09 12:39:41 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/09 12:39:41 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/09 12:27:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/08 19:10:02 | 000,000,000 | ---- | M] () -- C:\ProgramData\2228303f42223a_c
[2013/05/08 18:46:46 | 000,000,874 | ---- | M] () -- C:\Users\Jack\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/05/08 18:46:46 | 000,000,850 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/05/08 18:24:15 | 000,217,736 | ---- | M] () -- C:\Users\Jack\Documents\cc_20130508_182354.reg
[2013/05/08 17:03:34 | 000,000,915 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013/05/08 16:40:59 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/08 16:40:11 | 000,297,328 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/05/08 16:39:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/08 16:39:26 | 939,057,152 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/08 16:26:08 | 000,640,408 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/05/08 16:26:07 | 000,118,660 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/05/08 16:24:12 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/05/08 12:51:17 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/04/18 21:19:15 | 000,000,009 | ---- | M] () -- C:\END
[2013/04/13 13:25:03 | 000,001,668 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/04/09 17:08:11 | 001,678,459 | ---- | M] () -- C:\Users\Jack\Desktop\TY 2013 extension.pdf
[2013/04/09 16:41:20 | 000,002,281 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2013/04/09 13:48:42 | 000,000,888 | ---- | M] () -- C:\Users\Jack\Desktop\MyPC Backup.lnk
[2013/04/09 13:47:42 | 000,000,827 | ---- | M] () -- C:\Users\Jack\Desktop\Driver Pro.lnk
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/05/08 19:10:02 | 000,000,000 | ---- | C] () -- C:\ProgramData\2228303f42223a_c
[2013/05/08 18:46:46 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/05/08 18:24:02 | 000,217,736 | ---- | C] () -- C:\Users\Jack\Documents\cc_20130508_182354.reg
[2013/05/08 16:32:23 | 000,000,927 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013/05/08 16:32:23 | 000,000,915 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013/05/08 16:24:12 | 000,001,975 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/05/08 16:22:11 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/08 16:22:07 | 000,000,878 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/08 12:49:09 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/04/13 13:25:03 | 000,001,668 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/04/09 17:08:11 | 001,678,459 | ---- | C] () -- C:\Users\Jack\Desktop\TY 2013 extension.pdf
[2013/04/09 13:48:42 | 000,000,888 | ---- | C] () -- C:\Users\Jack\Desktop\MyPC Backup.lnk
[2013/04/09 13:47:42 | 000,000,827 | ---- | C] () -- C:\Users\Jack\Desktop\Driver Pro.lnk
[2013/04/09 13:47:26 | 000,000,009 | ---- | C] () -- C:\END
[2011/01/04 20:24:36 | 000,001,940 | ---- | C] () -- C:\Users\Jack\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2008/04/01 14:39:12 | 000,032,071 | ---- | C] () -- C:\Users\Jack\John MULLEN 2007 Tax Return.T07
[2007/10/12 19:08:13 | 000,000,104 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\wklnhst.dat
[2007/10/12 19:07:20 | 000,003,584 | ---- | C] () -- C:\Users\Jack\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 08:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 02:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2008/08/01 18:41:24 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\acccore
[2007/10/12 16:59:57 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Acer
[2013/04/09 13:48:27 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Driver Pro
[2013/04/27 13:02:50 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\FUJIFILM
[2007/10/12 16:59:56 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Leadertech
[2013/04/06 13:06:26 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\player
[2012/03/06 18:05:42 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\TaxCut
[2013/05/08 16:36:36 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\TechWizard
[2007/10/12 19:08:15 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Template
[2013/01/09 02:47:56 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Tific
[2013/05/08 19:13:46 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Yontoo

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:373E1720

< End of report >
  • 0

Advertisements

#2
Essexboy
Posted 09 May 2013 - 11:52 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there on completion of this could you let me know if the redirects cease

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image
:OTL
SRV - [2013/05/08 16:22:48 | 000,022,528 | ---- | M] () [Auto | Running] -- C:\Program Files\DnsBasic\dnsbasic.exe -- (DnsBasic Service)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Yontoo\Y2Desktop.Updater.exe C:\Users\Jack\AppData\Roaming\Yontoo\YontooDesktop.exe -- (Yontoo Desktop Updater)
SRV - [2013/02/28 13:37:14 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe -- (Updater By SweetPacks)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpa...F-001C252D1A9B}
IE - HKLM\..\URLSearchHook: {f6f0f973-a4a3-48cf-9a7a-b7a69c30d71a} - C:\Program Files\MixiDJ_V5\prxtbMix0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0F954013-F85A-429F-9AD4-F43C58862B2E}
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...F-001C252D1A9B}
IE - HKCU\..\SearchScopes\{0F954013-F85A-429F-9AD4-F43C58862B2E}: "URL" = http://search.condui...2887491684&UM=2
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...F-001C252D1A9B}
[2013/05/08 19:12:26 | 000,000,000 | ---D | M] (DnsBasic) -- C:\Program Files\Mozilla Firefox\extensions\{650EED71-89E2-453B-8DCF-2AA1B4AE6EF3}
FF - prefs.js..browser.search.defaultthis.engineName: "WhiteSmoke New Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&SearchSource=3&q={searchTerms}"
FF - prefs.js..keyword.URL: "http://start.sweetpacks.com/?src=2&st=12&barid={5DC78F10-9EDB-11E2-888F-001C252D1A9B}&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Yahoo"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://search.yahoo.com/search?fr=ffsp1&p="
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Yahoo"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox [2013/04/06 13:01:04 | 000,000,000 | ---D | M]
[2013/04/18 21:17:03 | 000,000,000 | ---D | M] (WhiteSmoke New Community Toolbar) -- C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\5zlx07cf.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}
[2013/04/06 13:00:57 | 000,000,000 | ---D | M] (SweetPacks Toolbar for Firefox) -- C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\5zlx07cf.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2013/04/09 13:47:46 | 000,000,000 | ---D | M] (MixiDJ V5 Community Toolbar) -- C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\5zlx07cf.default\extensions\{f6f0f973-a4a3-48cf-9a7a-b7a69c30d71a}
[2013/04/06 13:26:41 | 000,001,720 | ---- | M] () -- C:\Users\Jack\AppData\Roaming\Mozilla\Firefox\Profiles\5zlx07cf.default\searchplugins\sweetim.xml
File not found (No name found) -- C:\USERS\JACK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5ZLX07CF.DEFAULT\EXTENSIONS\[email protected]
O2 - BHO: (Updater By SweetPacks) - {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} - C:\Program Files\Updater By SweetPacks\Extension32.dll ()
O2 - BHO: (MixiDJ V5 Toolbar) - {f6f0f973-a4a3-48cf-9a7a-b7a69c30d71a} - C:\Program Files\MixiDJ_V5\prxtbMix0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (MixiDJ V5 Toolbar) - {f6f0f973-a4a3-48cf-9a7a-b7a69c30d71a} - C:\Program Files\MixiDJ_V5\prxtbMix0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (MixiDJ V5 Toolbar) - {F6F0F973-A4A3-48CF-9A7A-B7A69C30D71A} - C:\Program Files\MixiDJ_V5\prxtbMix0.dll (Conduit Ltd.)
[2013/05/08 19:09:47 | 000,000,000 | ---D | C] -- C:\ProgramData\DnsBasic
[2013/05/08 19:09:47 | 000,000,000 | ---D | C] -- C:\Program Files\DnsBasic
[2013/04/18 21:19:21 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Local\SwvUpdater
[2013/04/09 13:49:37 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2013/04/09 13:49:17 | 000,000,000 | ---D | C] -- C:\Program Files\MixiDJ_V5
[2013/04/09 13:49:17 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Local\Conduit
[2013/04/09 13:47:40 | 000,000,000 | ---D | C] -- C:\Users\Jack\AppData\Roaming\Yontoo
[2013/04/09 13:47:40 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo
[2013/04/09 13:47:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2013/05/08 19:10:02 | 000,000,000 | ---- | M] () -- C:\ProgramData\2228303f42223a_c
[2013/05/08 19:13:46 | 000,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Yontoo

:Files
C:\Program Files\DnsBasic
C:\Program Files\Updater By SweetPacks
C:\Users\Jack\AppData\Local\Temp\pdk-Jack-1316

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.


THEN

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that
  • 0

#3
Essexboy
Posted 15 May 2013 - 10:54 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP