Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Cant download any files or uninstall programs. [Closed] [Solved]


  • This topic is locked This topic is locked

#31
killurbeer

killurbeer

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Tried that, website still keeps crashing.
  • 0

Advertisements


#32
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Andf it is just in IE not Firefox ?

Could you run a fresh OTL scan please and ensure all users is ticked
  • 0

#33
killurbeer

killurbeer

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
I tried it with google chrome and it works fine. I'll try mozilla though and run a otl again.
  • 0

#34
killurbeer

killurbeer

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
It works with Firefox too.
OTL logfile created on: 10/30/2013 9:07:35 AM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\STDEEZ\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.93 Gb Total Physical Memory | 0.85 Gb Available Physical Memory | 44.02% Memory free
4.10 Gb Paging File | 2.57 Gb Available in Paging File | 62.70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.00 Gb Total Space | 62.80 Gb Free Space | 28.29% Space Free | Partition Type: NTFS
Drive D: | 10.88 Gb Total Space | 1.29 Gb Free Space | 11.88% Space Free | Partition Type: NTFS
Drive E: | 4.38 Gb Total Space | 0.01 Gb Free Space | 0.18% Space Free | Partition Type: UDF

Computer Name: STDEEZ-PC | User Name: STDEEZ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/10/16 09:10:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\STDEEZ\Desktop\OTL.exe
PRC - [2013/10/15 11:11:49 | 000,310,352 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2013/09/13 18:24:32 | 000,350,792 | ---- | M] (Verizon) -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
PRC - [2013/08/12 10:12:38 | 000,295,376 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013/08/12 10:12:38 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/08/12 10:11:20 | 000,995,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/07/17 13:31:18 | 000,776,088 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2012/07/17 13:31:18 | 000,116,632 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2011/09/02 17:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/03/17 13:55:42 | 001,565,696 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Verizon\McciTrayApp.exe
PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/06 09:54:52 | 000,365,952 | ---- | M] () -- C:\Program Files\SMINST\BLService.exe
PRC - [2007/06/27 19:04:00 | 001,213,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007/06/27 19:03:40 | 000,152,872 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe


========== Modules (No Company Name) ==========

MOD - [2013/10/16 08:43:12 | 000,978,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\f453ecc6bb7fc8d52d61247676944623\System.Configuration.ni.dll
MOD - [2013/10/15 12:50:38 | 012,434,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\73d9bc894522543b561a0342dac87c06\System.Windows.Forms.ni.dll
MOD - [2013/10/15 12:49:56 | 014,329,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f228cc72a6647716127cd44ca416e6dc\PresentationFramework.ni.dll
MOD - [2013/10/15 12:49:18 | 012,218,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\b2482534bee5c520cdfe9c8f7df6a92f\PresentationCore.ni.dll
MOD - [2013/10/15 12:48:52 | 003,325,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c16ade1485996fa4981edc7df436a15b\WindowsBase.ni.dll
MOD - [2013/09/02 19:33:37 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\e77e7cdf3072d5a658832b8863ff439e\System.Management.ni.dll
MOD - [2013/09/02 19:31:22 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b167ef6967ad27503c6ac6aabcef1aff\System.Runtime.Remoting.ni.dll
MOD - [2013/09/02 19:31:17 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\9e0ade6fc2bcb5fbd4c8978bf92784a3\System.Transactions.ni.dll
MOD - [2013/09/02 19:31:16 | 000,627,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5ba1ebef462c4f9cb1a8fe05c0419d0e\System.EnterpriseServices.ni.dll
MOD - [2013/09/02 19:31:16 | 000,280,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5ba1ebef462c4f9cb1a8fe05c0419d0e\System.EnterpriseServices.Wrapper.dll
MOD - [2013/09/02 18:36:34 | 005,462,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09f5b3f7a363b742a73937e818595597\System.Xml.ni.dll
MOD - [2013/09/02 18:36:04 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c0df7e124d8d5e2821fd7d3921d404f7\System.Drawing.ni.dll
MOD - [2013/09/02 18:35:44 | 006,622,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\1eff630f4194c74287d1dd4a859693f7\System.Data.ni.dll
MOD - [2013/09/01 22:43:23 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll
MOD - [2013/07/15 17:19:06 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\af7b745f6a06b800c73f1556553fe331\PresentationFramework.Aero.ni.dll
MOD - [2013/07/15 17:18:17 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll
MOD - [2012/07/17 13:31:18 | 000,776,088 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/04/10 23:28:21 | 000,368,640 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll
MOD - [2009/04/10 19:04:15 | 000,113,664 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
MOD - [2009/03/29 21:42:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009/03/29 21:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2008/09/30 16:56:06 | 000,032,768 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\Content.XmlSerializers.dll
MOD - [2008/09/30 16:52:02 | 000,007,168 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2008/09/30 16:52:00 | 000,057,344 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2008/09/30 16:51:52 | 000,118,784 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\ECLibrary.dll
MOD - [2008/09/30 16:51:52 | 000,010,240 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2008/09/30 16:51:36 | 000,040,960 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2008/09/30 16:51:36 | 000,028,672 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2008/09/30 16:51:36 | 000,005,632 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2008/09/23 18:21:22 | 000,066,856 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\common\MCEMediaStatus.dll


========== Services (SafeList) ==========

SRV - [2013/10/25 18:53:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/10/15 10:26:40 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/13 18:24:32 | 000,350,792 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2013/08/12 10:12:38 | 000,295,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/08/12 10:12:38 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/07/17 13:31:18 | 000,116,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2011/09/02 17:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/10/06 09:54:52 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/01/20 19:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motmodem.sys -- (motmodem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\STDEEZ\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2013/10/29 09:34:22 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2013/06/18 21:50:08 | 000,107,392 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/06/11 12:56:32 | 000,020,864 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgp.sys -- (motccgp)
DRV - [2012/06/08 17:09:10 | 000,023,808 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Motousbnet.sys -- (Motousbnet)
DRV - [2012/06/08 17:08:52 | 000,006,656 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2012/06/05 11:04:10 | 000,023,608 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TuneConvertAudio.sys -- (TuneConvertAudio)
DRV - [2012/06/05 10:36:30 | 000,023,608 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MusCAudio.sys -- (MusCAudio)
DRV - [2012/01/25 15:57:46 | 000,008,448 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2011/12/22 17:37:35 | 000,075,264 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC)
DRV - [2011/11/08 14:59:04 | 000,011,008 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motusbdevice.sys -- (motusbdevice)
DRV - [2010/09/26 20:13:10 | 001,882,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2010/07/15 17:45:44 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf)
DRV - [2009/01/29 19:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motfilt.sys -- (BTCFilterService)
DRV - [2009/01/20 07:49:26 | 000,142,848 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/10/03 04:39:28 | 000,222,208 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/08/10 18:00:38 | 000,059,904 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDUWWAN.sys -- (PTDUWWAN)
DRV - [2008/08/10 18:00:32 | 000,039,936 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDUVsp.sys -- (PTDUVsp)
DRV - [2008/08/10 18:00:30 | 000,041,344 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDUMdm.sys -- (PTDUMdm)
DRV - [2008/08/10 18:00:28 | 000,033,024 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDUBus.sys -- (PTDUBus)
DRV - [2008/06/29 07:52:26 | 000,112,128 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2008/01/20 19:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2007/10/17 16:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...resario&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{6A28AFCB-D7B6-4628-8EA2-D66964A22F01}: "URL" = http://search.live.c...ms}&FORM=HPNTDF
IE - HKLM\..\SearchScopes\{8214ADD5-AD05-4B67-BD93-C3BB6003BCCF}: "URL" = http://www.ask.com/w...}&l=dis&o=uscql
IE - HKLM\..\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E}: "URL" = http://search.myheri...q={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...resario&pf=cnnb
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\..\SearchScopes,DefaultScope = {C966D386-7D62-422A-A99B-3ED460520996}
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\..\SearchScopes\{080FBDF6-B230-4e4d-A4E7-7C7A56D7BABC}: "URL" = http://searchservice...Web&orig=IMC-IE
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7ADBF_en
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\..\SearchScopes\{6A28AFCB-D7B6-4628-8EA2-D66964A22F01}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\..\SearchScopes\{8214ADD5-AD05-4B67-BD93-C3BB6003BCCF}: "URL" = http://www.ask.com/w...}&l=dis&o=uscql
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\..\SearchScopes\{9B97950D-482C-1D79-568F-FC7B9D40C785}: "URL" = http://www.bing.com/...eferrer:source}
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearsh...q={searchTerms}
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\..\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E}: "URL" = http://search.myheri...q={searchTerms}
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\..\SearchScopes\{C966D386-7D62-422A-A99B-3ED460520996}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\STDEEZ\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\electronicarts.com/GameFacePlugin: C:\Users\STDEEZ\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012/06/06 18:49:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\STDEEZ\AppData\Roaming\Mozilla\Extensions
[2009/02/22 11:21:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\STDEEZ\AppData\Roaming\Mozilla\Extensions\[email protected]
[2012/04/16 18:05:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\STDEEZ\AppData\Roaming\Mozilla\Firefox\extensions
[2012/04/16 18:05:11 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\STDEEZ\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2012/05/31 09:53:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\STDEEZ\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions
[2012/05/31 09:53:16 | 000,086,818 | ---- | M] () (No name found) -- C:\Users\STDEEZ\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\[email protected]
[2013/10/30 09:05:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/10/30 09:05:17 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Yahoo! (Enabled)
CHR - default_search_provider: search_url = http://search.yahoo....p={searchTerms}
CHR - default_search_provider: suggest_url = http://ff.search.yah...d={searchTerms},
CHR - homepage: http://search.yahoo....r=spigot-yhp-ch
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Motive Plugin (Enabled) = C:\Program Files\Common Files\Motive\npMotive.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\STDEEZ\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Game Face Plugin (Enabled) = C:\Users\STDEEZ\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\STDEEZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\STDEEZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Ebay Shopping Assistant by Spigot = C:\Users\STDEEZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.0_0\
CHR - Extension: Domain Error Assistant = C:\Users\STDEEZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.1_0\
CHR - Extension: 1Click Downloader = C:\Users\STDEEZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jplinpmadfkdgipabgcdchbdikologlh\1.6_0\
CHR - Extension: Slick Savings = C:\Users\STDEEZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\STDEEZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Amazon Shopping Assistant by Spigot = C:\Users\STDEEZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\
CHR - Extension: Gmail = C:\Users\STDEEZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013/10/29 12:21:30 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe (Alcatel-Lucent)
O4 - HKU\S-1-5-21-470285979-1123823893-1365921699-1000..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Open using &Advanced JPEG Compressor - C:\Program Files\Advanced JPEG Compressor\ajcieex.htm ()
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Add to Wish List - {76c5fb99-dd0a-4186-9e75-65d1bf3da283} - C:\Program Files\Amazon\Add to Wish List IE Extension\run.htm ()
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\..Trusted Domains: netzero.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\..Trusted Domains: netzero.net ([]* in Trusted sites)
O15 - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace....ceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_09)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.syste...ri_4.4.26.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5844C376-CF45-4FF5-B969-91E10F515F79}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\STDEEZ\Pictures\New Folder (2)\35681_132129916815051_100000541309601_259686_7025739_n.jpg
O24 - Desktop BackupWallPaper: C:\Users\STDEEZ\Pictures\New Folder (2)\35681_132129916815051_100000541309601_259686_7025739_n.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2013/09/09 15:21:46 | 000,000,000 | RH-- | M] () - E:\autorun.wbcat -- [ UDF ]
O32 - AutoRun File - [2013/09/09 15:21:46 | 000,000,127 | ---- | M] () - E:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{61031d29-74b6-11e2-9238-001f1658ee8b}\Shell - "" = AutoRun
O33 - MountPoints2\{61031d29-74b6-11e2-9238-001f1658ee8b}\Shell\AutoRun\command - "" = G:\MotorolaDeviceManagerSetup.exe -a
O33 - MountPoints2\{7b45316e-4c56-11e1-af6b-001f1658ee8b}\Shell - "" = AutoRun
O33 - MountPoints2\{7b45316e-4c56-11e1-af6b-001f1658ee8b}\Shell\AutoRun\command - "" = G:\UEZLink.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/10/30 09:05:43 | 000,000,000 | ---D | C] -- C:\Users\STDEEZ\AppData\Local\Mozilla
[2013/10/30 09:05:31 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013/10/30 09:05:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/10/30 09:05:15 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/10/30 09:00:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/10/30 07:56:37 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013/10/30 07:56:02 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013/10/30 07:56:02 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013/10/30 07:56:02 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013/10/30 07:56:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013/10/30 07:44:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013/10/29 09:34:22 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2013/10/28 09:23:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013/10/28 09:15:21 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/10/16 14:51:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vz In-Home Agent
[2013/10/16 14:51:01 | 000,000,000 | --SD | C] -- C:\ComboFix
[2013/10/16 12:13:59 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/10/16 12:13:58 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/10/16 12:13:58 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/10/16 12:10:15 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/10/16 12:09:45 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/10/16 10:53:45 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/10/16 09:10:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\STDEEZ\Desktop\OTL.exe
[2013/10/16 08:09:53 | 000,000,000 | ---D | C] -- C:\Users\STDEEZ\Desktop\fix
[2013/10/15 12:53:03 | 001,087,213 | ---- | C] (Farbar) -- C:\Users\STDEEZ\Desktop\FRST.exe
[2013/10/15 12:50:53 | 000,000,000 | ---D | C] -- C:\FRST
[2013/10/15 11:51:34 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/10/15 10:25:56 | 017,226,632 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[2013/10/15 10:11:56 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/10/15 10:11:49 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/10/15 10:11:47 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/10/15 10:11:47 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/10/15 10:11:46 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/10/15 10:11:46 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/10/15 10:11:45 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/10/15 10:11:44 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/10/09 14:05:09 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2013/10/09 14:05:09 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2013/10/09 14:05:09 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2013/10/09 14:05:09 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2013/10/09 14:05:09 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2013/10/09 14:05:09 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2013/10/09 14:05:09 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2013/10/09 14:05:09 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2013/10/09 14:05:07 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2013/10/09 14:05:06 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2013/10/09 14:05:05 | 002,050,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/10/09 14:04:52 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2013/10/09 14:04:52 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2013/10/09 14:04:47 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2013/10/09 14:04:47 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2013/10/09 14:00:39 | 000,025,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys
[2009/02/22 11:02:32 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\STDEEZ\AppData\Roaming\pcouffin.sys
[3 C:\Users\STDEEZ\Documents\*.tmp files -> C:\Users\STDEEZ\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/10/30 09:10:05 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/30 09:05:39 | 000,000,830 | ---- | M] () -- C:\Users\STDEEZ\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/10/30 09:05:34 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/10/30 09:00:10 | 000,001,931 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/10/30 08:24:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/10/30 08:00:39 | 000,451,565 | ---- | M] () -- C:\Users\STDEEZ\Desktop\JavaRa.def
[2013/10/30 07:55:38 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013/10/30 07:55:29 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013/10/30 07:55:29 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013/10/30 07:55:29 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013/10/30 07:50:06 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/30 07:47:55 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/10/30 07:47:54 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/10/30 07:47:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/10/30 07:47:42 | 2073,255,936 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/30 07:33:06 | 000,274,944 | ---- | M] (SingularLabs) -- C:\Users\STDEEZ\Desktop\JavaRa.exe
[2013/10/29 13:17:02 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2013/10/29 12:21:30 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2013/10/29 09:34:22 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2013/10/28 09:25:26 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/10/16 14:51:37 | 000,000,894 | ---- | M] () -- C:\Users\Public\Desktop\Vz In-Home Agent.lnk
[2013/10/16 09:10:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\STDEEZ\Desktop\OTL.exe
[2013/10/16 08:13:31 | 000,000,285 | ---- | M] () -- C:\Users\STDEEZ\Desktop\FRST - Shortcut.lnk
[2013/10/15 12:53:09 | 000,604,752 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/10/15 12:53:09 | 000,104,420 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/10/15 12:46:35 | 000,344,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/10/15 10:26:34 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/10/15 10:26:34 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/10/15 10:26:03 | 017,226,632 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[3 C:\Users\STDEEZ\Documents\*.tmp files -> C:\Users\STDEEZ\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/10/30 09:05:39 | 000,000,830 | ---- | C] () -- C:\Users\STDEEZ\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/10/30 09:05:34 | 000,000,818 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/10/30 09:05:34 | 000,000,806 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/10/30 09:00:10 | 000,001,931 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/10/30 07:53:56 | 000,451,565 | ---- | C] () -- C:\Users\STDEEZ\Desktop\JavaRa.def
[2013/10/29 13:15:18 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2013/10/29 13:15:18 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2013/10/28 09:24:56 | 000,001,786 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2013/10/16 14:51:37 | 000,000,894 | ---- | C] () -- C:\Users\Public\Desktop\Vz In-Home Agent.lnk
[2013/10/16 12:13:59 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/10/16 12:13:58 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/10/16 12:13:58 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/10/16 12:13:58 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/10/16 12:13:58 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/10/16 08:13:31 | 000,000,285 | ---- | C] () -- C:\Users\STDEEZ\Desktop\FRST - Shortcut.lnk
[2012/10/20 21:08:15 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2012/09/06 17:41:02 | 000,018,035 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp Music Converter.dat
[2012/08/13 21:03:20 | 007,261,256 | ---- | C] () -- C:\Windows\System32\SpoonUninstall.exe
[2012/06/06 18:51:11 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2010/01/30 17:14:30 | 000,001,041 | ---- | C] () -- C:\Users\STDEEZ\AppData\Roaming\vso_ts_preview.xml
[2009/06/14 10:21:26 | 000,018,277 | ---- | C] () -- C:\Users\STDEEZ\AppData\Roaming\UserTile.png
[2009/06/02 21:04:03 | 000,003,878 | ---- | C] () -- C:\Users\STDEEZ\AppData\Roaming\wklnhst.dat
[2009/03/25 20:27:18 | 000,007,052 | ---- | C] () -- C:\Users\STDEEZ\AppData\Local\d3d9caps.dat
[2009/02/22 11:02:32 | 000,087,608 | ---- | C] () -- C:\Users\STDEEZ\AppData\Roaming\inst.exe
[2009/02/22 11:02:32 | 000,007,887 | ---- | C] () -- C:\Users\STDEEZ\AppData\Roaming\pcouffin.cat
[2009/02/22 11:02:32 | 000,001,144 | ---- | C] () -- C:\Users\STDEEZ\AppData\Roaming\pcouffin.inf
[2009/02/19 16:56:10 | 000,201,728 | ---- | C] () -- C:\Users\STDEEZ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/20 01:07:23 | 000,000,284 | ---- | C] () -- C:\ProgramData\hpqp.ini

========== ZeroAccess Check ==========

[2011/12/22 16:28:07 | 000,000,082 | ---- | M] () -- C:\Windows\$NtUninstallKB62280$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\EBQU48LQ\t.cxt.ms\lso.swf\u.sol
[2011/12/22 14:35:04 | 000,000,000 | ---D | M] -- C:\Windows\$NtUninstallKB62280$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\EBQU48LQ\wbads.vo.llnwd.net\o25\u
[2011/12/22 16:28:07 | 000,000,082 | ---- | M] () -- C:\Windows\$NtUninstallKB62280$\systemprofile\Application Data\Macromedia\Flash Player\#SharedObjects\EBQU48LQ\t.cxt.ms\lso.swf\u.sol
[2011/12/22 14:35:04 | 000,000,000 | ---D | M] -- C:\Windows\$NtUninstallKB62280$\systemprofile\Application Data\Macromedia\Flash Player\#SharedObjects\EBQU48LQ\wbads.vo.llnwd.net\o25\u
[2006/11/02 05:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 10:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 23:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 23:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\$NtUninstallKB62280$] -> -> Unknown point type

========== Alternate Data Streams ==========

@Alternate Data Stream - 237 bytes -> C:\ProgramData\Temp:A88BE334
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:DFC5A2B2

< End of report >
  • 0

#35
killurbeer

killurbeer

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Well i got it to work. I just uninstalled all the updates for IE. Uninstalled IE and reinstalled it. Website works fine now. I guess we can move on to the clean up process now? haha.
  • 0

#36
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK you beat me to that one as it was going to be the next option :)

In that case methinks I will send you on your merry way :)

Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove ComboFix
  • Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
  • In the Run box, type in ComboFix /Uninstall
    (Notice the space between the "x" and "/")
    then click OK

    Posted Image
  • Follow the prompts on the screen
  • A message should appear confirming that ComboFix was uninstalled

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

Clear Restore Points

Go Start > All Programmes > Accessories > System tools
Right click Disc Cleanup and select run as administrator
When it pops up at the first prompt select OK after it has done some calculations the tabs will appear
Select More Options tab
Press Sytem Restore and Shadow Copies Cleanup button



: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article and this article.
I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Malwarebytes.

Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

If you use on-line banking then as an added layer of protection install Trusteer Rapport

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe :wave:
  • 0

#37
killurbeer

killurbeer

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
AWESOME THANK YOU SO MUCH!!!
  • 0

#38
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
My pleasure, keep safe :)
  • 0

#39
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP