rowindal.d torjan

Question

killza 0 Light Poster

13 Years Ago

Hey, this exploit periodically pops up on my MSE. I'd ideally like to get rid of it permanently. Here are the logs

I had to break this down into like a million posts because the logs were too large for one post to handle. Sorry about that!

I know for a fact that I have clicklitepotato and facemoods are malware/spyware problems that I have.

GMER one
*blank*

GMER two

GMER 1.0.15.15640 - http://www.gmer.net
Rootkit scan 2011-06-13 16:09:51
Windows 6.0.6001 Service Pack 3
Running: 7pcveej3.exe

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00247e611725
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00247e611725@000e079b3b43 0x34 0x13 0xCA 0x16 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00247e611725@34c3ac5369a1 0x0D 0xAE 0x12 0x44 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x2F 0x55 0xEF 0x45 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x3C 0x3E 0x75 0xCF ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x68 0xDB 0x54 0x9A ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0xC0 0xF4 0x53 0xCB ...
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00247e611725 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00247e611725@000e079b3b43 0x34 0x13 0xCA 0x16 ...
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00247e611725@34c3ac5369a1 0x0D 0xAE 0x12 0x44 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x2F 0x55 0xEF 0x45 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x3C 0x3E 0x75 0xCF ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x68 0xDB 0x54 0x9A ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0xC0 0xF4 0x53 0xCB ...

---- EOF - GMER 1.0.15 ----

malware bytes log

Malwarebytes' Anti-Malware 1.44
Database version: 3768
Windows 6.0.6001 Service Pack 3
Internet Explorer 7.0.6001.18000

13/06/2011 9:30:55 PM
mbam-log-2011-06-13 (21-30-55).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 702581
Time elapsed: 2 hour(s), 59 minute(s), 27 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

attach

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-12.02)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 17/05/2009 7:35:07 AM
System Uptime: 13/06/2011 9:40:51 PM (0 hours ago)
.
Motherboard: Quanta | | 361B
Processor: Intel(R) Core(TM)2 Duo CPU P7450 @ 2.13GHz | CPU | 2133/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 286 GiB total, 27.147 GiB free.
D: is FIXED (NTFS) - 12 GiB total, 1.937 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Device ID: ROOT\NET\0001
Manufacturer: Cisco Systems
Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
PNP Device ID: ROOT\NET\0001
Service: vpnva
.
Class GUID: {4d36e97d-e325-11ce-bfc1-08002be10318}
Description: AMD Low Level Device Driver
Device ID: ROOT\SYSTEM\0003
Manufacturer: Advanced Micro Devices
Name: AMD Low Level Device Driver
PNP Device ID: ROOT\SYSTEM\0003
Service: AmdLLD64
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: Apple Mobile Device USB Driver
Device ID: ROOT\UNKNOWN\0000
Manufacturer: Apple, Inc.
Name: Apple Mobile Device USB Driver
PNP Device ID: ROOT\UNKNOWN\0000
Service: USBAAPL64
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: Apple Mobile Device USB Driver
Device ID: ROOT\UNKNOWN\0001
Manufacturer: Apple, Inc.
Name: Apple Mobile Device USB Driver
PNP Device ID: ROOT\UNKNOWN\0001
Service: USBAAPL64
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Activation Assistant for the 2007 Microsoft Office suites
ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.3
Adobe Shockwave Player 11.5
AIM 7
Alien Swarm
Apple Application Support
Apple Software Update
µTorrent
Audiosurf
Baseball Mogul 2011
Baseball Mogul 2011 Patch from 1305 to 1308
Battlefield: Bad Company 2
BCWipe 5.0
Beat Hazard
Borderlands
Burnout(TM) Paradise The Ultimate Box
Call of Duty(R) 2
Cisco AnyConnect VPN Client
ClickPotato
Combined Community Codec Pack 2008-09-21 16:18
Command and Conquer: Red Alert 3
Compatibility Pack for the 2007 Office system
CopyTrans Suite Remove Only
Counter-Strike: Source
CSS FULL DZ [Oct 15 2007] v18.1
CyberLink DVD Suite
DAEMON Tools Toolbar
DC++ 0.750
Defense Grid: The Awakening
DepositFiles FileManager with FTP 0.9.9.163
DivX Setup
DjVuLibre+DjView
Download Updater (AOL LLC)
Dual-Core Optimizer
erLT
ESU for Microsoft Vista
eSupport UndeletePlus 3.0.2.406
F1 2010
Facemoods Toolbar
Fallout 3
foldit
Free Convert to DIVX AVI WMV MP4 MPEG Converter 5.8
Google Chrome
Google Earth Plug-in
Google Update Helper
GrabIt 1.7.2 Beta 4 (build 997)
Grand Theft Auto IV
Half-Life 2
Half-Life 2: Episode One
Hearts of Iron III
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Experience Enhancements
HP Doc Viewer
HP Help and Support
HP MediaSmart DVD
HP MediaSmart Music/Photo/Video
HP MediaSmart Webcam
HP Quick Launch Buttons 6.40 H2
HP Update
HP User Guides 0115
HP Wireless Assistant
HPAsset component for HP Active Support Library
HPTCSSetup
HyperCam 2
HyperCam Toolbar
I-Doser 4.50
IBM SPSS Statistics 19
IDT Audio
iPhone Configuration Utility
Java Auto Updater
Java(TM) 6 Update 23
Java(TM) 6 Update 7
JDownloader
JMicron JMB38X Flash Media Controller
Junk Mail filter update
K-Lite Codec Pack 4.0.0 (Full)
LabelPrint
Left 4 Dead 2
LightScribe System Software 1.14.17.1
LimeWire 5.4.6
Logitech SetPoint
LogMeIn Hamachi
Malwarebytes' Anti-Malware
Matroska Pack
Messenger Plus! 5
Messenger Plus! Live
Microsoft Choice Guard
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Live Search Toolbar
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
Microsoft WSE 3.0 Runtime
Mozilla Firefox 4.0 (x86 en-US)
MSVC80_x86
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
muvee Reveal
My HP Games
NetLimiter 2 Pro (remove only)
NetZero Preloader
Norton Security Scan
NVIDIA PhysX
OpenAL
OpenSubtitlesPlayer V4.X
PASW Statistics Student Version 18.0
PC Connectivity Solution
PDFCreator
PokerStars.net
Portal
Power2Go
PowerDirector
PowerISO
PunkBuster Services
QuickFreedom 1.2.0
QuickTime
Rapture3D 2.4.4 Game
RCT3 Soaked
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek 8169 8168 8101E 8102E Ethernet Driver
RealUpgrade 1.1
Restaurant Empire 2
Rockstar Games Social Club
RollerCoaster Tycoon® 3
SamsungConnectivityCableDriver
SecondLifeViewer2 (remove only)
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2466156)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2464583)
Security Update for Microsoft Office Groove 2007 (KB2494047)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Sid Meier's Civilization IV
Sid Meier's Civilization IV: Beyond the Sword
Sid Meier's Civilization IV: Warlords
SimCity 4 Deluxe
SimpleOCR 3.1
Skype™ 5.1
Sophos Anti-Virus
Sophos AutoUpdate
Starcraft
StarCraft II Beta
Steam
StreamTorrent 1.0
Team Fortress 2
The Elder Scrolls IV: Oblivion - Game of the Year Edition
The Sims™ 3
The Sims™ 3 High-End Loft Stuff
The Sims™ 3 World Adventures
Torchlight
Trine
Trine Demo
Tropico 3 - Steam Special Edition
TVAnts 1.0
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2509470)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2536413)
VC80CRTRedist - 8.0.50727.4053
Virtual Villagers 3 - The Secret City
VLC media player 1.0.5
Warhammer 40,000: Dawn of War
Warhammer 40,000: Dawn of War - Dark Crusade
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live OneCare safety scanner
Windows Live Photo Gallery
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Player Firefox Plugin
Yahoo! Messenger
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
11/06/2011 4:07:57 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
11/06/2011 4:07:57 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/06/2011 4:07:56 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
10/06/2011 5:02:17 PM, Error: SAVOnAccess [85] - File [...sers\Owner\AppData\Roaming\Skype\celinakiller\main.db-journal]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process Skype.exe, (start check timestamp [ 1cc27b1ae7519f8]).
10/06/2011 5:02:17 PM, Error: SAVOnAccess [85] - File [...rosoft\Windows\Temporary Internet Files\Content.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process Skype.exe, (start check timestamp [ 1cc27b1ae720cb8]).
10/06/2011 5:02:17 PM, Error: SAVOnAccess [85] - File [...olume1\Users\Owner\AppData\Roaming\Skype\celinakiller\main.db]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process Skype.exe, (start check timestamp [ 1cc27b1ae742f98]).
10/06/2011 5:02:17 PM, Error: SAVOnAccess [85] - File [...me1\Users\Owner\AppData\Roaming\Skype\celinakiller\griffin.db]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process Skype.exe, (start check timestamp [ 1cc27b1ae756818]).
10/06/2011 5:02:17 PM, Error: SAVOnAccess [85] - File [...kVolume1\Users\Owner\AppData\Roaming\Skype\shared_dynco\dc.db]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process Skype.exe, (start check timestamp [ 1cc27b1ae6e3c28]).
10/06/2011 5:02:17 PM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Skype\temp-WrtNmgOfMCkBLgRo4hZ3irzu]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process Skype.exe, (start check timestamp [ 1cc27b1ae739358]).
10/06/2011 5:02:17 PM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Skype\temp-wOMmhqkDduqjwvygcgUXV8e3]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process Skype.exe, (start check timestamp [ 1cc27b1ae731e28]).
10/06/2011 5:02:17 PM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process Skype.exe, (start check timestamp [ 1cc27b1ae725ad8]).
10/06/2011 5:02:17 PM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process Skype.exe, (start check timestamp [ 1cc27b1ae72a8f8]).
10/06/2011 5:02:17 PM, Error: SAVOnAccess [85] - File [...\Users\Owner\AppData\Roaming\Skype\shared_dynco\dc.db-journal]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process Skype.exe, (start check timestamp [ 1cc27b1ae717078]).
10/06/2011 5:02:17 PM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc27b1ae6dee08]) filename continues: "...red_httpfe\queue.db"
10/06/2011 5:02:17 PM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Roaming\Skype\sha ..." of process Skype.exe, start check timestamp [ 1cc27b1ae6dee08] did not complete in time: file was not scanned.
10/06/2011 2:18:46 PM, Error: SAVOnAccess [85] - File [...indows\WinSxS\ManifestCache\6.0.6002.18005_0028c5a9_blobs.bin]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process TrustedInstalle, (start check timestamp [ 1cc279ad6b57b18]).
10/06/2011 2:18:46 PM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process DivXUpdate.exe, (start check timestamp [ 1cc279ad6b6b398]).
10/06/2011 2:18:46 PM, Error: SAVOnAccess [85] - File [...cc010c210000b8157016\7865b6d69a27cc010d210000b8157016_catalog]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process TrustedInstalle, (start check timestamp [ 1cc279ad6b6daa8]).
10/06/2011 2:18:46 PM, Error: SAVOnAccess [85] - File [...c010e210000b8157016\a84bb9d69a27cc010f210000b8157016_manifest]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process TrustedInstalle, (start check timestamp [ 1cc279ad6c46f38]).
10/06/2011 2:18:46 PM, Error: SAVOnAccess [85] - File [...c0109210000b8157016\980da8d69a27cc010a210000b8157016_manifest]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process TrustedInstalle, (start check timestamp [ 1cc279ad6b33128]).
10/06/2011 2:18:46 PM, Error: SAVOnAccess [85] - File [...ations\windows\projects\systemindex\indexer\cifiles\INDEX.001]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process SearchIndexer.e, (start check timestamp [ 1cc279ad6c6e038]).
10/06/2011 2:18:46 PM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process DivXUpdate.exe, (start check timestamp [ 1cc279ad6b701b8]).
10/06/2011 2:18:46 PM, Error: SAVOnAccess [85] - File [...5dec6d7ffe5610e6ceaedb286483c6156155c75071162c3d705279002.cat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process TrustedInstalle, (start check timestamp [ 1cc279ad6b8af68]).
10/06/2011 2:18:46 PM, Error: SAVOnAccess [85] - File [...1bf3856ad364e35_6.0.6002.22169_none_6e4c44dd4ca391ab.manifest]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process TrustedInstalle, (start check timestamp [ 1cc279ad6c5f5d8]).
10/06/2011 2:18:46 PM, Error: SAVOnAccess [85] - File [...1bf3856ad364e35_6.0.6002.18063_none_330ce64fd5940d00.manifest]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process TrustedInstalle, (start check timestamp [ 1cc279ad6b469a8]).
10/06/2011 2:18:46 PM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc279ad6b1d198]) filename continues: "...indows\Temporary Internet Files\Content.IE5\index.dat"
10/06/2011 2:18:46 PM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Local\Microsoft\W ..." of process DivXUpdate.exe, start check timestamp [ 1cc279ad6b1d198] did not complete in time: file was not scanned.
10/06/2011 12:21:26 AM, Error: SAVOnAccess [85] - File [...rogramData\Microsoft\Search\Data\Applications\Windows\MSS.log]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process SearchIndexer.e, (start check timestamp [ 1cc2725dd48e219]).
10/06/2011 12:21:26 AM, Error: SAVOnAccess [85] - File [...ramData\Microsoft\Search\Data\Applications\Windows\MSStmp.log]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process SearchIndexer.e, (start check timestamp [ 1cc2725dd5e6676]).
10/06/2011 12:21:26 AM, Error: SAVOnAccess [85] - File [...mData\Microsoft\Search\Data\Applications\Windows\MSS02142.log]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process SearchIndexer.e, (start check timestamp [ 1cc2725dd4d4f06]).
10/06/2011 12:21:23 AM, Error: SAVOnAccess [85] - File [...vice\HarddiskVolume1\Windows\Prefetch\DLLHOST.EXE-893DDF55.pf]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process svchost.exe, (start check timestamp [ 1cc2725db909f84]).
10/06/2011 12:21:16 AM, Error: SAVOnAccess [85] - File [...B476-83173A4643B5}\{B7357E26-1714-42C8-91BB-11B2686BB257}.qbd]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process ccSvcHst.exe, (start check timestamp [ 1cc2725d6ed10be]).
10/06/2011 12:21:14 AM, Error: SAVOnAccess [85] - File [...x86)\clickpotatolite\bin\10.0.668.0\clickpotatolitesahook.dll]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process ccSvcHst.exe, (start check timestamp [ 1cc2725d5d72cd1]).
10/06/2011 12:21:14 AM, Error: SAVOnAccess [85] - File [...B476-83173A4643B5}\{B7357E26-1714-42C8-91BB-11B2686BB257}.qbd]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process ccSvcHst.exe, (start check timestamp [ 1cc2725d5f8e67e]).
10/06/2011 12:21:14 AM, Error: SAVOnAccess [85] - File [...B476-83173A4643B5}\{B7357E26-1714-42C8-91BB-11B2686BB257}.qbd]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process ccSvcHst.exe, (start check timestamp [ 1cc2725d5f563f7]).
10/06/2011 12:21:13 AM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process ClickPotatoLite, (start check timestamp [ 1cc2725d53f2ead]).
10/06/2011 12:21:13 AM, Error: SAVOnAccess [85] - File [...\Device\HarddiskVolume1\Windows\TEMP\UDDD340.tmp]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process svchost.exe, (start check timestamp [ 1cc2725d5b6f9ce]).
10/06/2011 12:21:13 AM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc2725d53f2ead]) filename continues: "...\Windows\Cookies\index.dat"
10/06/2011 12:21:13 AM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Roaming\Microsoft ..." of process ClickPotatoLite, start check timestamp [ 1cc2725d53f2ead] did not complete in time: file was not scanned.
10/06/2011 12:19:21 AM, Error: SAVOnAccess [11] - Insufficient memory.
10/06/2011 11:47:33 AM, Error: SAVOnAccess [85] - File [...diskVolume1\ProgramData\Real\RealUpgrade\RealUpgrade_12_0.xml]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process realupgrade.exe, (start check timestamp [ 1cc2785b67459bd]).
10/06/2011 11:47:26 AM, Error: SAVOnAccess [85] - File [...\Device\HarddiskVolume1\Windows\Prefetch\AgAppLaunch.db]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process svchost.exe, (start check timestamp [ 1cc2785b25f5e1d]).
10/06/2011 11:47:23 AM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc2785b0db5dfd]).
10/06/2011 11:47:23 AM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc2785b0d8fc9d]).
10/06/2011 11:47:23 AM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc2785b0c5f19d]).
10/06/2011 11:47:23 AM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc2785b0c3903d]).
10/06/2011 11:47:21 AM, Error: SAVOnAccess [85] - File [...rogramData\Microsoft\Search\Data\Applications\Windows\MSS.log]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process SearchIndexer.e, (start check timestamp [ 1cc2785af5c209d]).
10/06/2011 11:47:17 AM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process ALLUpdate.exe, (start check timestamp [ 1cc2785ad0908dd]).
10/06/2011 11:47:17 AM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process ALLUpdate.exe, (start check timestamp [ 1cc2785ad0908dd]).
10/06/2011 11:47:17 AM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc2785ad0908dd]) filename continues: "...indows\Temporary Internet Files\Content.IE5\index.dat"
10/06/2011 11:47:17 AM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Local\Microsoft\W ..." of process ALLUpdate.exe, start check timestamp [ 1cc2785ad0908dd] did not complete in time: file was not scanned.
10/06/2011 11:40:28 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
10/06/2011 11:39:48 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
10/06/2011 11:39:48 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
10/06/2011 11:39:48 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
10/06/2011 11:39:43 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
10/06/2011 11:39:33 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
10/06/2011 11:39:31 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx64 DfsC eeCtrl IDSVia64 NetBIOS netbt nltdi nsiproxy PSched RasAcd rdbss SAVOnAccess SCDEmu Smb spldr SRTSP SRTSPX SymIRON SYMTDIv tdx Wanarpv6
10/06/2011 11:39:31 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
10/06/2011 11:39:31 AM, Error: Service Control Manager [7001] - The Windows Media Center Extender Service service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
10/06/2011 11:39:31 AM, Error: Service Control Manager [7001] - The WebDav Client Redirector Driver service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
10/06/2011 11:39:31 AM, Error: Service Control Manager [7001] - The WebClient service depends on the WebDav Client Redirector Driver service which failed to start because of the following error: The dependency service or group failed to start.
10/06/2011 11:39:31 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
10/06/2011 11:39:31 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
10/06/2011 11:39:31 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
10/06/2011 11:39:31 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
10/06/2011 11:39:31 AM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
10/06/2011 11:39:31 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service service which failed to start because of the following error: A device attached to the system is not functioning.
10/06/2011 11:39:31 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
10/06/2011 11:39:31 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
10/06/2011 11:39:31 AM, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
10/06/2011 11:39:31 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
10/06/2011 11:39:31 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
10/06/2011 11:39:31 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
10/06/2011 11:39:31 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
10/06/2011 11:38:29 AM, Error: Microsoft-Windows-TerminalServices-LocalSessionManager [1048] - Terminal Service start failed. The relevant status code was This service cannot be started in Safe Mode .
10/06/2011 11:38:29 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}
10/06/2011 11:36:07 AM, Error: SAVOnAccess [85] - File [...tch\AgGlUAD_P_S-1-5-21-148236403-4087186441-390601442-1000.db]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process svchost.exe, (start check timestamp [ 1cc27841d93cc55]).
10/06/2011 11:36:07 AM, Error: SAVOnAccess [85] - File [...ddiskVolume1\Windows\SoftwareDistribution\ReportingEvents.log]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process svchost.exe, (start check timestamp [ 1cc27841dc4ee75]).
10/06/2011 11:36:07 AM, Error: SAVOnAccess [85] - File [...8-AAA2-85EF591126E7}\NIS_18.6.0.29\NCW\performance.db-journal]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process ccSvcHst.exe, (start check timestamp [ 1cc27841dd234e5]).
10/06/2011 11:36:07 AM, Error: SAVOnAccess [85] - File [...8-AAA2-85EF591126E7}\NIS_18.6.0.29\NCW\performance.db-journal]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process ccSvcHst.exe, (start check timestamp [ 1cc27841dbc14d5]).
10/06/2011 11:36:07 AM, Error: SAVOnAccess [85] - File [...8-AAA2-85EF591126E7}\NIS_18.6.0.29\NCW\performance.db-journal]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process ccSvcHst.exe, (start check timestamp [ 1cc27841da112c5]).
10/06/2011 11:36:07 AM, Error: SAVOnAccess [85] - File [...\Device\HarddiskVolume1\Windows\WindowsUpdate.log]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process svchost.exe, (start check timestamp [ 1cc27841ddf0625]).
10/06/2011 11:36:06 AM, Error: SAVOnAccess [85] - File [...fetch\AgGlUAD_S-1-5-21-148236403-4087186441-390601442-1000.db]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process svchost.exe, (start check timestamp [ 1cc27841d3ad6e5]).
10/06/2011 11:36:03 AM, Error: SAVOnAccess [85] - File [...rosoft\Windows\Temporary Internet Files\Content.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process explorer.exe, (start check timestamp [ 1cc27841b54b1c5]).
10/06/2011 11:36:03 AM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process explorer.exe, (start check timestamp [ 1cc27841b53ee75]).
10/06/2011 11:36:03 AM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc27841b53a055]) filename continues: "...\Windows\Cookies\index.dat"
10/06/2011 11:36:03 AM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Roaming\Microsoft ..." of process explorer.exe, start check timestamp [ 1cc27841b53a055] did not complete in time: file was not scanned.
10/06/2011 11:35:59 AM, Error: SAVOnAccess [85] - File [...indows\History\History.IE5\MSHist012011060920110610\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process NLClient.exe, (start check timestamp [ 1cc278418db7465]).
10/06/2011 11:35:59 AM, Error: SAVOnAccess [85] - File [...emprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process NLClient.exe, (start check timestamp [ 1cc278418dab115]).
10/06/2011 11:35:59 AM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process NLClient.exe, (start check timestamp [ 1cc278418daff35]).
10/06/2011 11:35:59 AM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc278418da8a05]) filename continues: "...t"
10/06/2011 11:35:59 AM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc278418da8a05]) filename continues: "...\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.da"
10/06/2011 11:35:59 AM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Windows\system32\config\systemprofile ..." of process NLClient.exe, start check timestamp [ 1cc278418da8a05] did not complete in time: file was not scanned.
10/06/2011 11:35:56 AM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc278416f1ccd5]).
10/06/2011 11:35:56 AM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc278416f0e275]).
10/06/2011 11:35:56 AM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc278416f01f25]).
10/06/2011 11:35:56 AM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc278416ef34c5]).
10/06/2011 11:35:56 AM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc278416ee4a65]).
10/06/2011 11:35:56 AM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc278416ed6005]).
10/06/2011 11:35:56 AM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc278416ec0075]).
10/06/2011 11:35:56 AM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc278416eaef05]).
10/06/2011 11:35:56 AM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc27841708b035]).
10/06/2011 11:35:56 AM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process msnmsgr.exe, (start check timestamp [ 1cc278416e7e1c5]).
10/06/2011 11:35:56 AM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc27841708fe55]).
10/06/2011 11:35:56 AM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process msnmsgr.exe, (start check timestamp [ 1cc278416e82fe5]).
10/06/2011 11:35:56 AM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc278417086215]) filename continues: "...indows\Temporary Internet Files\Content.IE5\index.dat"
10/06/2011 11:35:56 AM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc278416e7bab5]) filename continues: "...indows\Temporary Internet Files\Content.IE5\index.dat"
10/06/2011 11:35:56 AM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Local\Microsoft\W ..." of process sidebar.exe, start check timestamp [ 1cc278417086215] did not complete in time: file was not scanned.
10/06/2011 11:35:56 AM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Local\Microsoft\W ..." of process msnmsgr.exe, start check timestamp [ 1cc278416e7bab5] did not complete in time: file was not scanned.
10/06/2011 11:35:55 AM, Error: SAVOnAccess [85] - File [...\Owner\AppData\Roaming\Microsoft\MSN Messenger\sqmnoopt03.sqm]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process msnmsgr.exe, (start check timestamp [ 1cc278416cf0295]).
10/06/2011 11:35:52 AM, Error: SAVOnAccess [85] - File [...fig\systemprofile\AppData\Local\LogMeIn Hamachi\h2-engine.log]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process hamachi-2.exe, (start check timestamp [ 1cc278414db9705]).
10/06/2011 11:35:52 AM, Error: SAVOnAccess [85] - File [...fig\systemprofile\AppData\Local\LogMeIn Hamachi\h2-engine.log]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process hamachi-2.exe, (start check timestamp [ 1cc278414d77855]).
10/06/2011 11:35:52 AM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process DivXUpdate.exe, (start check timestamp [ 1cc2784151089b5]).
10/06/2011 11:35:52 AM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process DivXUpdate.exe, (start check timestamp [ 1cc27841510d7d5]).
10/06/2011 11:35:52 AM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc278415103b95]) filename continues: "...indows\Temporary Internet Files\Content.IE5\index.dat"
10/06/2011 11:35:52 AM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Local\Microsoft\W ..." of process DivXUpdate.exe, start check timestamp [ 1cc278415103b95] did not complete in time: file was not scanned.
10/06/2011 11:35:51 AM, Error: SAVOnAccess [85] - File [...vice\HarddiskVolume1\Windows\Prefetch\LOGONUI.EXE-1BEE4A84.pf]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process svchost.exe, (start check timestamp [ 1cc278413f1fa55]).
10/06/2011 11:35:51 AM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc2784145f1405]).
10/06/2011 11:35:51 AM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc27841470c745]).
10/06/2011 11:35:51 AM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc278414711565]).
10/06/2011 11:35:51 AM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc27841470c745]) filename continues: "...indows\Temporary Internet Files\Content.IE5\index.dat"
10/06/2011 11:35:51 AM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Local\Microsoft\W ..." of process sidebar.exe, start check timestamp [ 1cc27841470c745] did not complete in time: file was not scanned.
10/06/2011 11:35:50 AM, Error: SAVOnAccess [85] - File [...r\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1024.db]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process explorer.exe, (start check timestamp [ 1cc2784136cc4c5]).
10/06/2011 11:35:50 AM, Error: SAVOnAccess [85] - File [...ner\AppData\Local\Microsoft\Windows\Explorer\thumbcache_sr.db]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process explorer.exe, (start check timestamp [ 1cc2784136d8815]).
10/06/2011 11:35:50 AM, Error: SAVOnAccess [85] - File [...ner\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process explorer.exe, (start check timestamp [ 1cc2784135ebb05]).
10/06/2011 11:35:50 AM, Error: SAVOnAccess [85] - File [...ner\AppData\Local\Microsoft\Windows\Explorer\thumbcache_32.db]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process explorer.exe, (start check timestamp [ 1cc2784135a9c55]).
10/06/2011 11:35:50 AM, Error: SAVOnAccess [85] - File [...er\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process explorer.exe, (start check timestamp [ 1cc27841351e9c5]).
10/06/2011 11:35:50 AM, Error: SAVOnAccess [85] - File [...er\AppData\Local\Microsoft\Windows\Explorer\thumbcache_256.db]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process explorer.exe, (start check timestamp [ 1cc27841362b2a5]).
10/06/2011 11:35:49 AM, Error: SAVOnAccess [85] - File [...rosoft\Windows\Temporary Internet Files\Content.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process aim.exe, (start check timestamp [ 1cc278412e3bea5]).
10/06/2011 11:35:49 AM, Error: SAVOnAccess [85] - File [...rddiskVolume1\Users\Owner\AppData\Roaming\acccore\nss\key3.db]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process aim.exe, (start check timestamp [ 1cc278412e0d875]).
10/06/2011 11:35:49 AM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process explorer.exe, (start check timestamp [ 1cc2784134bcf45]).
10/06/2011 11:35:49 AM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process aim.exe, (start check timestamp [ 1cc278412e8a0a5]).
10/06/2011 11:35:49 AM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process explorer.exe, (start check timestamp [ 1cc2784134c6b85]).
10/06/2011 11:35:49 AM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process aim.exe, (start check timestamp [ 1cc278412eee235]).
10/06/2011 11:35:49 AM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc2784134ba835]) filename continues: "...indows\Temporary Internet Files\Content.IE5\index.dat"
10/06/2011 11:35:49 AM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc278412e0b165]) filename continues: "...ss\cert8.db"
10/06/2011 11:35:49 AM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Roaming\acccore\n ..." of process aim.exe, start check timestamp [ 1cc278412e0b165] did not complete in time: file was not scanned.
10/06/2011 11:35:49 AM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Local\Microsoft\W ..." of process explorer.exe, start check timestamp [ 1cc2784134ba835] did not complete in time: file was not scanned.
10/06/2011 1:25:20 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.
10/06/2011 1:24:50 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-zh-tw-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
10/06/2011 1:24:50 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-zh-hk-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
10/06/2011 1:24:50 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-zh-cn-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
10/06/2011 1:24:50 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-uk-ua-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
10/06/2011 1:24:50 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-tr-tr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
10/06/2011 1:24:50 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-th-th-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
10/06/2011 1:24:50 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sv-se-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
10/06/2011 1:24:50 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sr-latn-cs-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
10/06/2011 1:24:50 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sl-si-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
10/06/2011 1:24:50 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sk-sk-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
10/06/2011 1:24:50 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ru-ru-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
10/06/2011 1:24:50 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ro-ro-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
10/06/2011 1:24:50 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-pt-pt-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
10/06/2011 1:24:50 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-pt-br-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
10/06/2011 1:24:50 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ps-ps-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
10/06/2011 1:24:50 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-pl-pl-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
10/06/2011 1:24:50 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-nl-nl-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
10/06/2011 1:24:50 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-Neutral from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
10/06/2011 1:24:50 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-nb-no-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
10/06/2011 1:24:50 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-lv-lv-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
10/06/2011 1:24:50 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-lt-lt-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
10/06/2011 1:24:50 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ko-kr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
10/06/2011 1:24:50 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ja-jp-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
10/06/2011 1:24:50 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-it-it-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
10/06/2011 1:24:50 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-hu-hu-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
10/06/2011 1:24:50 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-hr-hr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
10/06/2011 1:24:50 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-he-il-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
10/06/2011 1:24:50 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-fr-fr-LP from package WUClient-SelfUpdate-Aux-Package-fr-fr-MiniLP(Feature Pack) into Staged(Staged) state
10/06/2011 1:24:50 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-fr-fr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Featu

windows-virus

Edited 13 Years Ago by killza because: n/a

4 Contributors
27 Replies
614 Views
2 Weeks Discussion Span
Latest Post 13 Years Ago Latest Post by jholland1964

jholland1964 650 Posting Expert

13 Years Ago

Your MBA-M program is nearly 18 months old. Current version is version 1.51.0.1200 and the latest database version is 6851 so your database is 3000 behind.

The absolute rule is to always update MBA-M before each and every scan. They issue updates multiple times daily so even if you run multiple scans in one day the program should always be updated before each scan.
You absolutely must update this program and do another Full Scan with it and have it Remove Everything found and then Reboot the computer, this is very important since some of the removals often are not complete until the computer has been rebooted.

You need to Uninstall these programs as they are likely part of the cause for your infections:
µTorrent
ClickPotato
StreamTorrent 1.0
facemoods

After you have run MBA-M and posted the new log then please do the following:

Please Run the ESET Online Scanner

http://www.eset.com/us/online-scanner?i_agree=14

* You can use Internet Explorer or you may use Firefox to complete this scan and you will need to allow an Active X to be installed
* You will need to temporarily Disable your current Anti-virus program.
* Be sure the option to Remove found threats is checked and the option to Scan unwanted applications is Checked.

* When you have completed that scan, a scanlog ought to have been created and located at C:\Program Files\EsetOnlineScanner\log.txt.

Reboot the computer again.

Once again run the DDS Scanner and save the logs.

Post back with the ESET Scanner Log and the new DDS Scanner log

Edited 13 Years Ago by jholland1964 because: n/a

jholland1964 650 Posting Expert

13 Years Ago

ClickPotato was removed by MBA-M so that is gone. I still see uTorrent running on the computer.
You have a HUGE number of processes running when the DDS scans have been done. Key thing about removing infections is that only NECESSARY programs should be running while doing this and many of those running here are not necessary for the running of the computer.
You need to change your Start Page from facemoods. Try going to a safe page, like the plain google home page and setting that as the start page and see if that makes a difference. Then you can certainly choose another but make sure it is a SAFE page and not something like facemoods. You also need to go into Addons in both browsers and disable and then delete if possible delete the facemoods tool bars.

Update MBA-M and run another Full Scan. Also download and install the FREE version of SUPERAntispyware and run a full scan with it also. Have it rmeove everything it finds.http://www.superantispyware.com/download.html
Post back with both of those logs.

Edited 13 Years Ago by jholland1964 because: n/a

jholland1964 650 Posting Expert

13 Years Ago

Hate to say this but since it has been 8 days since your last reply there is no way I can say what could have caused this.
Have you been using the computer in the last 8 days rather than completing the requested steps? SAS was the other request, it hasn't been completed.
Run DDS scanner again and post back with both logs.

jholland1964 650 Posting Expert

13 Years Ago

Open SAS, click the Preferences button. There you will see a lot of tabs. Click the Statistics/Logs tab. The log will be in there.

jholland1964 650 Posting Expert

13 Years Ago

You SAS program is out of date. One absolute rule when doing any scan, update the program before doing the scan. You posted two scans and the program had not been updated for either one. On the 22nd the database was 7304 and the Trace # was 5116.
Please update the program and do another Full Scan. Post back with the log.
You cookie setting is incorrect for Google Chrome because these are all 3rd party tracking cookies. I don't use Chrome so I am not sure where you would find that setting in the program but it should be changed to block 3rd party cookies and accept only 1st party cookies.

LimeWire 5.4.6 must absolutely be removed. P2P is the easiest way to get an infection and to have your computer hijacked.

Edited 13 Years Ago by jholland1964 because: n/a

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

killza 0 Light Poster · Answer 1 · 2011-06-14T08:38:43+00:00

08/06/2011 6:26:31 PM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Local\Microsoft\W ..." of process explorer.exe, start check timestamp [ 1cc262b1e322469] did not complete in time: file was not scanned.
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...Volume1\Users\Owner\AppData\Roaming\uTorrent\settings.dat.new]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process uTorrent.exe, (start check timestamp [ 1cc262b1c434121]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...sers\Owner\AppData\Roaming\Locktime\NetLimiter\2\settings.xml]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process NLClient.exe, (start check timestamp [ 1cc262b1bf9d48d]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc262b1c6f5eb5]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc262b1c6e743d]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc262b1c6d62b1]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc262b1c6c7839]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc262b1c6b3f99]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc262b1c6a5521]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc262b1c696aa9]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc262b1c68a745]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc262b1c12dd5d]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc262b1c11f2e5]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...rosoft\Windows\Temporary Internet Files\Content.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process ClickPotatoLite, (start check timestamp [ 1cc262b1c23cf09]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...indows\History\History.IE5\MSHist012011060820110609\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process NLClient.exe, (start check timestamp [ 1cc262b1be25285]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...indows\History\History.IE5\MSHist012011060820110609\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process ClickPotatoLite, (start check timestamp [ 1cc262b1c24b981]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...fig\systemprofile\AppData\Local\LogMeIn Hamachi\h2-engine.log]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process hamachi-2.exe, (start check timestamp [ 1cc262b1c1c2d21]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...fig\systemprofile\AppData\Local\LogMeIn Hamachi\h2-engine.log]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process hamachi-2.exe, (start check timestamp [ 1cc262b1c1bb7e5]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc262b1c74dd85]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc262b1c1798c9]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process msnmsgr.exe, (start check timestamp [ 1cc262b1c665d19]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process facemoodssrv.ex, (start check timestamp [ 1cc262b1c1ffe15]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process DivXUpdate.exe, (start check timestamp [ 1cc262b1c32c4b1]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...er\AppData\Roaming\Apple Computer\Logs\asl.142938_08Jun11.log]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process iTunesHelper.ex, (start check timestamp [ 1cc262b1c2a5f65]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...emprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process NLClient.exe, (start check timestamp [ 1cc262b1c0ce951]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...ddiskVolume1\Users\Owner\AppData\Roaming\uTorrent\rss.dat.new]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process uTorrent.exe, (start check timestamp [ 1cc262b1c44eefd]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...ddiskVolume1\Users\Owner\AppData\Roaming\uTorrent\dht.dat.new]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process uTorrent.exe, (start check timestamp [ 1cc262b1c46279d]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc262b1c7552c1]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc262b1c183519]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process NLClient.exe, (start check timestamp [ 1cc262b1c0d3779]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process msnmsgr.exe, (start check timestamp [ 1cc262b1c67207d]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process facemoodssrv.ex, (start check timestamp [ 1cc262b1c204c3d]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process DivXUpdate.exe, (start check timestamp [ 1cc262b1c3312d9]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process ClickPotatoLite, (start check timestamp [ 1cc262b1c241d31]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...\HarddiskVolume1\Users\Owner\AppData\Roaming\uTorrent\rss.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process uTorrent.exe, (start check timestamp [ 1cc262b1c456439]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...\HarddiskVolume1\Users\Owner\AppData\Roaming\uTorrent\dht.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process uTorrent.exe, (start check timestamp [ 1cc262b1c4675c5]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...\??\C:\Users\Owner\AppData\Roaming\uTorrent\settings.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process uTorrent.exe, (start check timestamp [ 1cc262b1c4479c1]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...\??\C:\Users\Owner\AppData\Roaming\uTorrent\settings.dat.old]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process uTorrent.exe, (start check timestamp [ 1cc262b1c43dd71]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [85] - File [...\??\C:\Users\Owner\AppData\Roaming\uTorrent\rss.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process uTorrent.exe, (start check timestamp [ 1cc262b1c45b261]).
08/06/2011 6:26:28 PM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc262b1c74dd85]) filename continues: "...indows\Temporary Internet Files\Content.IE5\index.dat"
08/06/2011 6:26:28 PM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc262b1c665d19]) filename continues: "...indows\Temporary Internet Files\Content.IE5\index.dat"
08/06/2011 6:26:28 PM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc262b1c329d9d]) filename continues: "...indows\Temporary Internet Files\Content.IE5\index.dat"
08/06/2011 6:26:28 PM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc262b1c241d31]) filename continues: "...\Windows\Cookies\index.dat"
08/06/2011 6:26:28 PM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc262b1c1ffe15]) filename continues: "...indows\Temporary Internet Files\Content.IE5\index.dat"
08/06/2011 6:26:28 PM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc262b1c1798c9]) filename continues: "...indows\Temporary Internet Files\Content.IE5\index.dat"
08/06/2011 6:26:28 PM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc262b1c0ce951]) filename continues: "...t"
08/06/2011 6:26:28 PM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc262b1c0ce951]) filename continues: "...\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.da"
08/06/2011 6:26:28 PM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Windows\system32\config\systemprofile ..." of process NLClient.exe, start check timestamp [ 1cc262b1c0ce951] did not complete in time: file was not scanned.
08/06/2011 6:26:28 PM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Roaming\Microsoft ..." of process ClickPotatoLite, start check timestamp [ 1cc262b1c241d31] did not complete in time: file was not scanned.
08/06/2011 6:26:28 PM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Local\Microsoft\W ..." of process sidebar.exe, start check timestamp [ 1cc262b1c74dd85] did not complete in time: file was not scanned.
08/06/2011 6:26:28 PM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Local\Microsoft\W ..." of process sidebar.exe, start check timestamp [ 1cc262b1c1798c9] did not complete in time: file was not scanned.
08/06/2011 6:26:28 PM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Local\Microsoft\W ..." of process msnmsgr.exe, start check timestamp [ 1cc262b1c665d19] did not complete in time: file was not scanned.
08/06/2011 6:26:28 PM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Local\Microsoft\W ..." of process facemoodssrv.ex, start check timestamp [ 1cc262b1c1ffe15] did not complete in time: file was not scanned.
08/06/2011 6:26:28 PM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Local\Microsoft\W ..." of process DivXUpdate.exe, start check timestamp [ 1cc262b1c329d9d] did not complete in time: file was not scanned.
08/06/2011 6:26:27 PM, Error: SAVOnAccess [85] - File [...t Files\AntiPhishing\A0AB7674-8D67-4F4D-B5E1-96FAEADFB79D.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process iexplore.exe, (start check timestamp [ 1cc262b1bba7b21]).
08/06/2011 6:26:27 PM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process iexplore.exe, (start check timestamp [ 1cc262b1bb87f1d]).
08/06/2011 6:26:27 PM, Error: SAVOnAccess [85] - File [...ce\HarddiskVolume1\Users\Owner\AppData\Local\Temp\~DF7E20.tmp]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process iexplore.exe, (start check timestamp [ 1cc262b1bbac949]).
08/06/2011 6:26:27 PM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process iexplore.exe, (start check timestamp [ 1cc262b1bb8cd45]).
08/06/2011 6:26:27 PM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc262b1bb87f1d]) filename continues: "...indows\Temporary Internet Files\Content.IE5\index.dat"
08/06/2011 6:26:27 PM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Local\Microsoft\W ..." of process iexplore.exe, start check timestamp [ 1cc262b1bb87f1d] did not complete in time: file was not scanned.
08/06/2011 5:40:34 PM, Error: SAVOnAccess [85] - File [...Users\Owner\AppData\Local\Google\Chrome\User Data\Local State]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process chrome.exe, (start check timestamp [ 1cc2624b296cfed]).
08/06/2011 5:40:34 PM, Error: SAVOnAccess [85] - File [...skVolume1\Users\Owner\AppData\Roaming\uTorrent\resume.dat.new]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process uTorrent.exe, (start check timestamp [ 1cc2624b29a796d]).
08/06/2011 5:40:34 PM, Error: SAVOnAccess [85] - File [...ppData\Local\Google\Chrome\User Data\Local State~RFb025cb.TMP]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process chrome.exe, (start check timestamp [ 1cc2624b29681cd]).
08/06/2011 5:40:34 PM, Error: SAVOnAccess [85] - File [...e1\Users\Owner\AppData\Local\Google\Chrome\User Data\25F4.tmp]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process chrome.exe, (start check timestamp [ 1cc2624b295be7d]).
08/06/2011 5:40:34 PM, Error: SAVOnAccess [85] - File [...\??\C:\Users\Owner\AppData\Roaming\uTorrent\resume.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process uTorrent.exe, (start check timestamp [ 1cc2624b29c271d]).
08/06/2011 5:40:34 PM, Error: SAVOnAccess [85] - File [...\??\C:\Users\Owner\AppData\Roaming\uTorrent\resume.dat.old]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process uTorrent.exe, (start check timestamp [ 1cc2624b29b8add]).
08/06/2011 5:40:33 PM, Error: SAVOnAccess [85] - File [...me1\Users\Owner\AppData\Local\Microsoft\Feeds Cache\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process iexplore.exe, (start check timestamp [ 1cc2624b1f2c7bd]).
08/06/2011 5:40:33 PM, Error: SAVOnAccess [85] - File [...indows\History\History.IE5\MSHist012011060820110609\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process iexplore.exe, (start check timestamp [ 1cc2624b1f33ced]).
08/06/2011 5:40:33 PM, Error: SAVOnAccess [85] - File [...ce\HarddiskVolume1\Users\Owner\AppData\Local\Temp\~DF1597.tmp]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process iexplore.exe, (start check timestamp [ 1cc2624b1f2799d]).
08/06/2011 5:40:33 PM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process iexplore.exe, (start check timestamp [ 1cc2624b1f1b64d]).
08/06/2011 5:40:33 PM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc2624b1f1b64d]) filename continues: "...\Windows\Cookies\index.dat"
08/06/2011 5:40:33 PM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Roaming\Microsoft ..." of process iexplore.exe, start check timestamp [ 1cc2624b1f1b64d] did not complete in time: file was not scanned.
08/06/2011 3:14:22 AM, Error: SAVOnAccess [85] - File [...ddiskVolume1\Windows\SoftwareDistribution\ReportingEvents.log]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process svchost.exe, (start check timestamp [ 1cc25abb10cb26b]).
08/06/2011 3:14:22 AM, Error: SAVOnAccess [85] - File [...\Device\HarddiskVolume1\Windows\WindowsUpdate.log]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process svchost.exe, (start check timestamp [ 1cc25abb113903b]).
08/06/2011 3:14:21 AM, Error: SAVOnAccess [85] - File [...indows\History\History.IE5\MSHist012011060720110608\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process explorer.exe, (start check timestamp [ 1cc25abb04c96bb]).
08/06/2011 3:14:21 AM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process explorer.exe, (start check timestamp [ 1cc25abb04bd36b]).
08/06/2011 3:14:21 AM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process explorer.exe, (start check timestamp [ 1cc25abb04d32fb]).
08/06/2011 3:14:21 AM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc25abb04b854b]) filename continues: "...indows\Temporary Internet Files\Content.IE5\index.dat"
08/06/2011 3:14:21 AM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Local\Microsoft\W ..." of process explorer.exe, start check timestamp [ 1cc25abb04b854b] did not complete in time: file was not scanned.
08/06/2011 3:14:18 AM, Error: SAVOnAccess [85] - File [...indows\History\History.IE5\MSHist012011060720110608\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process NLClient.exe, (start check timestamp [ 1cc25abae67aa1b]).
08/06/2011 3:14:18 AM, Error: SAVOnAccess [85] - File [...emprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process NLClient.exe, (start check timestamp [ 1cc25abae66e6cb]).
08/06/2011 3:14:18 AM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process NLClient.exe, (start check timestamp [ 1cc25abae675bfb]).
08/06/2011 3:14:18 AM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc25abae66e6cb]) filename continues: "...t"
08/06/2011 3:14:18 AM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc25abae66e6cb]) filename continues: "...\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.da"
08/06/2011 3:14:18 AM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Windows\system32\config\systemprofile ..." of process NLClient.exe, start check timestamp [ 1cc25abae66e6cb] did not complete in time: file was not scanned.
08/06/2011 3:14:17 AM, Error: SAVOnAccess [85] - File [...Volume1\Users\Owner\AppData\Roaming\uTorrent\settings.dat.new]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process uTorrent.exe, (start check timestamp [ 1cc25abadbc75fb]).
08/06/2011 3:14:17 AM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc25abae178e4b]).
08/06/2011 3:14:17 AM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc25abae16a3eb]).
08/06/2011 3:14:17 AM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc25abae15b98b]).
08/06/2011 3:14:17 AM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc25abae1459fb]).
08/06/2011 3:14:17 AM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc25abae136f9b]).
08/06/2011 3:14:17 AM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc25abae12371b]).
08/06/2011 3:14:17 AM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc25abae1125ab]).
08/06/2011 3:14:17 AM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc25abae10143b]).
08/06/2011 3:14:17 AM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc25abae1fa49b]).
08/06/2011 3:14:17 AM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process msnmsgr.exe, (start check timestamp [ 1cc25abae0e186b]).
08/06/2011 3:14:17 AM, Error: SAVOnAccess [85] - File [...diskVolume1\Users\Owner\AppData\Roaming\uTorrent\settings.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process uTorrent.exe, (start check timestamp [ 1cc25abadbdd58b]).
08/06/2011 3:14:17 AM, Error: SAVOnAccess [85] - File [...ddiskVolume1\Users\Owner\AppData\Roaming\uTorrent\rss.dat.new]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process uTorrent.exe, (start check timestamp [ 1cc25abadc06d9b]).
08/06/2011 3:14:17 AM, Error: SAVOnAccess [85] - File [...ddiskVolume1\Users\Owner\AppData\Roaming\uTorrent\dht.dat.new]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process uTorrent.exe, (start check timestamp [ 1cc25abadc576ab]).
08/06/2011 3:14:17 AM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc25abae1ff2bb]).
08/06/2011 3:14:17 AM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process msnmsgr.exe, (start check timestamp [ 1cc25abae0e668b]).
08/06/2011 3:14:17 AM, Error: SAVOnAccess [85] - File [...\HarddiskVolume1\Users\Owner\AppData\Roaming\uTorrent\rss.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process uTorrent.exe, (start check timestamp [ 1cc25abadc3a1eb]).
08/06/2011 3:14:17 AM, Error: SAVOnAccess [85] - File [...\HarddiskVolume1\Users\Owner\AppData\Roaming\uTorrent\dht.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process uTorrent.exe, (start check timestamp [ 1cc25abadc7727b]).
08/06/2011 3:14:17 AM, Error: SAVOnAccess [85] - File [...\??\C:\Users\Owner\AppData\Roaming\uTorrent\settings.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process uTorrent.exe, (start check timestamp [ 1cc25abadbf351b]).
08/06/2011 3:14:17 AM, Error: SAVOnAccess [85] - File [...\??\C:\Users\Owner\AppData\Roaming\uTorrent\rss.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process uTorrent.exe, (start check timestamp [ 1cc25abadc48c4b]).
08/06/2011 3:14:17 AM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc25abae1fa49b]) filename continues: "...indows\Temporary Internet Files\Content.IE5\index.dat"
08/06/2011 3:14:17 AM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc25abae0e186b]) filename continues: "...indows\Temporary Internet Files\Content.IE5\index.dat"
08/06/2011 3:14:17 AM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Local\Microsoft\W ..." of process sidebar.exe, start check timestamp [ 1cc25abae1fa49b] did not complete in time: file was not scanned.
08/06/2011 3:14:17 AM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Local\Microsoft\W ..." of process msnmsgr.exe, start check timestamp [ 1cc25abae0e186b] did not complete in time: file was not scanned.
08/06/2011 3:14:16 AM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc25abad52909b]).
08/06/2011 3:14:16 AM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc25abad51a63b]).
08/06/2011 3:14:16 AM, Error: SAVOnAccess [85] - File [...fig\systemprofile\AppData\Local\LogMeIn Hamachi\h2-engine.log]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process hamachi-2.exe, (start check timestamp [ 1cc25abad66189b]).
08/06/2011 3:14:16 AM, Error: SAVOnAccess [85] - File [...fig\systemprofile\AppData\Local\LogMeIn Hamachi\h2-engine.log]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process hamachi-2.exe, (start check timestamp [ 1cc25abad657c5b]).
08/06/2011 3:14:16 AM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process StreamTorrent.e, (start check timestamp [ 1cc25abad38c70b]).
08/06/2011 3:14:16 AM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc25abad5a7fdb]).
08/06/2011 3:14:16 AM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process facemoodssrv.ex, (start check timestamp [ 1cc25abad6aac7b]).
08/06/2011 3:14:16 AM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process DivXUpdate.exe, (start check timestamp [ 1cc25abad735f0b]).
08/06/2011 3:14:16 AM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process ClickPotatoLite, (start check timestamp [ 1cc25abad6d6b9b]).
08/06/2011 3:14:16 AM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process StreamTorrent.e, (start check timestamp [ 1cc25abad39152b]).
08/06/2011 3:14:16 AM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc25abad5acdfb]).
08/06/2011 3:14:16 AM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process facemoodssrv.ex, (start check timestamp [ 1cc25abad6afa9b]).
08/06/2011 3:14:16 AM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process DivXUpdate.exe, (start check timestamp [ 1cc25abad73ad2b]).
08/06/2011 3:14:16 AM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process ClickPotatoLite, (start check timestamp [ 1cc25abad6db9bb]).
08/06/2011 3:14:16 AM, Error: SAVOnAccess [85] - File [...1\Users\Owner\AppData\Roaming\StreamTorrent\1.0\config\kn.TMP]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process StreamTorrent.e, (start check timestamp [ 1cc25abad2a210b]).
08/06/2011 3:14:16 AM, Error: SAVOnAccess [85] - File [...1\Users\Owner\AppData\Roaming\StreamTorrent\1.0\config\kn.TMP]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process StreamTorrent.e, (start check timestamp [ 1cc25abad28253b]).
08/06/2011 3:14:16 AM, Error: SAVOnAccess [85] - File [...1\Users\Owner\AppData\Roaming\StreamTorrent\1.0\config\kn.TMP]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process StreamTorrent.e, (start check timestamp [ 1cc25abad27d71b]).
08/06/2011 3:14:16 AM, Error: SAVOnAccess [85] - File [...1\Users\Owner\AppData\Roaming\StreamTorrent\1.0\config\ft.TMP]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process StreamTorrent.e, (start check timestamp [ 1cc25abad26c5ab]).
08/06/2011 3:14:16 AM, Error: SAVOnAccess [85] - File [...1\Users\Owner\AppData\Roaming\StreamTorrent\1.0\config\ft.TMP]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process StreamTorrent.e, (start check timestamp [ 1cc25abad2517fb]).
08/06/2011 3:14:16 AM, Error: SAVOnAccess [85] - File [...1\Users\Owner\AppData\Roaming\StreamTorrent\1.0\config\ft.TMP]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process StreamTorrent.e, (start check timestamp [ 1cc25abad24c9db]).
08/06/2011 3:14:16 AM, Error: SAVOnAccess [85] - File [...:\Users\Owner\AppData\Roaming\StreamTorrent\1.0\config\ft.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process StreamTorrent.e, (start check timestamp [ 1cc25abad273adb]).
08/06/2011 3:14:16 AM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc25abad735f0b]) filename continues: "...indows\Temporary Internet Files\Content.IE5\index.dat"
08/06/2011 3:14:16 AM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc25abad6d448b]) filename continues: "...indows\Temporary Internet Files\Content.IE5\index.dat"
08/06/2011 3:14:16 AM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc25abad6aac7b]) filename continues: "...indows\Temporary Internet Files\Content.IE5\index.dat"
08/06/2011 3:14:16 AM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc25abad5a7fdb]) filename continues: "...indows\Temporary Internet Files\Content.IE5\index.dat"
08/06/2011 3:14:16 AM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc25abad38c70b]) filename continues: "...indows\Temporary Internet Files\Content.IE5\index.dat"
08/06/2011 3:14:16 AM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Local\Microsoft\W ..." of process StreamTorrent.e, start check timestamp [ 1cc25abad38c70b] did not complete in time: file was not scanned.
08/06/2011 3:14:16 AM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Local\Microsoft\W ..." of process sidebar.exe, start check timestamp [ 1cc25abad5a7fdb] did not complete in time: file was not scanned.
08/06/2011 3:14:16 AM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Local\Microsoft\W ..." of process facemoodssrv.ex, start check timestamp [ 1cc25abad6aac7b] did not complete in time: file was not scanned.
08/06/2011 3:14:16 AM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Local\Microsoft\W ..." of process DivXUpdate.exe, start check timestamp [ 1cc25abad735f0b] did not complete in time: file was not scanned.
08/06/2011 3:14:16 AM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Local\Microsoft\W ..." of process ClickPotatoLite, start check timestamp [ 1cc25abad6d448b] did not complete in time: file was not scanned.
08/06/2011 3:14:15 AM, Error: SAVOnAccess [85] - File [...rosoft\Windows\Temporary Internet Files\Content.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process wlcomm.exe, (start check timestamp [ 1cc25abacdec02b]).
08/06/2011 3:14:15 AM, Error: SAVOnAccess [85] - File [...ations\windows\projects\systemindex\indexer\cifiles\INDEX.002]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process SearchIndexer.e, (start check timestamp [ 1cc25abad08b65b]).
08/06/2011 3:14:15 AM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process wlcomm.exe, (start check timestamp [ 1cc25abacde720b]).
08/06/2011 3:14:15 AM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc25abacde4afb]) filename continues: "...\Windows\Cookies\index.dat"
08/06/2011 3:14:15 AM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Roaming\Microsoft ..." of process wlcomm.exe, start check timestamp [ 1cc25abacde4afb] did not complete in time: file was not scanned.
08/06/2011 3:14:05 AM, Error: SAVOnAccess [85] - File [...vice\HarddiskVolume1\Windows\Prefetch\LOGONUI.EXE-1BEE4A84.pf]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process svchost.exe, (start check timestamp [ 1cc25aba6ad0eab]).
08/06/2011 3:14:05 AM, Error: SAVOnAccess [85] - File [...ntacts\{f8eca465-ef69-403e-ad28-e88dd67ce6c5}\DBStore\edb.chk]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process wlcomm.exe, (start check timestamp [ 1cc25aba69d302b]).
08/06/2011 3:14:05 AM, Error: SAVOnAccess [85] - File [...ner\AppData\Local\Google\Chrome\User Data\Default\Preferences]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process chrome.exe, (start check timestamp [ 1cc25aba6e6471b]).
08/06/2011 3:14:05 AM, Error: SAVOnAccess [85] - File [...ner\AppData\Local\Google\Chrome\User Data\Default\Preferences]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process chrome.exe, (start check timestamp [ 1cc25aba6d6689b]).
08/06/2011 3:14:05 AM, Error: SAVOnAccess [85] - File [...\Owner\AppData\Local\Google\Chrome\User Data\Default\F692.tmp]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process chrome.exe, (start check timestamp [ 1cc25aba6d5a54b]).
08/06/2011 3:14:04 AM, Error: SAVOnAccess [85] - File [...s\{f8eca465-ef69-403e-ad28-e88dd67ce6c5}\DBStore\contacts.edb]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process wlcomm.exe, (start check timestamp [ 1cc25aba65af70b]).
08/06/2011 3:14:04 AM, Error: SAVOnAccess [85] - File [...s\{f8eca465-ef69-403e-ad28-e88dd67ce6c5}\DBStore\contacts.edb]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process wlcomm.exe, (start check timestamp [ 1cc25aba64c02eb]).
08/06/2011 3:14:04 AM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process msnmsgr.exe, (start check timestamp [ 1cc25aba604c0bb]).
08/06/2011 3:14:04 AM, Error: SAVOnAccess [85] - File [...ce\HarddiskVolume1\Users\Owner\AppData\Local\Temp\fla8020.tmp]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process chrome.exe, (start check timestamp [ 1cc25aba63609eb]).
08/06/2011 3:14:04 AM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process msnmsgr.exe, (start check timestamp [ 1cc25aba6050edb]).
08/06/2011 3:14:04 AM, Error: SAVOnAccess [85] - File [...\Owner\AppData\Roaming\Microsoft\MSN Messenger\sqmnoopt01.sqm]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process msnmsgr.exe, (start check timestamp [ 1cc25aba5ebba7b]).
08/06/2011 3:14:04 AM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc25aba604c0bb]) filename continues: "...indows\Temporary Internet Files\Content.IE5\index.dat"
08/06/2011 3:14:04 AM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Local\Microsoft\W ..." of process msnmsgr.exe, start check timestamp [ 1cc25aba604c0bb] did not complete in time: file was not scanned.
08/06/2011 3:14:03 AM, Error: SAVOnAccess [85] - File [...ations\windows\projects\systemindex\indexer\cifiles\INDEX.002]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process SearchIndexer.e, (start check timestamp [ 1cc25aba55805fb]).
08/06/2011 3:14:03 AM, Error: SAVOnAccess [85] - File [...ations\windows\projects\systemindex\indexer\cifiles\INDEX.001]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process SearchIndexer.e, (start check timestamp [ 1cc25aba565c19b]).
08/06/2011 3:14:02 AM, Error: SAVOnAccess [85] - File [...skVolume1\Users\Owner\AppData\Roaming\uTorrent\resume.dat.new]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process uTorrent.exe, (start check timestamp [ 1cc25aba4b695db]).
08/06/2011 3:14:02 AM, Error: SAVOnAccess [85] - File [...ons\windows\projects\systemindex\indexer\cifiles\00010006.dir]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process SearchIndexer.e, (start check timestamp [ 1cc25aba526208b]).
08/06/2011 3:14:02 AM, Error: SAVOnAccess [85] - File [...ions\windows\projects\systemindex\indexer\cifiles\00010006.ci]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process SearchIndexer.e, (start check timestamp [ 1cc25aba52cd74b]).
08/06/2011 3:14:02 AM, Error: SAVOnAccess [85] - File [...\??\C:\Users\Owner\AppData\Roaming\uTorrent\resume.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process uTorrent.exe, (start check timestamp [ 1cc25aba4b9f13b]).
08/06/2011 3:14:02 AM, Error: SAVOnAccess [85] - File [...\??\C:\Users\Owner\AppData\Roaming\uTorrent\resume.dat.old]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process uTorrent.exe, (start check timestamp [ 1cc25aba4b92deb]).
08/06/2011 3:13:59 AM, Error: SAVOnAccess [85] - File [...evice\HarddiskVolume1\Windows\Prefetch\ITUNES.EXE-A1420FF4.pf]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process svchost.exe, (start check timestamp [ 1cc25aba345047b]).
08/06/2011 3:13:59 AM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc25aba33f863b]) filename continues: "...ry Extras.itdb"
08/06/2011 3:13:59 AM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\Music\iTunes\iTunes Libra ..." of process iTunes.exe, start check timestamp [ 1cc25aba33f863b] did not complete in time: file was not scanned.
08/06/2011 3:13:58 AM, Error: SAVOnAccess [85] - File [...s\Owner\AppData\Roaming\Apple Computer\iTunes\iTunesPrefs.xml]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process iTunes.exe, (start check timestamp [ 1cc25aba2c0441b]).
08/06/2011 3:13:58 AM, Error: SAVOnAccess [85] - File [...s\Owner\AppData\Roaming\Apple Computer\iTunes\iTunesPrefs.xml]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process iTunes.exe, (start check timestamp [ 1cc25aba2b45d3b]).
08/06/2011 3:13:58 AM, Error: SAVOnAccess [85] - File [...s\Owner\AppData\Roaming\Apple Computer\iTunes\iTunesPrefs.xml]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process iTunes.exe, (start check timestamp [ 1cc25aba29822ab]).
08/06/2011 3:13:58 AM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Local\Apple Computer\iTunes\iTunesPrefs.xml]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process iTunes.exe, (start check timestamp [ 1cc25aba2a764eb]).
08/06/2011 3:13:56 AM, Error: SAVOnAccess [85] - File [...diskVolume1\Windows\Prefetch\SEARCHFILTERHOST.EXE-AA7A1FDD.pf]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process svchost.exe, (start check timestamp [ 1cc25aba13892ab]).
08/06/2011 3:13:55 AM, Error: SAVOnAccess [85] - File [...skVolume1\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-AFAD3EF9.pf]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process svchost.exe, (start check timestamp [ 1cc25aba0e0879b]).
08/06/2011 3:13:53 AM, Error: SAVOnAccess [85] - File [...rosoft\Windows\Temporary Internet Files\Content.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process iTunes.exe, (start check timestamp [ 1cc25ab9fc5a1bb]).
08/06/2011 3:13:53 AM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process iTunes.exe, (start check timestamp [ 1cc25ab9fd001fb]).
08/06/2011 3:13:53 AM, Error: SAVOnAccess [85] - File [...Device\HarddiskVolume1\Users\Owner\AppData\Local\IconCache.db]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process explorer.exe, (start check timestamp [ 1cc25ab9f67a33b]).
08/06/2011 3:13:53 AM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process iTunes.exe, (start check timestamp [ 1cc25ab9fd30f3b]).
08/06/2011 3:13:49 AM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc25ab9d3c85db]) filename continues: "...puter\Logs\asl.230459_07Jun11.log"
08/06/2011 3:13:49 AM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Roaming\Apple Com ..." of process AppleMobileDevi, start check timestamp [ 1cc25ab9d3c85db] did not complete in time: file was not scanned.
07/06/2011 9:46:42 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.31 for the Network Card with network address 0022FA4D6DC8 has been denied by the DHCP server 1.1.1.1 (The DHCP Server sent a DHCPNACK message).
07/06/2011 7:19:05 PM, Error: SAVOnAccess [85] - File [...\Device\HarddiskVolume1\Windows\WindowsUpdate.log]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process svchost.exe, (start check timestamp [ 1cc25694b26a38e]).
07/06/2011 7:19:04 PM, Error: SAVOnAccess [85] - File [...rosoft\Windows\Temporary Internet Files\Content.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process explorer.exe, (start check timestamp [ 1cc25694ab47de2]).
07/06/2011 7:19:04 PM, Error: SAVOnAccess [85] - File [...indows\History\History.IE5\MSHist012011060720110608\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process explorer.exe, (start check timestamp [ 1cc25694ab4cc04]).
07/06/2011 7:19:04 PM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process explorer.exe, (start check timestamp [ 1cc25694ab42fc0]).
07/06/2011 7:19:04 PM, Error: SAVOnAccess [85] - File [...ddiskVolume1\Windows\SoftwareDistribution\ReportingEvents.log]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process svchost.exe, (start check timestamp [ 1cc25694b2543f5]).
07/06/2011 7:19:04 PM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc25694ab408af]) filename continues: "...indows\History\History.IE5\index.dat"
07/06/2011 7:19:04 PM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Users\Owner\AppData\Local\Microsoft\W ..." of process explorer.exe, start check timestamp [ 1cc25694ab408af] did not complete in time: file was not scanned.
07/06/2011 7:19:03 PM, Error: SAVOnAccess [85] - File [...ons\windows\projects\systemindex\indexer\cifiles\00010008.dir]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process SearchIndexer.e, (start check timestamp [ 1cc25694a5ae9e7]).
07/06/2011 7:19:03 PM, Error: SAVOnAccess [85] - File [...ions\windows\projects\systemindex\indexer\cifiles\00010008.ci]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process SearchIndexer.e, (start check timestamp [ 1cc25694a5c97a2]).
07/06/2011 7:19:03 PM, Error: SAVOnAccess [85] - File [...ations\windows\projects\systemindex\indexer\cifiles\INDEX.002]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process SearchIndexer.e, (start check timestamp [ 1cc25694a6ff911]).
07/06/2011 7:19:03 PM, Error: SAVOnAccess [85] - File [...ations\windows\projects\systemindex\indexer\cifiles\INDEX.001]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process SearchIndexer.e, (start check timestamp [ 1cc25694a7be03f]).
07/06/2011 7:19:01 PM, Error: SAVOnAccess [85] - File [...emprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process NLClient.exe, (start check timestamp [ 1cc2569491ff0d7]).
07/06/2011 7:19:01 PM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process NLClient.exe, (start check timestamp [ 1cc25694920660a]).
07/06/2011 7:19:01 PM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc2569491ff0d7]) filename continues: "...t"
07/06/2011 7:19:01 PM, Error: SAVOnAccess [82] - Scan failure (start check timestamp [ 1cc2569491ff0d7]) filename continues: "...\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.da"
07/06/2011 7:19:01 PM, Error: SAVOnAccess [81] - The on-access scan of file "\Device\HarddiskVolume1\Windows\system32\config\systemprofile ..." of process NLClient.exe, start check timestamp [ 1cc2569491ff0d7] did not complete in time: file was not scanned.
07/06/2011 7:19:00 PM, Error: SAVOnAccess [85] - File [...Volume1\Users\Owner\AppData\Roaming\uTorrent\settings.dat.new]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process uTorrent.exe, (start check timestamp [ 1cc2569485ac70b]).
07/06/2011 7:19:00 PM, Error: SAVOnAccess [85] - File [...sers\Owner\AppData\Roaming\Locktime\NetLimiter\2\settings.xml]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process NLClient.exe, (start check timestamp [ 1cc256948ae8e80]).
07/06/2011 7:19:00 PM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc2569488d4a06]).
07/06/2011 7:19:00 PM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc2569488c5fa0]).
07/06/2011 7:19:00 PM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc2569488b753a]).
07/06/2011 7:19:00 PM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc2569488a63c3]).
07/06/2011 7:19:00 PM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc25694889795d]).
07/06/2011 7:19:00 PM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc256948888ef7]).
07/06/2011 7:19:00 PM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc25694887a491]).
07/06/2011 7:19:00 PM, Error: SAVOnAccess [85] - File [...rs\Owner\AppData\Local\Microsoft\Windows Sidebar\Settings.ini]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc25694886e13c]).
07/06/2011 7:19:00 PM, Error: SAVOnAccess [85] - File [...indows\History\History.IE5\MSHist012011060720110608\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process NLClient.exe, (start check timestamp [ 1cc256948a2321f]).
07/06/2011 7:19:00 PM, Error: SAVOnAccess [85] - File [...indows\History\History.IE5\MSHist012011060720110608\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process facemoodssrv.ex, (start check timestamp [ 1cc2569484394f3]).
07/06/2011 7:19:00 PM, Error: SAVOnAccess [85] - File [...fig\systemprofile\AppData\Local\LogMeIn Hamachi\h2-engine.log]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process hamachi-2.exe, (start check timestamp [ 1cc256948414af4]).
07/06/2011 7:19:00 PM, Error: SAVOnAccess [85] - File [...fig\systemprofile\AppData\Local\LogMeIn Hamachi\h2-engine.log]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process hamachi-2.exe, (start check timestamp [ 1cc25694840d5c1]).
07/06/2011 7:19:00 PM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc256948925337]).
07/06/2011 7:19:00 PM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc2569483b575d]).
07/06/2011 7:19:00 PM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process msnmsgr.exe, (start check timestamp [ 1cc2569488581a3]).
07/06/2011 7:19:00 PM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process facemoodssrv.ex, (start check timestamp [ 1cc25694842d19e]).
07/06/2011 7:19:00 PM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process DivXUpdate.exe, (start check timestamp [ 1cc2569484df577]).
07/06/2011 7:19:00 PM, Error: SAVOnAccess [85] - File [...ers\Owner\AppData\Roaming\Microsoft\Windows\Cookies\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process ClickPotatoLite, (start check timestamp [ 1cc25694847177a]).
07/06/2011 7:19:00 PM, Error: SAVOnAccess [85] - File [...ddiskVolume1\Users\Owner\AppData\Roaming\uTorrent\rss.dat.new]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process uTorrent.exe, (start check timestamp [ 1cc2569485c4db5]).
07/06/2011 7:19:00 PM, Error: SAVOnAccess [85] - File [...ddiskVolume1\Users\Owner\AppData\Roaming\uTorrent\dht.dat.new]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process uTorrent.exe, (start check timestamp [ 1cc2569485d381b]).
07/06/2011 7:19:00 PM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc25694892a159]).
07/06/2011 7:19:00 PM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process sidebar.exe, (start check timestamp [ 1cc2569483ba57f]).
07/06/2011 7:19:00 PM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to that condition. Process msnmsgr.exe, (start check timestamp [ 1cc25694885cfc5]).
07/06/2011 7:19:00 PM, Error: SAVOnAccess [85] - File [...AppData\Local\Microsoft\Windows\History\History.IE5\index.dat]'s scan succeeded following a timeout/busy condition - it is being logged in case it contributed to th

killza 0 Light Poster · Answer 2 · 2011-06-14T08:39:45+00:00

.
DDS (Ver_2011-06-12.02) - NTFSAMD64
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_23
Run by Owner at 21:57:27 on 2011-06-13
Microsoft® Windows Vista™ Home Premium 6.0.6001.3.1252.2.1033.18.4092.1598 [GMT -4:00]
.
AV: Sophos Anti-Virus *Enabled/Updated* {479CCF92-4960-B3E0-7373-BF453B467D2C}
SP: Sophos Anti-Virus *Enabled/Updated* {FCFD2E76-6F5A-BC6E-49C3-843740C13791}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Program Files (x86)\Jetico\BCWipe\BCWipeSvc.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Jetico\BCWipe\BCWipeTM.exe
C:\Program Files (x86)\Jetico\BCWipe\BCWipeTM.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_86727c20\STacSV64.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\vfsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_86727c20\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\SMINST\BLService.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskeng.exe
c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\NetLimiter 2 Pro\NLClient.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Eraser\Eraser.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\PROGRA~2\Jetico\BCWipe\BCResident.exe
C:\Program Files (x86)\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Windows\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Windows\system32\conime.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\lpremove.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\lpksetup.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://start.facemoods.com/?a=ostpl
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cnnb
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cnnb
uInternet Settings,ProxyServer = 0.0.0.0:80
uInternet Settings,ProxyOverride = *.local;<local>
mSearchAssistant = hxxp://start.facemoods.com/?a=ostpl&s={searchTerms}&f=4
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: CescrtHlpr Object: {64182481-4f71-486b-a045-b233bd0da8fc} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\bh\facemoods.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: IplexToALLPlayer: {df925ef3-7a87-44e4-9caf-8d7b280bf616} - C:\PROGRA~2\OPENSU~1\Iplex\IPLEXT~1.DLL
BHO: SMTTB2009 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll
TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\yt.dll
TB: HyperCam Toolbar: {338b4dfe-2e2c-4338-9e41-e176d497299e} - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll
TB: facemoods Toolbar: {db4e9724-f518-4dfd-9c7c-78b52103cab9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\facemoodsTlbr.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [Google Update] "C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
uRun: [ALLUpdate] "C:\Program Files (x86)\OpenSubtitlesPlayer\ALLUpdate.exe" "sleep"
mRun: [UCam_Menu] "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [UpdatePDIRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
mRun: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [facemoods] "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\facemoodssrv.exe" /md I
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [BCWipeTM Startup] "C:\Program Files (x86)\Jetico\BCWipe\BCWipeTM.exe" startup
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files\Logitech\SetPoint\SetPoint.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{F3FBFDFA-C766-4C16-93C4-2DAE8BD4F202} : DhcpNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
LSA: Notification Packages = scecli DPPWDFLT
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: CescrtHlpr Object: {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\bh\facemoods.dll
BHO-X64: facemoods Helper - No File

killza 0 Light Poster · Answer 3 · 2011-06-14T08:41:42+00:00

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: IplexToALLPlayer: {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\OPENSU~1\Iplex\IPLEXT~1.DLL
BHO-X64: SMTTB2009 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll
BHO-X64: SMTTB2009 - No File
TB-X64: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\yt.dll
TB-X64: HyperCam Toolbar: {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll
TB-X64: facemoods Toolbar: {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\facemoodsTlbr.dll
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun-x64: [UCam_Menu] "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
mRun-x64: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun-x64: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun-x64: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun-x64: [UpdatePDIRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
mRun-x64: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun-x64: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [facemoods] "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\facemoodssrv.exe" /md I
mRun-x64: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun-x64: [BCWipeTM Startup] "C:\Program Files (x86)\Jetico\BCWipe\BCWipeTM.exe" startup
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE-X64: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe
AppInit_DLLs-X64: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\
FF - prefs.js: browser.search.selectedEngine - Facemoods Search
FF - prefs.js: browser.startup.homepage - hxxp://start.facemoods.com/?a=ostpl
FF - prefs.js: keyword.enabled - false
FF - prefs.js: network.proxy.ftp - 127.0.0.1
FF - prefs.js: network.proxy.ftp_port - 4001
FF - prefs.js: network.proxy.gopher - 127.0.0.1
FF - prefs.js: network.proxy.gopher_port - 4001
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 4001
FF - prefs.js: network.proxy.ssl - 127.0.0.1
FF - prefs.js: network.proxy.ssl_port - 4001
FF - prefs.js: network.proxy.type - 1
FF - component: C:\Program Files (x86)\DigitalPersona\Bin\firefoxext\components\dpffcli.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: DT Whois: beysim@beysim.net - %profile%\extensions\beysim@beysim.net
FF - Ext: Adblock Plus: Element Hiding Helper: elemhidehelper@adblockplus.org - %profile%\extensions\elemhidehelper@adblockplus.org
FF - Ext: CS Lite: {00084897-021a-4361-8423-083407a033e0} - %profile%\extensions\{00084897-021a-4361-8423-083407a033e0}
FF - Ext: JonDoFox: {437be45a-4114-11dd-b9ab-71d256d89593} - %profile%\extensions\{437be45a-4114-11dd-b9ab-71d256d89593}
FF - Ext: Dr.Web anti-virus link checker: {6614d11d-d21d-b211-ae23-815234e1ebb5} - %profile%\extensions\{6614d11d-d21d-b211-ae23-815234e1ebb5}
FF - Ext: SafeCache: {670a77c5-010e-4476-a8ce-d09171318839} - %profile%\extensions\{670a77c5-010e-4476-a8ce-d09171318839}
FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Menu Editor: {EDA7B1D7-F793-4e03-B074-E6F303317FB0} - %profile%\extensions\{EDA7B1D7-F793-4e03-B074-E6F303317FB0}
FF - Ext: ProfileSwitcher: {fa8476cf-a98c-4e08-99b4-65a69cb4b7d4} - %profile%\extensions\{fa8476cf-a98c-4e08-99b4-65a69cb4b7d4}
FF - Ext: DigitalPersona Extension: otis@digitalpersona.com - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: DigitalPersona Extension: otis@digitalpersona.com - C:\Program Files (x86)\DigitalPersona\Bin\firefoxext
.
---- FIREFOX POLICIES ----
FF - user.js: capability.policy.policynames - allowclipboard
FF - user.js: capability.policy.allowclipboard.sites -
FF - user.js: capability.policy.allowclipboard.Clipboard.cutcopy - allAccess
FF - user.js: capability.policy.allowclipboard.Clipboard.paste - allAccess
user_pref(places.frecency.bookmarkVisitBonus,0);
user_pref(places.frecency.unvisitedBookmarkBonus,0);
user_pref(browser.startup.homepage,hxxp://start.facemoods.com/?a=ostpl);
user_pref(browser.startup.page,1);
user_pref(browser.search.defaultenginename,Facemoods Search);
user_pref(browser.download.lastDir,C:\\Users\\Owner\\Documents\\Desktop\\);
.
============= SERVICES / DRIVERS ===============
.
R0 fsh;fsh;C:\Windows\system32\drivers\fsh.sys --> C:\Windows\system32\drivers\fsh.sys [?]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 nltdi;nltdi;\??\C:\Windows\system32\drivers\nltdi.sys --> C:\Windows\system32\drivers\nltdi.sys [?]
R1 SAVOnAccess;SAVOnAccess;C:\Windows\system32\DRIVERS\savonaccess.sys --> C:\Windows\system32\DRIVERS\savonaccess.sys [?]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};{55662437-DA8C-40c0-AADA-2C816A897A49};C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2008-9-26 27632]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_86727c20\AESTSr64.exe --> C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_86727c20\AESTSr64.exe [?]
R2 BCWipeSvc;BCWipe service;C:\Program Files (x86)\Jetico\BCWipe\BCWipeSvc.exe [2011-3-28 95544]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-5-25 2275720]
R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]
R2 Recovery Service for Windows;Recovery Service for Windows;C:\Program Files (x86)\SMINST\BLService.exe [2008-11-7 365952]
R2 SAVAdminService;Sophos Anti-Virus status reporter;C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [2009-10-28 80936]
R2 SAVService;Sophos Anti-Virus;C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [2009-8-22 98304]
R2 Sophos AutoUpdate Service;Sophos AutoUpdate Service;C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [2009-8-22 172032]
R2 vfsFPService;Validity Fingerprint Service;C:\Windows\System32\vfsFPService.exe [2008-9-16 599344]
R2 vpnagent;Cisco AnyConnect VPN Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2009-10-9 493248]
R3 enecir;ENE CIR Receiver;C:\Windows\system32\DRIVERS\enecir.sys --> C:\Windows\system32\DRIVERS\enecir.sys [?]
R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
R3 NETw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\NETw5v64.sys --> C:\Windows\system32\DRIVERS\NETw5v64.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 Point64;Microsoft IntelliPoint Filter Driver;C:\Windows\system32\DRIVERS\point64k.sys --> C:\Windows\system32\DRIVERS\point64k.sys [?]
R3 vfs101a;vfs101a;C:\Windows\system32\drivers\vfs101a.sys --> C:\Windows\system32\drivers\vfs101a.sys [?]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-18 135664]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-6-14 93184]
S3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-11-7 193840]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-18 135664]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;C:\Windows\System32\drivers\libusb0.sys [2009-7-13 28672]
S3 NETw3v64;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\NETw3v64.sys --> C:\Windows\system32\DRIVERS\NETw3v64.sys [?]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x64.sys --> C:\Windows\system32\DRIVERS\yk60x64.sys [?]
S4 BCSWAP;BCSWAP;C:\Windows\system32\drivers\BCSWAP.sys --> C:\Windows\system32\drivers\BCSWAP.sys [?]
S4 SophosBootDriver;SophosBootDriver;C:\Windows\system32\DRIVERS\SophosBootDriver.sys --> C:\Windows\system32\DRIVERS\SophosBootDriver.sys [?]
.
=============== File Associations ===============
.
.reg=Regedit.Document
.
=============== Created Last 30 ================
.
2011-06-14 01:54:59 8718160 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{67C039F4-8C1D-474C-A782-FD6FEEFBCAD0}\mpengine.dll
2011-06-12 03:57:58 -------- d-----w- C:\Program Files (x86)\eSupport.com
2011-06-11 18:46:56 442368 ----a-w- C:\Windows\System32\winhttp.dll
2011-06-11 18:46:56 378368 ----a-w- C:\Windows\SysWow64\winhttp.dll
2011-06-11 18:46:31 33280 ----a-w- C:\Windows\System32\drivers\fr-FR\http.sys.mui
2011-06-11 18:46:31 28160 ----a-w- C:\Windows\System32\drivers\en-US\http.sys.mui
2011-06-11 18:45:40 179712 ----a-w- C:\Windows\System32\srvsvc.dll
2011-06-11 18:45:38 12288 ----a-w- C:\Windows\System32\sscore.dll
2011-06-11 18:45:37 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
2011-06-11 18:45:37 17920 ----a-w- C:\Windows\SysWow64\netevent.dll
2011-06-11 18:45:37 17920 ----a-w- C:\Windows\System32\netevent.dll
2011-06-11 18:40:51 8718160 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-06-11 18:38:06 32256 ----a-w- C:\Windows\System32\Apphlpdm.dll
2011-06-11 18:38:06 28672 ----a-w- C:\Windows\SysWow64\Apphlpdm.dll
2011-06-11 18:38:05 4240384 ----a-w- C:\Windows\SysWow64\GameUXLegacyGDFs.dll
2011-06-11 18:38:04 4240384 ----a-w- C:\Windows\System32\GameUXLegacyGDFs.dll
2011-06-11 10:03:47 -------- d-----w- C:\Users\Owner\AppData\Local\Eraser 6
2011-06-11 09:42:44 316416 ----a-w- C:\Windows\System32\msshsq.dll
2011-06-11 09:42:44 231936 ----a-w- C:\Windows\SysWow64\msshsq.dll
2011-06-11 08:54:05 -------- d-----w- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2011-06-11 08:37:47 32768 ----a-w- C:\Windows\System32\nshhttp.dll
2011-06-11 08:37:47 24064 ----a-w- C:\Windows\SysWow64\nshhttp.dll
2011-06-11 08:37:37 610304 ----a-w- C:\Windows\System32\drivers\http.sys
2011-06-11 08:37:34 33792 ----a-w- C:\Windows\System32\httpapi.dll
2011-06-11 08:37:33 31232 ----a-w- C:\Windows\SysWow64\httpapi.dll
2011-06-11 07:47:26 101376 ----a-w- C:\Windows\System32\MSNP.ax
2011-06-11 07:47:25 80896 ----a-w- C:\Windows\SysWow64\MSNP.ax
2011-06-11 07:47:18 375808 ----a-w- C:\Windows\System32\psisdecd.dll
2011-06-11 07:47:18 293376 ----a-w- C:\Windows\SysWow64\psisdecd.dll
2011-06-11 07:47:16 217088 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2011-06-11 07:47:15 289792 ----a-w- C:\Windows\System32\psisrndr.ax
2011-06-11 07:44:08 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2011-06-11 07:44:08 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2011-06-11 07:44:08 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2011-06-11 07:44:08 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2011-06-11 07:44:07 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2011-06-11 07:44:07 444752 ----a-w- C:\Windows\System32\mscoree.dll
2011-06-11 07:44:07 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2011-06-11 07:44:07 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2011-06-11 07:44:07 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2011-06-11 07:44:07 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2011-06-11 07:32:19 2048 ----a-w- C:\Windows\SysWow64\winrsmgr.dll
2011-06-11 07:32:19 2048 ----a-w- C:\Windows\System32\winrsmgr.dll
2011-06-11 07:32:15 13312 ----a-w- C:\Windows\System32\wsmplpxy.dll
2011-06-11 07:32:15 13312 ----a-w- C:\Windows\System32\winrssrv.dll
2011-06-11 07:30:33 201184 ----a-w- C:\Windows\SysWow64\winrm.vbs
2011-06-11 03:30:03 -------- d-----w- C:\Program Files\Eraser
2011-06-10 21:02:17 -------- d-----w- C:\Users\Owner\AppData\Local\CrashDumps
2011-06-10 18:41:24 343040 ----a-w- C:\Windows\System32\schannel.dll
2011-06-10 18:41:24 274432 ----a-w- C:\Windows\SysWow64\schannel.dll
2011-06-10 18:40:48 1486848 ----a-w- C:\Program Files\Windows Media Player\setup_wm.exe
2011-06-10 18:40:48 1418752 ----a-w- C:\Program Files (x86)\Windows Media Player\setup_wm.exe
2011-06-10 18:40:47 372736 ----a-w- C:\Windows\System32\unregmp2.exe
2011-06-10 18:40:46 310784 ----a-w- C:\Windows\SysWow64\unregmp2.exe
2011-06-10 18:39:32 1420176 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-06-10 18:39:23 408064 ----a-w- C:\Program Files\Windows NT\Accessories\wordpad.exe
2011-06-10 18:39:23 1923584 ----a-w- C:\Windows\System32\ole32.dll
2011-06-10 18:39:23 1315840 ----a-w- C:\Windows\SysWow64\ole32.dll
2011-06-10 18:39:22 339968 ----a-w- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
2011-06-10 18:39:17 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll
2011-06-10 18:39:17 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll
2011-06-10 18:39:14 461312 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-06-10 18:39:13 176128 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-06-10 18:39:13 144896 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-06-10 18:37:57 317952 ----a-w- C:\Windows\SysWow64\MP4SDECD.DLL
2011-06-10 18:37:57 295424 ----a-w- C:\Windows\System32\MP4SDECD.DLL
2011-06-10 18:37:52 267776 ----a-w- C:\Windows\System32\spoolsv.exe
2011-06-10 18:37:49 81920 ----a-w- C:\Windows\SysWow64\iccvid.dll
2011-06-10 18:37:43 2409784 ----a-w- C:\Program Files\Windows Mail\OESpamFilter.dat
2011-06-10 18:37:43 2409784 ----a-w- C:\Program Files (x86)\Windows Mail\OESpamFilter.dat
2011-06-10 18:37:37 1794560 ----a-w- C:\Windows\System32\msxml6.dll
2011-06-10 18:37:35 1399296 ----a-w- C:\Windows\SysWow64\msxml6.dll
2011-06-10 18:36:59 171008 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2011-06-10 18:36:59 168960 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2011-06-10 18:36:56 8147968 ----a-w- C:\Windows\System32\wmploc.DLL
2011-06-10 18:36:56 8147456 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2011-06-10 18:32:46 2760704 ----a-w- C:\Windows\System32\win32k.sys
2011-06-10 18:32:36 2424320 ----a-w- C:\Windows\System32\mstscax.dll
2011-06-10 18:32:33 2067456 ----a-w- C:\Windows\SysWow64\mstscax.dll
2011-06-10 18:32:32 730624 ----a-w- C:\Windows\System32\mstsc.exe
2011-06-10 18:32:32 677888 ----a-w- C:\Windows\SysWow64\mstsc.exe
2011-06-10 18:32:26 82944 ----a-w- C:\Windows\System32\msasn1.dll
2011-06-10 18:32:26 61440 ----a-w- C:\Windows\SysWow64\msasn1.dll
2011-06-10 18:30:46 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-06-10 18:30:46 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-06-10 18:29:23 72192 ----a-w- C:\Windows\System32\l3codeca.acm
2011-06-10 18:29:23 62464 ----a-w- C:\Windows\SysWow64\l3codeca.acm
2011-06-10 18:29:16 622080 ----a-w- C:\Windows\System32\usp10.dll
2011-06-10 18:29:16 501760 ----a-w- C:\Windows\SysWow64\usp10.dll
2011-06-10 18:28:54 1360384 ----a-w- C:\Windows\System32\mfc42u.dll
2011-06-10 18:28:50 1398784 ----a-w- C:\Windows\System32\mfc42.dll
2011-06-10 18:28:49 1136640 ----a-w- C:\Windows\SysWow64\mfc42.dll
2011-06-10 18:28:47 1161728 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2011-06-10 18:28:38 117760 ----a-w- C:\Windows\System32\dnsrslvr.dll
2011-06-10 18:28:37 28672 ----a-w- C:\Windows\System32\dnscacheugc.exe
2011-06-10 18:28:37 25088 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
2011-06-10 18:28:32 1090048 ----a-w- C:\Windows\System32\wmpmde.dll
2011-06-10 18:28:31 866816 ----a-w- C:\Windows\SysWow64\wmpmde.dll
2011-06-10 18:08:58 218112 ----a-w- C:\Windows\System32\wintrust.dll
2011-06-10 18:08:58 171520 ----a-w- C:\Windows\SysWow64\wintrust.dll
2011-06-10 18:07:54 98304 ----a-w- C:\Windows\SysWow64\cabview.dll
2011-06-10 18:07:54 104960 ----a-w- C:\Windows\System32\cabview.dll
2011-06-10 17:42:32 854528 ----a-w- C:\Windows\System32\schedsvc.dll
2011-06-10 17:42:31 655872 ----a-w- C:\Windows\System32\taskschd.dll
2011-06-10 17:42:30 499712 ----a-w- C:\Windows\System32\wmicmiplugin.dll
2011-06-10 17:42:30 357376 ----a-w- C:\Windows\SysWow64\taskschd.dll
2011-06-10 17:42:29 267776 ----a-w- C:\Windows\System32\taskeng.exe
2011-06-10 17:42:28 410112 ----a-w- C:\Windows\System32\taskcomp.dll
2011-06-10 17:42:25 270336 ----a-w- C:\Windows\SysWow64\taskcomp.dll
2011-06-10 17:42:25 171520 ----a-w- C:\Windows\SysWow64\taskeng.exe
2011-06-10 17:25:34 601424 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D46A6282-A434-421D-9868-EFD4213FD3B2}\gapaengine.dll
2011-06-10 17:23:28 2621440 ----a-w- C:\Windows\System32\wucltux.dll
2011-06-10 17:22:50 87552 ----a-w- C:\Windows\SysWow64\wudriver.dll
2011-06-10 17:22:49 98816 ----a-w- C:\Windows\System32\wudriver.dll
2011-06-10 17:22:14 36864 ----a-w- C:\Windows\System32\wuapp.exe
2011-06-10 17:22:14 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe
2011-06-10 17:22:14 185416 ----a-w- C:\Windows\System32\wuwebv.dll
2011-06-10 17:22:14 171608 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2011-06-10 17:20:39 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2011-06-10 17:20:28 -------- d-----w- C:\Program Files\Microsoft Security Client
2011-06-10 17:01:10 -------- d--h--w- C:\ProgramData\Common Files
2011-06-10 16:57:11 -------- d-----w- C:\Users\Owner\AppData\Local\Mil Incorporated
2011-06-10 16:56:39 -------- d-----w- C:\Program Files (x86)\Mil Incorporated
2011-06-10 16:54:18 -------- d-----w- C:\ProgramData\MFAData
2011-06-10 15:51:49 -------- d-----w- C:\Users\Owner\AppData\Local\Deployment
2011-06-10 15:51:49 -------- d-----w- C:\Users\Owner\AppData\Local\Apps
2011-06-10 05:29:45 -------- d-----w- C:\Program Files (x86)\Jetico
2011-06-09 21:42:28 -------- d-----w- C:\Windows\SysWow64\Data
2011-05-30 16:21:28 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
2011-05-16 18:37:48 -------- d-----w- C:\Program Files (x86)\Yuna Software
.
==================== Find3M ====================
.
2011-06-03 06:51:14 280768 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2011-06-03 06:51:14 280768 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2011-06-03 06:43:28 280768 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2011-05-13 10:02:51 58432 ----a-w- C:\Windows\System32\drivers\fsh.sys
2011-04-09 22:55:44 15453336 ----a-w- C:\Windows\SysWow64\xlive.dll
2011-04-09 22:55:42 13642904 ----a-w- C:\Windows\SysWow64\xlivefnt.dll
2010-07-19 19:33:11 925080 ----a-w- C:\Program Files (x86)\HyCam2.exe
2010-07-09 16:48:00 132608 ----a-w- C:\Program Files (x86)\CamRes2.dll
2010-04-26 20:18:02 44032 ----a-w- C:\Program Files (x86)\MClick2.dll
2010-04-26 20:05:41 78248 ----a-w- C:\Program Files (x86)\UnHyCam2.exe
.
============= FINISH: 21:59:19.88 ===============

killza 0 Light Poster · Answer 4 · 2011-06-15T11:35:58+00:00

I couldn't remove click potato because it wasn't in the program files to uninstall

Here are the logs:

I ran the eset twice

eset log

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6427
# api_version=3.0.2
# EOSSerial=1bcc7688f259784f82bbc2a0f047616d
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-06-14 10:31:09
# local_time=2011-06-14 06:31:09 (-0500, Eastern Daylight Time)
# country="Canada"
# lang=1033
# osver=6.0.6001 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=5892 16776574 100 56 40577076 144656686 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# compatibility_mode=8449 16775165 100 97 41443457 56990168 0 0
# scanned=555192
# found=5
# cleaned=5
# scan_time=32689
C:\Users\Owner\AppData\Local\Temp\Update_0ac3.exe a variant of Win32/MessengerPlus application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Owner\AppData\Local\Temp\Update_22ec.exe a variant of Win32/MessengerPlus application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Owner\AppData\Local\Temp\Update_dfde.exe a variant of Win32/MessengerPlus application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Owner\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\7d925698-7777c0a1 Java/Agent.CG trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\Users\Owner\Downloads\Programs\MsgPlusLive-481.exe a variant of Win32/Adware.CiDHelp application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6427
# api_version=3.0.2
# EOSSerial=1bcc7688f259784f82bbc2a0f047616d
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-06-15 04:41:48
# local_time=2011-06-15 12:41:48 (-0500, Eastern Daylight Time)
# country="Canada"
# lang=1033
# osver=6.0.6001 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=5892 16776574 100 56 40611369 144690979 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# compatibility_mode=8449 16775165 100 97 41477750 57024461 0 0
# scanned=553116
# found=0
# cleaned=0
# scan_time=20634

malware bytes log

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6851

Windows 6.0.6001 Service Pack 3
Internet Explorer 7.0.6001.18000

14/06/2011 9:10:08 AM
mbam-log-2011-06-14 (09-10-08).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 717453
Time elapsed: 3 hour(s), 17 minute(s), 11 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 19
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 10
Files Infected: 60

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{C55CA95C-324B-451C-B2D2-6E895AA75FEC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{30B15818-E110-4527-9C05-46ACE5A3460D} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.info.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.info (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4C08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ClickPotatoLiteAX.UserProfiles (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MenuButtonIE.ButtonIE.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\MenuButtonIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ClickPotatoLite (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ClickPotatoLiteSA (Adware.ClickPotato) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\ClickPotatoLite@ClickPotatoLite.com (Adware.ClickPotato) -> Value: ClickPotatoLite@ClickPotatoLite.com -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
c:\programdata\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\Users\Owner\AppData\Roaming\clickpotatolite (Adware.ClickPotato) -> Delete on reboot.
c:\program files (x86)\clickpotatolite (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite\bin (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite\bin\10.0.668.0 (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite\bin\10.0.668.0\firefox (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite\bin\10.0.668.0\firefox\extensions (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite\bin\10.0.668.0\firefox\extensions\plugins (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\clickpotato (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\paladin antivirus (Rogue.PaladinAntivirus) -> Quarantined and deleted successfully.

Files Infected:
c:\program files (x86)\clickpotatolite\bin\10.0.668.0\clickpotatolitesaax.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\Games\gta4\grand theft auto iv\launchgtaiv.exe (Risktool.Crack) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\cnvpe.fne.000 (Worm.Autorun) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\cnvpe.fne.1.000 (Worm.Autorun) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\cnvpe.fne.2.000 (Worm.Autorun) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\cnvpe.fne.3.000 (Worm.Autorun) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\cnvpe.fne.4.000 (Worm.Autorun) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\cnvpe.fne.5.000 (Worm.Autorun) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\cnvpe.fne.6.000 (Worm.Autorun) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\cnvpe.fne.7.000 (Worm.Autorun) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\cnvpe.fne.8.000 (Worm.Autorun) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\cnvpe.fne.9.000 (Worm.Autorun) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\dp1.fne.000 (Worm.Autorun) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\dp1.fne.1.000 (Worm.Autorun) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\dp1.fne.10.000 (Worm.Autorun) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\dp1.fne.11.000 (Worm.Autorun) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\dp1.fne.2.000 (Worm.Autorun) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\dp1.fne.3.000 (Worm.Autorun) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\dp1.fne.4.000 (Worm.Autorun) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\dp1.fne.5.000 (Worm.Autorun) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\dp1.fne.6.000 (Worm.Autorun) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\dp1.fne.7.000 (Worm.Autorun) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\dp1.fne.8.000 (Worm.Autorun) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\dp1.fne.9.000 (Worm.Autorun) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\htmlview.fne.000 (HackTool.Patcher) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\htmlview.fne.1.000 (HackTool.Patcher) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\htmlview.fne.10.000 (HackTool.Patcher) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\htmlview.fne.11.000 (HackTool.Patcher) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\htmlview.fne.2.000 (HackTool.Patcher) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\htmlview.fne.3.000 (HackTool.Patcher) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\htmlview.fne.4.000 (HackTool.Patcher) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\htmlview.fne.5.000 (HackTool.Patcher) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\htmlview.fne.6.000 (HackTool.Patcher) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\htmlview.fne.7.000 (HackTool.Patcher) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\htmlview.fne.8.000 (HackTool.Patcher) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\htmlview.fne.9.000 (HackTool.Patcher) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\internet.fne.000 (HackTool.Patcher) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\internet.fne.1.000 (HackTool.Patcher) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\internet.fne.10.000 (HackTool.Patcher) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\internet.fne.11.000 (HackTool.Patcher) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\internet.fne.2.000 (HackTool.Patcher) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\internet.fne.3.000 (HackTool.Patcher) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\internet.fne.4.000 (HackTool.Patcher) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\internet.fne.5.000 (HackTool.Patcher) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\internet.fne.6.000 (HackTool.Patcher) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\internet.fne.7.000 (HackTool.Patcher) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\internet.fne.8.000 (HackTool.Patcher) -> Quarantined and deleted successfully.
c:\programdata\Sophos\sophos anti-virus\INFECTED\internet.fne.9.000 (HackTool.Patcher) -> Quarantined and deleted successfully.
c:\programdata\clickpotatolitesa\clickpotatolitesa.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\clickpotatolitesa\clickpotatolitesaabout.mht (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\clickpotatolitesa\clickpotatolitesaau.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\clickpotatolitesa\clickpotatolitesaeula.mht (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\clickpotatolitesa\clickpotatolitesa_hpk.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\clickpotatolitesa\clickpotatolitesa_kyf.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\program files (x86)\clickpotatolite\bin\10.0.668.0\firefox\extensions\install.rdf (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\clickpotato\About Us.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\clickpotato\clickpotato customer support.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\clickpotato\clickpotato uninstall instructions.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\paladin antivirus\paladin antivirus support.lnk (Rogue.PaladinAntivirus) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\paladin antivirus\paladin antivirus.lnk (Rogue.PaladinAntivirus) -> Quarantined and deleted successfully.

DDS log
.
DDS (Ver_2011-06-12.02) - NTFSAMD64
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_23
Run by Owner at 1:31:49 on 2011-06-15
Microsoft® Windows Vista™ Home Premium 6.0.6001.3.1252.2.1033.18.4092.987 [GMT -4:00]
.
AV: Sophos Anti-Virus *Enabled/Updated* {479CCF92-4960-B3E0-7373-BF453B467D2C}
SP: Sophos Anti-Virus *Enabled/Updated* {FCFD2E76-6F5A-BC6E-49C3-843740C13791}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Program Files (x86)\Jetico\BCWipe\BCWipeSvc.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_86727c20\STacSV64.exe
C:\Program Files (x86)\Jetico\BCWipe\BCWipeTM.exe
C:\Program Files (x86)\Jetico\BCWipe\BCWipeTM.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\vfsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_86727c20\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\SMINST\BLService.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Eraser\Eraser.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\PROGRA~2\Jetico\BCWipe\BCResident.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conime.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Windows\splwow64.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://start.facemoods.com/?a=ostpl
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cnnb
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cnnb
uInternet Settings,ProxyServer = 0.0.0.0:80
uInternet Settings,ProxyOverride = *.local;<local>
mSearchAssistant = hxxp://start.facemoods.com/?a=ostpl&s={searchTerms}&f=4
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: CescrtHlpr Object: {64182481-4f71-486b-a045-b233bd0da8fc} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\bh\facemoods.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: IplexToALLPlayer: {df925ef3-7a87-44e4-9caf-8d7b280bf616} - C:\PROGRA~2\OPENSU~1\Iplex\IPLEXT~1.DLL
BHO: SMTTB2009 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll
TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\yt.dll
TB: HyperCam Toolbar: {338b4dfe-2e2c-4338-9e41-e176d497299e} - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll
TB: facemoods Toolbar: {db4e9724-f518-4dfd-9c7c-78b52103cab9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\facemoodsTlbr.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [Google Update] "C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
uRun: [ALLUpdate] "C:\Program Files (x86)\OpenSubtitlesPlayer\ALLUpdate.exe" "sleep"
mRun: [UCam_Menu] "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [UpdatePDIRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
mRun: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [facemoods] "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\facemoodssrv.exe" /md I
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [BCWipeTM Startup] "C:\Program Files (x86)\Jetico\BCWipe\BCWipeTM.exe" startup
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files\Logitech\SetPoint\SetPoint.exe

killza 0 Light Poster · Answer 5 · 2011-06-15T11:36:24+00:00

DDS log continued

mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{F3FBFDFA-C766-4C16-93C4-2DAE8BD4F202} : DhcpNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
LSA: Notification Packages = scecli DPPWDFLT
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: CescrtHlpr Object: {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\bh\facemoods.dll
BHO-X64: facemoods Helper - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: IplexToALLPlayer: {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\OPENSU~1\Iplex\IPLEXT~1.DLL
BHO-X64: SMTTB2009 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll
BHO-X64: SMTTB2009 - No File
TB-X64: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\yt.dll
TB-X64: HyperCam Toolbar: {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll
TB-X64: facemoods Toolbar: {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\facemoodsTlbr.dll
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun-x64: [UCam_Menu] "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
mRun-x64: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun-x64: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun-x64: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun-x64: [UpdatePDIRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
mRun-x64: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun-x64: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [facemoods] "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\facemoodssrv.exe" /md I
mRun-x64: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun-x64: [BCWipeTM Startup] "C:\Program Files (x86)\Jetico\BCWipe\BCWipeTM.exe" startup
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE-X64: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\v62ldiv0.default\
FF - prefs.js: browser.search.selectedEngine - Facemoods Search
FF - prefs.js: browser.startup.homepage - hxxp://start.facemoods.com/?a=ostpl
FF - component: C:\DepositFiles\Depositfiles Filemanager with FTP\Firefox\components\IDfXpCom.dll
FF - component: C:\Program Files (x86)\DigitalPersona\Bin\firefoxext\components\dpffcli.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\v62ldiv0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\v62ldiv0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npclntax_ClickPotatoLiteSA.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
user_pref(places.frecency.bookmarkVisitBonus,0);
user_pref(places.frecency.unvisitedBookmarkBonus,0);
user_pref(browser.startup.homepage,hxxp://start.facemoods.com/?a=ostpl);
user_pref(browser.startup.page,1);
user_pref(browser.search.defaultenginename,Facemoods Search);
user_pref(browser.download.lastDir,C:\\Users\\Owner\\Documents\\Desktop\\);
.
============= SERVICES / DRIVERS ===============
.
R0 fsh;fsh;C:\Windows\system32\drivers\fsh.sys --> C:\Windows\system32\drivers\fsh.sys [?]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 nltdi;nltdi;\??\C:\Windows\system32\drivers\nltdi.sys --> C:\Windows\system32\drivers\nltdi.sys [?]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};{55662437-DA8C-40c0-AADA-2C816A897A49};C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2008-9-26 27632]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_86727c20\AESTSr64.exe --> C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_86727c20\AESTSr64.exe [?]
R2 BCWipeSvc;BCWipe service;C:\Program Files (x86)\Jetico\BCWipe\BCWipeSvc.exe [2011-3-28 95544]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-5-25 2275720]
R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2010-2-20 366640]
R2 Recovery Service for Windows;Recovery Service for Windows;C:\Program Files (x86)\SMINST\BLService.exe [2008-11-7 365952]
R2 Sophos AutoUpdate Service;Sophos AutoUpdate Service;C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [2009-8-22 172032]
R2 vfsFPService;Validity Fingerprint Service;C:\Windows\System32\vfsFPService.exe [2008-9-16 599344]
R2 vpnagent;Cisco AnyConnect VPN Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2009-10-9 493248]
R3 enecir;ENE CIR Receiver;C:\Windows\system32\DRIVERS\enecir.sys --> C:\Windows\system32\DRIVERS\enecir.sys [?]
R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 NETw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\NETw5v64.sys --> C:\Windows\system32\DRIVERS\NETw5v64.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 Point64;Microsoft IntelliPoint Filter Driver;C:\Windows\system32\DRIVERS\point64k.sys --> C:\Windows\system32\DRIVERS\point64k.sys [?]
R3 vfs101a;vfs101a;C:\Windows\system32\drivers\vfs101a.sys --> C:\Windows\system32\drivers\vfs101a.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-18 135664]
S3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-11-7 193840]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-18 135664]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;C:\Windows\System32\drivers\libusb0.sys [2009-7-13 28672]
S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
S3 NETw3v64;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\NETw3v64.sys --> C:\Windows\system32\DRIVERS\NETw3v64.sys [?]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x64.sys --> C:\Windows\system32\DRIVERS\yk60x64.sys [?]
S4 BCSWAP;BCSWAP;C:\Windows\system32\drivers\BCSWAP.sys --> C:\Windows\system32\drivers\BCSWAP.sys [?]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-6-14 93184]
.
=============== File Associations ===============
.
.reg=Regedit.Document
.
=============== Created Last 30 ================
.
2011-06-15 04:44:46 14744 ----a-w- C:\Users\Owner\AppData\Roaming\Microsoft\IdentityCRL\production\ppcrlconfig.dll
2011-06-14 13:20:30 -------- d-----w- C:\Program Files (x86)\ESET
2011-06-14 04:22:05 -------- d-----w- C:\Users\Owner\AppData\Local\AOL
2011-06-14 04:22:05 -------- d-----w- C:\Users\Owner\AppData\Local\AIM
2011-06-14 01:54:59 8718160 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{67C039F4-8C1D-474C-A782-FD6FEEFBCAD0}\mpengine.dll
2011-06-12 03:57:58 -------- d-----w- C:\Program Files (x86)\eSupport.com
2011-06-11 18:46:56 442368 ----a-w- C:\Windows\System32\winhttp.dll
2011-06-11 18:46:56 378368 ----a-w- C:\Windows\SysWow64\winhttp.dll
2011-06-11 18:46:31 33280 ----a-w- C:\Windows\System32\drivers\fr-FR\http.sys.mui
2011-06-11 18:46:31 28160 ----a-w- C:\Windows\System32\drivers\en-US\http.sys.mui
2011-06-11 18:45:40 179712 ----a-w- C:\Windows\System32\srvsvc.dll
2011-06-11 18:45:38 12288 ----a-w- C:\Windows\System32\sscore.dll
2011-06-11 18:45:37 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
2011-06-11 18:45:37 17920 ----a-w- C:\Windows\SysWow64\netevent.dll
2011-06-11 18:45:37 17920 ----a-w- C:\Windows\System32\netevent.dll
2011-06-11 18:40:51 8718160 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-06-11 18:38:06 32256 ----a-w- C:\Windows\System32\Apphlpdm.dll
2011-06-11 18:38:06 28672 ----a-w- C:\Windows\SysWow64\Apphlpdm.dll
2011-06-11 18:38:05 4240384 ----a-w- C:\Windows\SysWow64\GameUXLegacyGDFs.dll
2011-06-11 18:38:04 4240384 ----a-w- C:\Windows\System32\GameUXLegacyGDFs.dll
2011-06-11 10:03:47 -------- d-----w- C:\Users\Owner\AppData\Local\Eraser 6
2011-06-11 09:42:44 316416 ----a-w- C:\Windows\System32\msshsq.dll
2011-06-11 09:42:44 231936 ----a-w- C:\Windows\SysWow64\msshsq.dll
2011-06-11 08:54:05 -------- d-----w- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2011-06-11 08:37:47 32768 ----a-w- C:\Windows\System32\nshhttp.dll
2011-06-11 08:37:47 24064 ----a-w- C:\Windows\SysWow64\nshhttp.dll
2011-06-11 08:37:37 610304 ----a-w- C:\Windows\System32\drivers\http.sys
2011-06-11 08:37:34 33792 ----a-w- C:\Windows\System32\httpapi.dll
2011-06-11 08:37:33 31232 ----a-w- C:\Windows\SysWow64\httpapi.dll
2011-06-11 07:47:26 101376 ----a-w- C:\Windows\System32\MSNP.ax
2011-06-11 07:47:25 80896 ----a-w- C:\Windows\SysWow64\MSNP.ax
2011-06-11 07:47:18 375808 ----a-w- C:\Windows\System32\psisdecd.dll
2011-06-11 07:47:18 293376 ----a-w- C:\Windows\SysWow64\psisdecd.dll
2011-06-11 07:47:16 217088 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2011-06-11 07:47:15 289792 ----a-w- C:\Windows\System32\psisrndr.ax
2011-06-11 07:44:08 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2011-06-11 07:44:08 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2011-06-11 07:44:08 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2011-06-11 07:44:08 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2011-06-11 07:44:07 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2011-06-11 07:44:07 444752 ----a-w- C:\Windows\System32\mscoree.dll
2011-06-11 07:44:07 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2011-06-11 07:44:07 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2011-06-11 07:44:07 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2011-06-11 07:44:07 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2011-06-11 07:32:19 2048 ----a-w- C:\Windows\SysWow64\winrsmgr.dll
2011-06-11 07:32:19 2048 ----a-w- C:\Windows\System32\winrsmgr.dll
2011-06-11 07:32:15 13312 ----a-w- C:\Windows\System32\wsmplpxy.dll
2011-06-11 07:32:15 13312 ----a-w- C:\Windows\System32\winrssrv.dll
2011-06-11 07:30:33 201184 ----a-w- C:\Windows\SysWow64\winrm.vbs
2011-06-11 03:30:03 -------- d-----w- C:\Program Files\Eraser
2011-06-10 21:02:17 -------- d-----w- C:\Users\Owner\AppData\Local\CrashDumps
2011-06-10 18:41:24 343040 ----a-w- C:\Windows\System32\schannel.dll
2011-06-10 18:41:24 274432 ----a-w- C:\Windows\SysWow64\schannel.dll
2011-06-10 18:40:48 1486848 ----a-w- C:\Program Files\Windows Media Player\setup_wm.exe
2011-06-10 18:40:48 1418752 ----a-w- C:\Program Files (x86)\Windows Media Player\setup_wm.exe
2011-06-10 18:40:47 372736 ----a-w- C:\Windows\System32\unregmp2.exe
2011-06-10 18:40:46 310784 ----a-w- C:\Windows\SysWow64\unregmp2.exe
2011-06-10 18:39:32 1420176 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-06-10 18:39:23 408064 ----a-w- C:\Program Files\Windows NT\Accessories\wordpad.exe
2011-06-10 18:39:23 1923584 ----a-w- C:\Windows\System32\ole32.dll

killza 0 Light Poster · Answer 6 · 2011-06-15T11:36:42+00:00

DDS log continued

2011-06-10 18:39:23 1315840 ----a-w- C:\Windows\SysWow64\ole32.dll
2011-06-10 18:39:22 339968 ----a-w- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
2011-06-10 18:39:17 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll
2011-06-10 18:39:17 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll
2011-06-10 18:39:14 461312 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-06-10 18:39:13 176128 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-06-10 18:39:13 144896 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-06-10 18:37:57 317952 ----a-w- C:\Windows\SysWow64\MP4SDECD.DLL
2011-06-10 18:37:57 295424 ----a-w- C:\Windows\System32\MP4SDECD.DLL
2011-06-10 18:37:52 267776 ----a-w- C:\Windows\System32\spoolsv.exe
2011-06-10 18:37:49 81920 ----a-w- C:\Windows\SysWow64\iccvid.dll
2011-06-10 18:37:43 2409784 ----a-w- C:\Program Files\Windows Mail\OESpamFilter.dat
2011-06-10 18:37:43 2409784 ----a-w- C:\Program Files (x86)\Windows Mail\OESpamFilter.dat
2011-06-10 18:37:37 1794560 ----a-w- C:\Windows\System32\msxml6.dll
2011-06-10 18:37:35 1399296 ----a-w- C:\Windows\SysWow64\msxml6.dll
2011-06-10 18:36:59 171008 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2011-06-10 18:36:59 168960 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2011-06-10 18:36:56 8147968 ----a-w- C:\Windows\System32\wmploc.DLL
2011-06-10 18:36:56 8147456 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2011-06-10 18:32:46 2760704 ----a-w- C:\Windows\System32\win32k.sys
2011-06-10 18:32:36 2424320 ----a-w- C:\Windows\System32\mstscax.dll
2011-06-10 18:32:33 2067456 ----a-w- C:\Windows\SysWow64\mstscax.dll
2011-06-10 18:32:32 730624 ----a-w- C:\Windows\System32\mstsc.exe
2011-06-10 18:32:32 677888 ----a-w- C:\Windows\SysWow64\mstsc.exe
2011-06-10 18:32:26 82944 ----a-w- C:\Windows\System32\msasn1.dll
2011-06-10 18:32:26 61440 ----a-w- C:\Windows\SysWow64\msasn1.dll
2011-06-10 18:30:46 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-06-10 18:30:46 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-06-10 18:29:23 72192 ----a-w- C:\Windows\System32\l3codeca.acm
2011-06-10 18:29:23 62464 ----a-w- C:\Windows\SysWow64\l3codeca.acm
2011-06-10 18:29:16 622080 ----a-w- C:\Windows\System32\usp10.dll
2011-06-10 18:29:16 501760 ----a-w- C:\Windows\SysWow64\usp10.dll
2011-06-10 18:28:54 1360384 ----a-w- C:\Windows\System32\mfc42u.dll
2011-06-10 18:28:50 1398784 ----a-w- C:\Windows\System32\mfc42.dll
2011-06-10 18:28:49 1136640 ----a-w- C:\Windows\SysWow64\mfc42.dll
2011-06-10 18:28:47 1161728 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2011-06-10 18:28:38 117760 ----a-w- C:\Windows\System32\dnsrslvr.dll
2011-06-10 18:28:37 28672 ----a-w- C:\Windows\System32\dnscacheugc.exe
2011-06-10 18:28:37 25088 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
2011-06-10 18:28:32 1090048 ----a-w- C:\Windows\System32\wmpmde.dll
2011-06-10 18:28:31 866816 ----a-w- C:\Windows\SysWow64\wmpmde.dll
2011-06-10 18:08:58 218112 ----a-w- C:\Windows\System32\wintrust.dll
2011-06-10 18:08:58 171520 ----a-w- C:\Windows\SysWow64\wintrust.dll
2011-06-10 18:07:54 98304 ----a-w- C:\Windows\SysWow64\cabview.dll
2011-06-10 18:07:54 104960 ----a-w- C:\Windows\System32\cabview.dll
2011-06-10 17:42:32 854528 ----a-w- C:\Windows\System32\schedsvc.dll
2011-06-10 17:42:31 655872 ----a-w- C:\Windows\System32\taskschd.dll
2011-06-10 17:42:30 499712 ----a-w- C:\Windows\System32\wmicmiplugin.dll
2011-06-10 17:42:30 357376 ----a-w- C:\Windows\SysWow64\taskschd.dll
2011-06-10 17:42:29 267776 ----a-w- C:\Windows\System32\taskeng.exe
2011-06-10 17:42:28 410112 ----a-w- C:\Windows\System32\taskcomp.dll
2011-06-10 17:42:25 270336 ----a-w- C:\Windows\SysWow64\taskcomp.dll
2011-06-10 17:42:25 171520 ----a-w- C:\Windows\SysWow64\taskeng.exe
2011-06-10 17:25:34 601424 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D46A6282-A434-421D-9868-EFD4213FD3B2}\gapaengine.dll
2011-06-10 17:23:28 2621440 ----a-w- C:\Windows\System32\wucltux.dll
2011-06-10 17:22:50 87552 ----a-w- C:\Windows\SysWow64\wudriver.dll
2011-06-10 17:22:49 98816 ----a-w- C:\Windows\System32\wudriver.dll
2011-06-10 17:22:14 36864 ----a-w- C:\Windows\System32\wuapp.exe
2011-06-10 17:22:14 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe
2011-06-10 17:22:14 185416 ----a-w- C:\Windows\System32\wuwebv.dll
2011-06-10 17:22:14 171608 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2011-06-10 17:20:39 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2011-06-10 17:20:28 -------- d-----w- C:\Program Files\Microsoft Security Client
2011-06-10 17:01:10 -------- d--h--w- C:\ProgramData\Common Files
2011-06-10 16:57:11 -------- d-----w- C:\Users\Owner\AppData\Local\Mil Incorporated
2011-06-10 16:56:39 -------- d-----w- C:\Program Files (x86)\Mil Incorporated
2011-06-10 16:54:18 -------- d-----w- C:\ProgramData\MFAData
2011-06-10 15:51:49 -------- d-----w- C:\Users\Owner\AppData\Local\Deployment
2011-06-10 15:51:49 -------- d-----w- C:\Users\Owner\AppData\Local\Apps
2011-06-10 05:29:45 -------- d-----w- C:\Program Files (x86)\Jetico
2011-06-09 21:42:28 -------- d-----w- C:\Windows\SysWow64\Data
2011-05-30 16:21:28 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
2011-05-16 18:37:48 -------- d-----w- C:\Program Files (x86)\Yuna Software
.
==================== Find3M ====================
.
2011-06-03 06:51:14 280768 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2011-06-03 06:51:14 280768 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2011-06-03 06:43:28 280768 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2011-05-29 13:11:30 39984 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-05-29 13:11:20 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-05-13 10:02:51 58432 ----a-w- C:\Windows\System32\drivers\fsh.sys
2011-04-09 22:55:44 15453336 ----a-w- C:\Windows\SysWow64\xlive.dll
2011-04-09 22:55:42 13642904 ----a-w- C:\Windows\SysWow64\xlivefnt.dll
2010-07-19 19:33:11 925080 ----a-w- C:\Program Files (x86)\HyCam2.exe
2010-07-09 16:48:00 132608 ----a-w- C:\Program Files (x86)\CamRes2.dll
2010-04-26 20:18:02 44032 ----a-w- C:\Program Files (x86)\MClick2.dll
2010-04-26 20:05:41 78248 ----a-w- C:\Program Files (x86)\UnHyCam2.exe
.
============= FINISH: 1:32:59.67 ===============

killza 0 Light Poster · Answer 7 · 2011-06-15T11:36:57+00:00

attach log

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-12.02)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 17/05/2009 7:35:07 AM
System Uptime: 14/06/2011 9:12:26 AM (16 hours ago)
.
Motherboard: Quanta | | 361B
Processor: Intel(R) Core(TM)2 Duo CPU P7450 @ 2.13GHz | CPU | 2133/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 286 GiB total, 36.662 GiB free.
D: is FIXED (NTFS) - 12 GiB total, 1.937 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Device ID: ROOT\NET\0001
Manufacturer: Cisco Systems
Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
PNP Device ID: ROOT\NET\0001
Service: vpnva
.
Class GUID: {4d36e97d-e325-11ce-bfc1-08002be10318}
Description: AMD Low Level Device Driver
Device ID: ROOT\SYSTEM\0003
Manufacturer: Advanced Micro Devices
Name: AMD Low Level Device Driver
PNP Device ID: ROOT\SYSTEM\0003
Service: AmdLLD64
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: Apple Mobile Device USB Driver
Device ID: ROOT\UNKNOWN\0000
Manufacturer: Apple, Inc.
Name: Apple Mobile Device USB Driver
PNP Device ID: ROOT\UNKNOWN\0000
Service: USBAAPL64
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: Apple Mobile Device USB Driver
Device ID: ROOT\UNKNOWN\0001
Manufacturer: Apple, Inc.
Name: Apple Mobile Device USB Driver
PNP Device ID: ROOT\UNKNOWN\0001
Service: USBAAPL64
.
==== System Restore Points ===================
.
RP1085: 14/06/2011 7:06:06 PM - Removed Sophos Anti-Virus
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Activation Assistant for the 2007 Microsoft Office suites
ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.3
Adobe Shockwave Player 11.5
AIM 7
Alien Swarm
Apple Application Support
Apple Software Update
Audiosurf
Baseball Mogul 2011
Baseball Mogul 2011 Patch from 1305 to 1308
Battlefield: Bad Company 2
BCWipe 5.0
Beat Hazard
Borderlands
Burnout(TM) Paradise The Ultimate Box
Call of Duty(R) 2
Cisco AnyConnect VPN Client
Combined Community Codec Pack 2008-09-21 16:18
Command and Conquer: Red Alert 3
Compatibility Pack for the 2007 Office system
CopyTrans Suite Remove Only
Counter-Strike: Source
CSS FULL DZ [Oct 15 2007] v18.1
CyberLink DVD Suite
DAEMON Tools Toolbar
DC++ 0.750
Defense Grid: The Awakening
DepositFiles FileManager with FTP 0.9.9.163
DivX Setup
DjVuLibre+DjView
Download Updater (AOL LLC)
Dual-Core Optimizer
erLT
ESET Online Scanner v3
ESU for Microsoft Vista
eSupport UndeletePlus 3.0.2.406
F1 2010
Facemoods Toolbar
Fallout 3
foldit
Free Convert to DIVX AVI WMV MP4 MPEG Converter 5.8
Google Chrome
Google Earth Plug-in
Google Update Helper
GrabIt 1.7.2 Beta 4 (build 997)
Grand Theft Auto IV
Half-Life 2
Half-Life 2: Episode One
Hearts of Iron III
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Experience Enhancements
HP Doc Viewer
HP Help and Support
HP MediaSmart DVD
HP MediaSmart Music/Photo/Video
HP MediaSmart Webcam
HP Quick Launch Buttons 6.40 H2
HP Update
HP User Guides 0115
HP Wireless Assistant
HPAsset component for HP Active Support Library
HPTCSSetup
HyperCam 2
HyperCam Toolbar
I-Doser 4.50
IBM SPSS Statistics 19
IDT Audio
iPhone Configuration Utility
Java Auto Updater
Java(TM) 6 Update 23
Java(TM) 6 Update 7
JDownloader
JMicron JMB38X Flash Media Controller
Junk Mail filter update
K-Lite Codec Pack 4.0.0 (Full)
LabelPrint
Left 4 Dead 2
LightScribe System Software 1.14.17.1
LimeWire 5.4.6
Logitech SetPoint
LogMeIn Hamachi
Malwarebytes' Anti-Malware version 1.51.0.1200
Matroska Pack
Messenger Plus! 5
Messenger Plus! Live
Microsoft Choice Guard
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Live Search Toolbar
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
Microsoft WSE 3.0 Runtime
Mozilla Firefox 4.0 (x86 en-US)
MSVC80_x86
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
muvee Reveal
My HP Games
NetLimiter 2 Pro (remove only)
NetZero Preloader
Norton Security Scan
NVIDIA PhysX
OpenAL
OpenSubtitlesPlayer V4.X
PASW Statistics Student Version 18.0
PC Connectivity Solution
PDFCreator
PokerStars.net
Portal
Power2Go
PowerDirector
PowerISO
PunkBuster Services
QuickFreedom 1.2.0
QuickTime
Rapture3D 2.4.4 Game
RCT3 Soaked
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek 8169 8168 8101E 8102E Ethernet Driver
RealUpgrade 1.1
Restaurant Empire 2
Rockstar Games Social Club
RollerCoaster Tycoon® 3
SamsungConnectivityCableDriver
SecondLifeViewer2 (remove only)
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2466156)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2464583)
Security Update for Microsoft Office Groove 2007 (KB2494047)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Sid Meier's Civilization IV
Sid Meier's Civilization IV: Beyond the Sword
Sid Meier's Civilization IV: Warlords
SimCity 4 Deluxe
SimpleOCR 3.1
Skype™ 5.1
Sophos AutoUpdate
Starcraft
StarCraft II Beta
Steam
Team Fortress 2
The Elder Scrolls IV: Oblivion - Game of the Year Edition
The Sims™ 3
The Sims™ 3 High-End Loft Stuff
The Sims™ 3 World Adventures
Torchlight
Trine
Trine Demo
Tropico 3 - Steam Special Edition
TVAnts 1.0
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2509470)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2536413)
VC80CRTRedist - 8.0.50727.4053
Virtual Villagers 3 - The Secret City
VLC media player 1.0.5
Warhammer 40,000: Dawn of War
Warhammer 40,000: Dawn of War - Dark Crusade
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live OneCare safety scanner
Windows Live Photo Gallery
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Player Firefox Plugin
Yahoo! Messenger
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
09/06/2011 9:53:15 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.31 for the Network Card with network address 0022FA4D6DC8 has been denied by the DHCP server 1.1.1.1 (The DHCP Server sent a DHCPNACK message).
09/06/2011 3:07:45 PM, Error: EventLog [6008] - The previous system shutdown at 11:07:45 AM on 09/06/2011 was unexpected.
09/06/2011 12:36:57 AM, Error: EventLog [6008] - The previous system shutdown at 12:20:21 AM on 09/06/2011 was unexpected.
08/06/2011 3:13:49 AM, Error: SAVOnAccess [81] -
08/06/2011 2:45:33 PM, Error: Microsoft-Windows-LanguagePackSetup [1003] - CBS error 0x800f0825 reported while operating on UI Language Pack for fr-FR
08/06/2011 2:30:11 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the vpnagent service.
.
==== End Of File ===========================

killza 0 Light Poster · Answer 8 · 2011-06-24T01:31:36+00:00

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6923

Windows 6.0.6001 Service Pack 3
Internet Explorer 7.0.6001.18000

23/06/2011 4:51:23 AM
mbam-log-2011-06-23 (04-51-23).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 704582
Time elapsed: 2 hour(s), 55 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

I think I might've encountered a new problem though, it seems as if someone somehow changed the name of my google chrome to "what what" (it still functions the same). I'm not sure if I did this unconsciously or if someone actually hacked into my computer and changed it. How should I go about this?

killza 0 Light Poster · Answer 9 · 2011-06-24T02:13:48+00:00

Yes, I did use the SAS and deleted everything it found, unforunately, I don't know where the log file is.

Here is the attach log

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-12.02)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 17/05/2009 7:35:07 AM
System Uptime: 22/06/2011 2:14:51 PM (26 hours ago)
.
Motherboard: Quanta | | 361B
Processor: Intel(R) Core(TM)2 Duo CPU P7450 @ 2.13GHz | CPU | 2133/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 286 GiB total, 29.84 GiB free.
D: is FIXED (NTFS) - 12 GiB total, 1.937 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Device ID: ROOT\NET\0001
Manufacturer: Cisco Systems
Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
PNP Device ID: ROOT\NET\0001
Service: vpnva
.
Class GUID: {4d36e97d-e325-11ce-bfc1-08002be10318}
Description: AMD Low Level Device Driver
Device ID: ROOT\SYSTEM\0003
Manufacturer: Advanced Micro Devices
Name: AMD Low Level Device Driver
PNP Device ID: ROOT\SYSTEM\0003
Service: AmdLLD64
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: Apple Mobile Device USB Driver
Device ID: ROOT\UNKNOWN\0000
Manufacturer: Apple, Inc.
Name: Apple Mobile Device USB Driver
PNP Device ID: ROOT\UNKNOWN\0000
Service: USBAAPL64
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: Apple Mobile Device USB Driver
Device ID: ROOT\UNKNOWN\0001
Manufacturer: Apple, Inc.
Name: Apple Mobile Device USB Driver
PNP Device ID: ROOT\UNKNOWN\0001
Service: USBAAPL64
.
==== System Restore Points ===================
.
RP1105: 22/06/2011 2:29:41 PM - Windows Update
RP1106: 22/06/2011 2:32:56 PM - Language Pack Removal
RP1107: 22/06/2011 8:52:44 PM - Installed Java(TM) 6 Update 26
RP1108: 23/06/2011 1:36:28 AM - Removed Eraser 6.0.8.2273
RP1109: 23/06/2011 1:51:24 AM - Removed Eraser 6.0.8.2273
RP1110: 23/06/2011 2:21:57 PM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Activation Assistant for the 2007 Microsoft Office suites
ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.3
Adobe Shockwave Player 11.5
AIM 7
Alien Swarm
Apple Application Support
Apple Software Update
Audiosurf
Baseball Mogul 2011
Baseball Mogul 2011 Patch from 1305 to 1308
Battlefield: Bad Company 2
BCWipe 5.0
Beat Hazard
Borderlands
Burnout(TM) Paradise The Ultimate Box
Call of Duty(R) 2
Cisco AnyConnect VPN Client
Combined Community Codec Pack 2008-09-21 16:18
Command and Conquer: Red Alert 3
Compatibility Pack for the 2007 Office system
CopyTrans Suite Remove Only
Counter-Strike: Source
CSS FULL DZ [Oct 15 2007] v18.1
CyberLink DVD Suite
DAEMON Tools Toolbar
DC++ 0.750
Defense Grid: The Awakening
DepositFiles FileManager with FTP 0.9.9.163
DivX Setup
DjVuLibre+DjView
Download Updater (AOL LLC)
Dual-Core Optimizer
erLT
ESET Online Scanner v3
ESU for Microsoft Vista
eSupport UndeletePlus 3.0.2.406
F1 2010
Fallout 3
foldit
Free Convert to DIVX AVI WMV MP4 MPEG Converter 5.8
Google Chrome
Google Earth Plug-in
Google Update Helper
GrabIt 1.7.2 Beta 4 (build 997)
Grand Theft Auto IV
Guitar Pro 5.2
Half-Life 2
Half-Life 2: Episode One
Hearts of Iron III
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Experience Enhancements
HP Doc Viewer
HP Help and Support
HP MediaSmart DVD
HP MediaSmart Music/Photo/Video
HP MediaSmart Webcam
HP Quick Launch Buttons 6.40 H2
HP Update
HP User Guides 0115
HP Wireless Assistant
HPAsset component for HP Active Support Library
HPTCSSetup
HyperCam 2
HyperCam Toolbar
I-Doser 4.50
IBM SPSS Statistics 19
IDT Audio
iPhone Configuration Utility
Java Auto Updater
Java(TM) 6 Update 26
Java(TM) 6 Update 7
JDownloader
JMicron JMB38X Flash Media Controller
Junk Mail filter update
K-Lite Codec Pack 4.0.0 (Full)
LabelPrint
Left 4 Dead 2
LightScribe System Software 1.14.17.1
LimeWire 5.4.6
Logitech SetPoint
LogMeIn Hamachi
Malwarebytes' Anti-Malware version 1.51.0.1200
Matroska Pack
Messenger Plus! 5
Messenger Plus! Live
Microsoft Choice Guard
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Live Search Toolbar
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Microsoft WSE 3.0 Runtime
Mozilla Firefox 4.0 (x86 en-US)
MSVC80_x86
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
muvee Reveal
My HP Games
NetLimiter 2 Pro (remove only)
NetZero Preloader
Norton Security Scan
NVIDIA PhysX
OpenAL
OpenSubtitlesPlayer V4.X
PASW Statistics Student Version 18.0
PC Connectivity Solution
PDFCreator
PokerStars.net
Portal
Power2Go
PowerDirector
PowerISO
PunkBuster Services
QuickFreedom 1.2.0
QuickTime
Rapture3D 2.4.4 Game
RCT3 Soaked
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek 8169 8168 8101E 8102E Ethernet Driver
RealUpgrade 1.1
Restaurant Empire 2
Rockstar Games Social Club
RollerCoaster Tycoon® 3
SamsungConnectivityCableDriver
SecondLifeViewer2 (remove only)
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft Office 2007 System (KB2541012)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2541007)
Security Update for Microsoft Office Groove 2007 (KB2494047)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Sid Meier's Civilization IV
Sid Meier's Civilization IV: Beyond the Sword
Sid Meier's Civilization IV: Warlords
SimCity 4 Deluxe
SimpleOCR 3.1
Skype™ 5.1
Sophos AutoUpdate
Starcraft
StarCraft II Beta
Steam
Team Fortress 2
The Elder Scrolls IV: Oblivion - Game of the Year Edition
The Sims™ 3
The Sims™ 3 High-End Loft Stuff
The Sims™ 3 World Adventures
Torchlight
Trine
Trine Demo
Tropico 3 - Steam Special Edition
TVAnts 1.0
Unity Web Player
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2509470)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2536413)
VC80CRTRedist - 8.0.50727.4053
Virtual Villagers 3 - The Secret City
VLC media player 1.0.5
Warhammer 40,000: Dawn of War
Warhammer 40,000: Dawn of War - Dark Crusade
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live OneCare safety scanner
Windows Live Photo Gallery
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Player Firefox Plugin
Yahoo! Messenger
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
23/06/2011 2:22:54 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.
22/06/2011 2:31:59 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.
22/06/2011 2:15:45 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.
22/06/2011 2:15:45 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
22/06/2011 1:43:00 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.
22/06/2011 1:43:00 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
21/06/2011 1:29:07 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.105.2367.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6903.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
20/06/2011 1:37:25 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.
20/06/2011 1:26:44 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.31 for the Network Card with network address 0022FA4D6DC8 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
20/06/2011 1:23:28 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.
20/06/2011 1:23:28 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
19/06/2011 3:34:21 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.
19/06/2011 3:34:21 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
19/06/2011 2:11:38 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.
18/06/2011 2:11:18 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.
18/06/2011 1:59:19 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.
18/06/2011 1:59:19 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
17/06/2011 3:15:04 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
17/06/2011 3:15:04 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
17/06/2011 3:15:03 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
17/06/2011 12:57:26 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.
17/06/2011 12:57:26 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
17/06/2011 1:12:10 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.
16/06/2011 9:06:56 AM, Error: Microsoft-Windows-LanguagePackSetup [1003] - CBS error 0x800f0825 reported while operating on UI Language Pack for fr-FR
16/06/2011 8:52:56 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Network Inspection System Error Code: 0x8007042c Error description: The dependency service or group failed to start. Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.
16/06/2011 8:52:56 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
16/06/2011 8:51:54 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the vpnagent service.
.
==== End Of File ===========================

killza 0 Light Poster · Answer 10 · 2011-06-24T02:15:14+00:00

DDS log:

.
DDS (Ver_2011-06-12.02) - NTFSAMD64
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_26
Run by Owner at 16:09:01 on 2011-06-23
Microsoft® Windows Vista™ Home Premium 6.0.6001.3.1252.2.1033.18.4092.918 [GMT -4:00]
.
AV: Sophos Anti-Virus *Enabled/Updated* {479CCF92-4960-B3E0-7373-BF453B467D2C}
SP: Sophos Anti-Virus *Enabled/Updated* {FCFD2E76-6F5A-BC6E-49C3-843740C13791}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Program Files (x86)\Jetico\BCWipe\BCWipeSvc.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Jetico\BCWipe\BCWipeTM.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_86727c20\STacSV64.exe
C:\Program Files (x86)\Jetico\BCWipe\BCWipeTM.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vfsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_86727c20\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\SMINST\BLService.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\NetLimiter 2 Pro\NLClient.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\PROGRA~2\Jetico\BCWipe\BCResident.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Windows\system32\conime.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://start.facemoods.com/?a=ostpl
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cnnb
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cnnb
uInternet Settings,ProxyServer = 0.0.0.0:80
uInternet Settings,ProxyOverride = *.local;<local>
mSearchAssistant = hxxp://start.facemoods.com/?a=ostpl&s={searchTerms}&f=4
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: IplexToALLPlayer: {df925ef3-7a87-44e4-9caf-8d7b280bf616} - C:\PROGRA~2\OPENSU~1\Iplex\IPLEXT~1.DLL
BHO: SMTTB2009 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll
TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\yt.dll
TB: HyperCam Toolbar: {338b4dfe-2e2c-4338-9e41-e176d497299e} - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [Google Update] "C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
uRun: [ALLUpdate] "C:\Program Files (x86)\OpenSubtitlesPlayer\ALLUpdate.exe" "sleep"
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [UCam_Menu] "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [UpdatePDIRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
mRun: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [BCWipeTM Startup] "C:\Program Files (x86)\Jetico\BCWipe\BCWipeTM.exe" startup
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files\Logitech\SetPoint\SetPoint.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{4A77858C-E990-428A-BD1E-B3066E16C603} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{F3FBFDFA-C766-4C16-93C4-2DAE8BD4F202} : DhcpNameServer = 192.168.0.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
LSA: Notification Packages = scecli DPPWDFLT
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: IplexToALLPlayer: {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\OPENSU~1\Iplex\IPLEXT~1.DLL
BHO-X64: SMTTB2009 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll
BHO-X64: SMTTB2009 - No File
TB-X64: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\yt.dll
TB-X64: HyperCam Toolbar: {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\HyperCam Toolbar\tbcore3.dll
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun-x64: [UCam_Menu] "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
mRun-x64: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun-x64: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun-x64: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun-x64: [UpdatePDIRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
mRun-x64: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun-x64: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun-x64: [BCWipeTM Startup] "C:\Program Files (x86)\Jetico\BCWipe\BCWipeTM.exe" startup
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE-X64: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

killza 0 Light Poster · Answer 11 · 2011-06-24T02:15:29+00:00

continued

.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\v62ldiv0.default\
FF - prefs.js: browser.search.selectedEngine - Facemoods Search
FF - prefs.js: browser.startup.homepage - hxxp://start.facemoods.com/?a=ostpl
FF - component: C:\DepositFiles\Depositfiles Filemanager with FTP\Firefox\components\IDfXpCom.dll
FF - component: C:\Program Files (x86)\DigitalPersona\Bin\firefoxext\components\dpffcli.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\v62ldiv0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\v62ldiv0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npclntax_ClickPotatoLiteSA.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
user_pref(places.frecency.bookmarkVisitBonus,0);
user_pref(places.frecency.unvisitedBookmarkBonus,0);
user_pref(browser.startup.homepage,hxxp://start.facemoods.com/?a=ostpl);
user_pref(browser.startup.page,1);
user_pref(browser.search.defaultenginename,Facemoods Search);
user_pref(browser.download.lastDir,C:\\Users\\Owner\\Documents\\Desktop\\);
.
============= SERVICES / DRIVERS ===============
.
R0 fsh;fsh;C:\Windows\system32\drivers\fsh.sys --> C:\Windows\system32\drivers\fsh.sys [?]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 nltdi;nltdi;\??\C:\Windows\system32\drivers\nltdi.sys --> C:\Windows\system32\drivers\nltdi.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-5-4 128384]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};{55662437-DA8C-40c0-AADA-2C816A897A49};C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2008-9-26 27632]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_86727c20\AESTSr64.exe --> C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_86727c20\AESTSr64.exe [?]
R2 BCWipeSvc;BCWipe service;C:\Program Files (x86)\Jetico\BCWipe\BCWipeSvc.exe [2011-3-28 95544]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-5-25 2275720]
R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2010-2-20 366640]
R2 Recovery Service for Windows;Recovery Service for Windows;C:\Program Files (x86)\SMINST\BLService.exe [2008-11-7 365952]
R2 Sophos AutoUpdate Service;Sophos AutoUpdate Service;C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [2009-8-22 172032]
R2 vfsFPService;Validity Fingerprint Service;C:\Windows\System32\vfsFPService.exe [2008-9-16 599344]
R2 vpnagent;Cisco AnyConnect VPN Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2009-10-9 493248]
R3 enecir;ENE CIR Receiver;C:\Windows\system32\DRIVERS\enecir.sys --> C:\Windows\system32\DRIVERS\enecir.sys [?]
R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
R3 NETw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\NETw5v64.sys --> C:\Windows\system32\DRIVERS\NETw5v64.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 vfs101a;vfs101a;C:\Windows\system32\drivers\vfs101a.sys --> C:\Windows\system32\drivers\vfs101a.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-18 135664]
S3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-11-7 193840]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-18 135664]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;C:\Windows\System32\drivers\libusb0.sys [2009-7-13 28672]
S3 NETw3v64;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\NETw3v64.sys --> C:\Windows\system32\DRIVERS\NETw3v64.sys [?]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 Point64;Microsoft IntelliPoint Filter Driver;C:\Windows\system32\DRIVERS\point64k.sys --> C:\Windows\system32\DRIVERS\point64k.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x64.sys --> C:\Windows\system32\DRIVERS\yk60x64.sys [?]
S4 BCSWAP;BCSWAP;C:\Windows\system32\drivers\BCSWAP.sys --> C:\Windows\system32\drivers\BCSWAP.sys [?]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-6-14 93184]
.
=============== File Associations ===============
.
.reg=Regedit.Document
.
=============== Created Last 30 ================
.
2011-06-23 18:22:08 8873296 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3716C472-BA37-4144-B379-CFCFF730E292}\mpengine.dll
2011-06-23 01:13:31 -------- d-----w- C:\Program Files (x86)\Guitar Pro 5
2011-06-21 16:17:30 -------- d-----w- C:\Users\Owner\AppData\Local\Apple Computer
2011-06-21 05:29:00 -------- d-----w- C:\Users\Owner\AppData\Roaming\SUPERAntiSpyware.com
2011-06-21 05:29:00 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2011-06-21 05:28:42 -------- d-----w- C:\ProgramData\!SASCORE
2011-06-21 05:28:38 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2011-06-18 18:09:25 -------- d-----w- C:\Users\Owner\AppData\Local\Apple
2011-06-16 17:24:59 833024 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-06-15 06:21:56 -------- d-----w- C:\Users\Owner\AppData\Roaming\Unity
2011-06-15 06:17:20 -------- d-----w- C:\Users\Owner\AppData\Local\Unity
2011-06-15 04:44:46 14744 ----a-w- C:\Users\Owner\AppData\Roaming\Microsoft\IdentityCRL\production\ppcrlconfig.dll
2011-06-14 13:20:30 -------- d-----w- C:\Program Files (x86)\ESET
2011-06-14 04:22:05 -------- d-----w- C:\Users\Owner\AppData\Local\AOL
2011-06-14 04:22:05 -------- d-----w- C:\Users\Owner\AppData\Local\AIM
2011-06-12 03:57:58 -------- d-----w- C:\Program Files (x86)\eSupport.com
2011-06-11 18:46:56 442368 ----a-w- C:\Windows\System32\winhttp.dll
2011-06-11 18:46:56 378368 ----a-w- C:\Windows\SysWow64\winhttp.dll
2011-06-11 18:46:31 33280 ----a-w- C:\Windows\System32\drivers\fr-FR\http.sys.mui
2011-06-11 18:46:31 28160 ----a-w- C:\Windows\System32\drivers\en-US\http.sys.mui
2011-06-11 18:45:40 179712 ----a-w- C:\Windows\System32\srvsvc.dll
2011-06-11 18:45:38 12288 ----a-w- C:\Windows\System32\sscore.dll
2011-06-11 18:45:37 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
2011-06-11 18:45:37 17920 ----a-w- C:\Windows\SysWow64\netevent.dll
2011-06-11 18:45:37 17920 ----a-w- C:\Windows\System32\netevent.dll
2011-06-11 18:40:51 8873296 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-06-11 18:38:06 32256 ----a-w- C:\Windows\System32\Apphlpdm.dll
2011-06-11 18:38:06 28672 ----a-w- C:\Windows\SysWow64\Apphlpdm.dll
2011-06-11 18:38:05 4240384 ----a-w- C:\Windows\SysWow64\GameUXLegacyGDFs.dll
2011-06-11 18:38:04 4240384 ----a-w- C:\Windows\System32\GameUXLegacyGDFs.dll
2011-06-11 10:03:47 -------- d-----w- C:\Users\Owner\AppData\Local\Eraser 6
2011-06-11 09:42:44 316416 ----a-w- C:\Windows\System32\msshsq.dll
2011-06-11 09:42:44 231936 ----a-w- C:\Windows\SysWow64\msshsq.dll
2011-06-11 08:54:05 -------- d-----w- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2011-06-11 08:37:47 32768 ----a-w- C:\Windows\System32\nshhttp.dll
2011-06-11 08:37:47 24064 ----a-w- C:\Windows\SysWow64\nshhttp.dll
2011-06-11 08:37:37 610304 ----a-w- C:\Windows\System32\drivers\http.sys
2011-06-11 08:37:34 33792 ----a-w- C:\Windows\System32\httpapi.dll
2011-06-11 08:37:33 31232 ----a-w- C:\Windows\SysWow64\httpapi.dll
2011-06-11 07:47:26 101376 ----a-w- C:\Windows\System32\MSNP.ax
2011-06-11 07:47:25 80896 ----a-w- C:\Windows\SysWow64\MSNP.ax
2011-06-11 07:47:18 375808 ----a-w- C:\Windows\System32\psisdecd.dll
2011-06-11 07:47:18 293376 ----a-w- C:\Windows\SysWow64\psisdecd.dll
2011-06-11 07:47:16 217088 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2011-06-11 07:47:15 289792 ----a-w- C:\Windows\System32\psisrndr.ax
2011-06-11 07:44:08 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2011-06-11 07:44:08 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2011-06-11 07:44:08 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2011-06-11 07:44:08 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2011-06-11 07:44:07 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2011-06-11 07:44:07 444752 ----a-w- C:\Windows\System32\mscoree.dll
2011-06-11 07:44:07 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2011-06-11 07:44:07 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2011-06-11 07:44:07 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2011-06-11 07:44:07 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2011-06-11 07:32:19 2048 ----a-w- C:\Windows\SysWow64\winrsmgr.dll
2011-06-11 07:32:19 2048 ----a-w- C:\Windows\System32\winrsmgr.dll
2011-06-11 07:32:15 13312 ----a-w- C:\Windows\System32\wsmplpxy.dll
2011-06-11 07:32:15 13312 ----a-w- C:\Windows\System32\winrssrv.dll
2011-06-11 07:30:33 201184 ----a-w- C:\Windows\SysWow64\winrm.vbs
2011-06-10 21:02:17 -------- d-----w- C:\Users\Owner\AppData\Local\CrashDumps
2011-06-10 18:41:24 343040 ----a-w- C:\Windows\System32\schannel.dll
2011-06-10 18:41:24 274432 ----a-w- C:\Windows\SysWow64\schannel.dll
2011-06-10 18:40:48 1486848 ----a-w- C:\Program Files\Windows Media Player\setup_wm.exe
2011-06-10 18:40:48 1418752 ----a-w- C:\Program Files (x86)\Windows Media Player\setup_wm.exe
2011-06-10 18:40:47 372736 ----a-w- C:\Windows\System32\unregmp2.exe
2011-06-10 18:40:46 310784 ----a-w- C:\Windows\SysWow64\unregmp2.exe
2011-06-10 18:39:32 1420176 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-06-10 18:39:23 408064 ----a-w- C:\Program Files\Windows NT\Accessories\wordpad.exe
2011-06-10 18:39:23 1923584 ----a-w- C:\Windows\System32\ole32.dll
2011-06-10 18:39:23 1315840 ----a-w- C:\Windows\SysWow64\ole32.dll
2011-06-10 18:39:22 339968 ----a-w- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
2011-06-10 18:39:17 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll
2011-06-10 18:39:17 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll
2011-06-10 18:39:14 461312 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-06-10 18:37:57 317952 ----a-w- C:\Windows\SysWow64\MP4SDECD.DLL
2011-06-10 18:37:57 295424 ----a-w- C:\Windows\System32\MP4SDECD.DLL
2011-06-10 18:37:52 267776 ----a-w- C:\Windows\System32\spoolsv.exe
2011-06-10 18:37:49 81920 ----a-w- C:\Windows\SysWow64\iccvid.dll
2011-06-10 18:37:37 1794560 ----a-w- C:\Windows\System32\msxml6.dll
2011-06-10 18:37:35 1399296 ----a-w- C:\Windows\SysWow64\msxml6.dll
2011-06-10 18:36:59 171008 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2011-06-10 18:36:59 168960 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2011-06-10 18:36:56 8147968 ----a-w- C:\Windows\System32\wmploc.DLL
2011-06-10 18:36:56 8147456 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2011-06-10 18:34:54 32768 ----a-w- C:\Windows\System32\ieUnatt.exe
2011-06-10 18:32:36 2424320 ----a-w- C:\Windows\System32\mstscax.dll
2011-06-10 18:32:33 2067456 ----a-w- C:\Windows\SysWow64\mstscax.dll
2011-06-10 18:32:32 730624 ----a-w- C:\Windows\System32\mstsc.exe
2011-06-10 18:32:32 677888 ----a-w- C:\Windows\SysWow64\mstsc.exe
2011-06-10 18:32:26 82944 ----a-w- C:\Windows\System32\msasn1.dll
2011-06-10 18:32:26 61440 ----a-w- C:\Windows\SysWow64\msasn1.dll
2011-06-10 18:30:46 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-06-10 18:30:46 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-06-10 18:29:23 72192 ----a-w- C:\Windows\System32\l3codeca.acm
2011-06-10 18:29:23 62464 ----a-w- C:\Windows\SysWow64\l3codeca.acm
2011-06-10 18:29:16 622080 ----a-w- C:\Windows\System32\usp10.dll
2011-06-10 18:29:16 501760 ----a-w- C:\Windows\SysWow64\usp10.dll
2011-06-10 18:28:54 1360384 ----a-w- C:\Windows\System32\mfc42u.dll
2011-06-10 18:28:50 1398784 ----a-w- C:\Windows\System32\mfc42.dll
2011-06-10 18:28:49 1136640 ----a-w- C:\Windows\SysWow64\mfc42.dll
2011-06-10 18:28:47 1161728 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2011-06-10 18:28:38 117760 ----a-w- C:\Windows\System32\dnsrslvr.dll
2011-06-10 18:28:37 28672 ----a-w- C:\Windows\System32\dnscacheugc.exe
2011-06-10 18:28:37 25088 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
2011-06-10 18:28:32 1090048 ----a-w- C:\Windows\System32\wmpmde.dll
2011-06-10 18:28:31 866816 ----a-w- C:\Windows\SysWow64\wmpmde.dll
2011-06-10 18:08:58 218112 ----a-w- C:\Windows\System32\wintrust.dll
2011-06-10 18:08:58 171520 ----a-w- C:\Windows\SysWow64\wintrust.dll
2011-06-10 18:07:54 98304 ----a-w- C:\Windows\SysWow64\cabview.dll
2011-06-10 18:07:54 104960 ----a-w- C:\Windows\System32\cabview.dll
2011-06-10 17:42:32 854528 ----a-w- C:\Windows\System32\schedsvc.dll
2011-06-10 17:42:31 655872 ----a-w- C:\Windows\System32\taskschd.dll
2011-06-10 17:42:30 499712 ----a-w- C:\Windows\System32\wmicmiplugin.dll
2011-06-10 17:42:30 357376 ----a-w- C:\Windows\SysWow64\taskschd.dll
2011-06-10 17:42:29 267776 ----a-w- C:\Windows\System32\taskeng.exe
2011-06-10 17:42:28 410112 ----a-w- C:\Windows\System32\taskcomp.dll
2011-06-10 17:42:25 270336 ----a-w- C:\Windows\SysWow64\taskcomp.dll
2011-06-10 17:42:25 171520 ----a-w- C:\Windows\SysWow64\taskeng.exe
2011-06-10 17:25:34 601424 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D46A6282-A434-421D-9868-EFD4213FD3B2}\gapaengine.dll
2011-06-10 17:23:28 2621440 ----a-w- C:\Windows\System32\wucltux.dll
2011-06-10 17:22:50 87552 ----a-w- C:\Windows\SysWow64\wudriver.dll
2011-06-10 17:22:49 98816 ----a-w- C:\Windows\System32\wudriver.dll
2011-06-10 17:22:14 36864 ----a-w- C:\Windows\System32\wuapp.exe
2011-06-10 17:22:14 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe
2011-06-10 17:22:14 185416 ----a-w- C:\Windows\System32\wuwebv.dll
2011-06-10 17:22:14 171608 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2011-06-10 17:20:39 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2011-06-10 17:20:28 -------- d-----w- C:\Program Files\Microsoft Security Client
2011-06-10 17:01:10 -------- d--h--w- C:\ProgramData\Common Files
2011-06-10 16:57:11 -------- d-----w- C:\Users\Owner\AppData\Local\Mil Incorporated
2011-06-10 16:56:39 -------- d-----w- C:\Program Files (x86)\Mil Incorporated
2011-06-10 16:54:18 -------- d-----w- C:\ProgramData\MFAData
2011-06-10 15:51:49 -------- d-----w- C:\Users\Owner\AppData\Local\Deployment
2011-06-10 15:51:49 -------- d-----w- C:\Users\Owner\AppData\Local\Apps
2011-06-10 05:29:45 -------- d-----w- C:\Program Files (x86)\Jetico
2011-06-09 21:42:28 -------- d-----w- C:\Windows\SysWow64\Data
2011-05-30 16:21:28 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
.
==================== Find3M ====================
.
2011-06-03 06:51:14 280768 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2011-06-03 06:51:14 280768 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2011-06-03 06:43:28 280768 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2011-05-29 13:11:30 39984 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-05-29 13:11:20 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-05-18 13:24:12 2760704 ----a-w- C:\Windows\System32\win32k.sys
2011-05-13 10:02:51 58432 ----a-w- C:\Windows\System32\drivers\fsh.sys
2011-05-04 08:52:22 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-05-02 16:35:51 975360 ----a-w- C:\Windows\System32\inetcomm.dll
2011-05-02 15:58:28 738816 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-04-29 13:12:26 176128 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-04-29 13:12:20 144896 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-04-29 13:11:56 135168 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2011-04-29 13:11:55 274432 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-04-29 13:11:52 105984 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2011-04-21 15:29:00 1032704 ----a-w- C:\Windows\System32\wininet.dll
2011-04-21 15:24:26 86528 ----a-w- C:\Windows\System32\ieencode.dll
2011-04-21 14:57:48 78336 ----a-w- C:\Windows\SysWow64\ieencode.dll
2011-04-21 13:59:55 485376 ----a-w- C:\Windows\System32\html.iec
2011-04-21 13:42:48 407552 ----a-w- C:\Windows\System32\drivers\afd.sys
2011-04-21 13:34:37 1383424 ----a-w- C:\Windows\System32\mshtml.tlb
2011-04-21 13:28:42 389632 ----a-w- C:\Windows\SysWow64\html.iec
2011-04-21 13:08:37 1383424 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-04-14 14:45:13 97792 ----a-w- C:\Windows\System32\drivers\dfsc.sys
2011-04-09 22:55:44 15453336 ----a-w- C:\Windows\SysWow64\xlive.dll
2011-04-09 22:55:42 13642904 ----a-w- C:\Windows\SysWow64\xlivefnt.dll
2010-07-19 19:33:11 925080 ----a-w- C:\Program Files (x86)\HyCam2.exe
2010-07-09 16:48:00 132608 ----a-w- C:\Program Files (x86)\CamRes2.dll
2010-04-26 20:18:02 44032 ----a-w- C:\Program Files (x86)\MClick2.dll
2010-04-26 20:05:41 78248 ----a-w- C:\Program Files (x86)\UnHyCam2.exe
.
============= FINISH: 16:10:13.89 ===============

killza 0 Light Poster · Answer 12 · 2011-06-24T02:35:56+00:00

this is the first scan i did:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 06/21/2011 at 03:27 AM

Application Version : 4.54.1000

Core Rules Database Version : 7295
Trace Rules Database Version: 5107

Scan type       : Complete Scan
Total Scan Time : 01:56:06

Memory items scanned      : 701
Memory threats detected   : 0
Registry items scanned    : 15485
Registry threats detected : 38
File items scanned        : 58095
File threats detected     : 416

Adware.HBHelper
    (x86) HKLM\Software\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
    (x86) HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
    (x86) HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
    (x86) HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\InprocServer32
    (x86) HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\InprocServer32#ThreadingModel
    (x86) HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\ProgID
    (x86) HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\TypeLib
    (x86) HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\VersionIndependentProgID
    (x86) HKCR\URLSearchHook.ToolbarURLSearchHook.1
    (x86) HKCR\URLSearchHook.ToolbarURLSearchHook.1\CLSID
    (x86) HKCR\URLSearchHook.ToolbarURLSearchHook
    (x86) HKCR\URLSearchHook.ToolbarURLSearchHook\CLSID
    (x86) HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
    (x86) HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}\1.0
    (x86) HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}\1.0\0
    (x86) HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}\1.0\0\win32
    (x86) HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}\1.0\FLAGS
    (x86) HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}\1.0\HELPDIR
    C:\PROGRAM FILES (X86)\HYPERCAM TOOLBAR\TBHELPER.DLL

Adware.Tracking Cookie
    C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@ar.atwola[2].txt
    C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@advertising[1].txt
    C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@cdn.at.atwola[1].txt
    C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@bellcan.adbureau[1].txt
    C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@at.atwola[1].txt
    C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@atdmt[1].txt
    C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@ar.atwola[1].txt
    C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@atwola[2].txt
    C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@tacoda.at.atwola[1].txt
    C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@doubleclick[1].txt
    C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@atdmt.combing[2].txt
    .atdmt.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .pelmorexmedia.122.2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adserver.adtechus.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .kontera.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .atdmt.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .atdmt.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .bellcan.adbureau.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .content.yieldmanager.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .invitemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    adserver.twitpic.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .serving-sys.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .imrworldwide.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .imrworldwide.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ero-advertising.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .traffichaus.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .pointroll.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .serving-sys.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .torstardigital.122.2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .mediaplex.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ru4.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .r1-ads.ace.advertising.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .yieldmanager.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adbrite.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .microsoftsto.112.2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .legolas-media.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ads.dkelseymedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .clickbank.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .lfstmedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    wstat.wibiya.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    in.getclicky.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ru4.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .toplist.cz [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .eyewonder.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .eyewonder.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .burstnet.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .invitemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .specificclick.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ads.networldmedia.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adxpose.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .networldmedia.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .networldmedia.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .vitamine.networldmedia.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .vitamine.networldmedia.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .mlbam.112.2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .dmtracker.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .networldmedia.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ads.crakmedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .analytics.rogersmedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .rogersmedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .[url]www.burstnet.com[/url] [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .nextag.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .nextag.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .247realmedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .saxowesterncommunications.122.2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adtech.de [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .overture.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .invitemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .interclick.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .interclick.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .a1.interclick.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .a1.interclick.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .interclick.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .msnportal.112.2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .trafficmp.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .trafficmp.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .trafficmp.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .technoratimedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .technoratimedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .technoratimedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .clickaider.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .apmebf.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .trackalyzer.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    t4.trackalyzer.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    stat.onestat.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    stat.onestat.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    stat.onestat.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .eset.122.2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .clicksport.com.au [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .clicksport.com.au [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .clicksport.com.au [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    [url]www.clicksport.com.au[/url] [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    [url]www.clicksport.com.au[/url] [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .clicksport.com.au [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    gr.burstnet.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ad.yieldmanager.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    gotacha.rotator.hadj7.adjuggler.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    gotacha.rotator.hadj7.adjuggler.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    gotacha.rotator.hadj7.adjuggler.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    gotacha.rotator.hadj7.adjuggler.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .clickfuse.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ad.yieldmanager.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .networldmedia.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .xm.xtendmedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ads.dougallmedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .s.clickability.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .chicagosuntimes.122.2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .112.2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.traffichaus.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .msnbc.112.2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    [url]www.star-advertising.com[/url] [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    [url]www.star-advertising.com[/url] [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    [url]www.star-advertising.com[/url] [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    [url]www.star-advertising.com[/url] [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    [url]www.star-advertising.com[/url] [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    [url]www.star-advertising.com[/url] [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.traffichaus.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    adserver2.exgfnetwork.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .exoclick.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .pornhub.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .pornhub.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .pornhub.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .pornhub.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .pornhub.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ads.crakmedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adxpansion.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    pornografish.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .banners.sexfinder.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .banners.sexfinder.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .banners.sexfinder.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .banners.sexfinder.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .banners.sexfinder.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adserver.adtechus.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .educationcom.112.2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .atlanticmedia.122.2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .technoratimedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adultfriendfinder.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adultfriendfinder.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adultfriendfinder.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adultfriendfinder.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adultfriendfinder.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adultfriendfinder.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adultfriendfinder.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adultfriendfinder.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ads.zeusclicks.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ads.trafficjunky.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adserver.adtechus.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .doubleclick.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .realmedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .realmedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .realmedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    [url]www.perthshireadvertiser.co.uk[/url] [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .perthshireadvertiser.co.uk [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .trinitymirror.112.2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .at.atwola.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .smartadserver.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .smartadserver.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .smartadserver.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .smartadserver.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .smartadserver.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .xiti.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .overture.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    pluckit.demandmedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    com.diversitymediaservices.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    citi.bridgetrack.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    citi.bridgetrack.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    citi.bridgetrack.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    citi.bridgetrack.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .realmedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .webstat.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .webstat.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .webstat.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .burstnet.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .teenburg.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .teenburg.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .teenburg.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .chitika.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .mm.chitika.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .associatedcontent.112.2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .lfstmedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .eaeacom.112.2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adbrite.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .lucidmedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .technoratimedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .technoratimedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .technoratimedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .technoratimedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .mediabrandsww.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .invitemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .kontera.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    rbc.bridgetrack.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    rbc.bridgetrack.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    rbc.bridgetrack.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    rbc.bridgetrack.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    rbc.bridgetrack.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    rbc.bridgetrack.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    rbc.bridgetrack.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .fastclick.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .doubleclick.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .yadro.ru [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .yadro.ru [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .atdmt.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    dc.tremormedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adbrite.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adbrite.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .networldmedia.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .pointroll.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .invitemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .invitemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .invitemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .invitemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .112.2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .fastclick.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .fastclick.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .fastclick.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    s03.flagcounter.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adserver.adtechus.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .s.clickability.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ihg.db.advertising.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .questionmarket.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .questionmarket.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .vitamine.networldmedia.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adcentriconline.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ads.networldmedia.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    adserver.valwa.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .kantarmedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .kantarmedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ads.networldmedia.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    eas.apm.emediate.eu [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    eas.apm.emediate.eu [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    eas.apm.emediate.eu [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .networldmedia.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    vitamine.networldmedia.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    vitamine.networldmedia.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .pro-market.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .serving-sys.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .mediaplex.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    [url]www.burstnet.com[/url] [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .burstnet.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .serving-sys.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .serving-sys.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    [url]www.ignitesocialmedia.com[/url] [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ignitesocialmedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ignitesocialmedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ignitesocialmedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ignitesocialmedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    [url]www.ignitesocialmedia.com[/url] [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .statcounter.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .examinercom.122.2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .content.yieldmanager.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adbrite.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adbrite.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adbrite.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adbrite.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adbrite.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adbrite.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adbrite.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tribalfusion.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .c.gigcount.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    statse.webtrendslive.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .at.atwola.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.at.atwola.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.at.atwola.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.at.atwola.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.at.atwola.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .at.atwola.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.at.atwola.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ar.atwola.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .invitemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .legolas-media.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .legolas-media.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    adsatt.espn.go.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    akamai.smartadserver.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    bc.youporn.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    cdn1.static.pornhub.phncdn.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    cdn2.invitemedia.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    cdn2.themis-media.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    cdn5.specificclick.net [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    cloud.video.unrulymedia.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    cloudfront.mediamatters.org [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    content.oddcast.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    content.yieldmanager.edgesuite.net [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    convoad.technoratimedia.net [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    core.insightexpressai.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    i.adultswim.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    ia.media-imdb.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    media.azfamily.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    media.ign.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    media.kyte.tv [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    media.lintvnews.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    media.mtvnservices.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    media.nbcdfw.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    media.onsugar.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    media.wfaa.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    media01.kyte.tv [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    media1.break.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    media1.clubpenguin.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    msnbcmedia.msn.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    naiadsystems.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    objects.tremormedia.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    richmedia247.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    s0.2mdn.net [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    secure-us.imrworldwide.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    serving-sys.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    sex.chatroulette.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    stat.easydate.biz [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    static.xxxmatch.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    streamlivesex.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    tracksimple.s3.amazonaws.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    vidii.hardsextube.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    vitamine.networldmedia.net [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    [url]www.77tracking.com[/url] [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    [url]www.alphaporno.com[/url] [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    [url]www.bannerconnect.net[/url] [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    [url]www.media.gov.on.ca[/url] [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    [url]www.naiadsystems.com[/url] [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    [url]www.pornhub.com[/url] [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    [url]www.soundclick.com[/url] [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    [url]www.stayteen.org[/url] [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    [url]www.unmultimedia.org[/url] [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]
    wwwstatic.megaporn.com [ C:\Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2MKABN5J ]

Browser Hijacker.Deskbar
    (x86) HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
    (x86) HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\ProxyStubClsid
    (x86) HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\ProxyStubClsid32
    (x86) HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\TypeLib
    (x86) HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\TypeLib#Version

Adware.Zango/ShoppingReport
    (x86) HKCR\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861}
    (x86) HKCR\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861}\ProxyStubClsid
    (x86) HKCR\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861}\ProxyStubClsid32
    (x86) HKCR\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861}\TypeLib
    (x86) HKCR\Interface\{618AAD04-921F-44C2-BE38-C0818AF69861}\TypeLib#Version
    (x86) HKCR\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337}
    (x86) HKCR\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337}\ProxyStubClsid
    (x86) HKCR\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337}\ProxyStubClsid32
    (x86) HKCR\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337}\TypeLib
    (x86) HKCR\Interface\{B5D2ED96-62F9-4C2C-956D-E425B1F67337}\TypeLib#Version
    (x86) HKCR\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB}
    (x86) HKCR\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB}\ProxyStubClsid
    (x86) HKCR\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB}\ProxyStubClsid32
    (x86) HKCR\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB}\TypeLib
    (x86) HKCR\Interface\{D3A412E8-1E4B-47D2-9B12-F88291F5AFBB}\TypeLib#Version

Trojan.Agent/Gen-FakeDrop
    C:\MUSIC\I-DOSER DRG\I-DOSER\UNINSTAL.EXE
    C:\WORK\OTHERS\I-DOSER\UNINSTAL.EXE



this is the second scan i did:

SUPERAntiSpyware Scan Log
[url]http://www.superantispyware.com[/url]

Generated 06/22/2011 at 04:22 AM

Application Version : 4.54.1000

Core Rules Database Version : 7295
Trace Rules Database Version: 5107

Scan type       : Complete Scan
Total Scan Time : 01:53:53

Memory items scanned      : 680
Memory threats detected   : 0
Registry items scanned    : 15493
Registry threats detected : 0
File items scanned        : 58001
File threats detected     : 118

Adware.Tracking Cookie
    C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@microsoftwllivemkt.112.2o7[1].txt
    C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@atdmt[2].txt
    C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@atdmt.combing[2].txt
    .adtech.de [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .interclick.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .interclick.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .a1.interclick.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .a1.interclick.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .interclick.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .msnportal.112.2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .trafficmp.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .trafficmp.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .trafficmp.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .clickaider.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .trackalyzer.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    t4.trackalyzer.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    stat.onestat.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    stat.onestat.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    stat.onestat.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .eset.122.2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .stayteen.org [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .stayteen.org [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .stayteen.org [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .stayteen.org [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .stayteen.org [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adultfriendfinder.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .exoclick.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.traffichaus.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ads.crakmedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .banners.sexfinder.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .banners.sexfinder.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .banners.sexfinder.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .banners.sexfinder.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .banners.sexfinder.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adultfriendfinder.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adultfriendfinder.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adultfriendfinder.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adultfriendfinder.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adultfriendfinder.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adultfriendfinder.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adultfriendfinder.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    pornografish.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adxpansion.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .serving-sys.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .serving-sys.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .atdmt.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .imrworldwide.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .imrworldwide.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adserver.adtechus.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .bs.serving-sys.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .serving-sys.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .serving-sys.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .apmebf.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .mediaplex.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    [url]www.whistlerquestion.com[/url] [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .whistlerquestion.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .whistlerquestion.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .whistlerquestion.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .whistlerquestion.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .torstardigital.122.2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .mediaplex.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .atdmt.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .pointroll.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .pointroll.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .mlbam.112.2o7.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .atdmt.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .atdmt.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .bellcan.adbureau.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .r1-ads.ace.advertising.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .yieldmanager.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .doubleclick.net [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tribalfusion.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies ]

killza 0 Light Poster · Answer 13 · 2011-06-24T02:49:47+00:00

killza 0 Light Poster

13 Years Ago

done. is my computer hijacked already?

jholland1964 650 Posting Expert Team Colleague Featured Poster · Answer 14 · 2011-06-24T08:40:23+00:00

jholland1964 650 Posting Expert

13 Years Ago

Where is the new SAS scan with the updated program?

killza 0 Light Poster · Answer 15 · 2011-06-25T01:09:49+00:00

I updated SAS right before I did the scan yesterday.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 06/24/2011 at 01:44 AM

Application Version : 4.54.1000

Core Rules Database Version : 7320
Trace Rules Database Version: 5132

Scan type : Complete Scan
Total Scan Time : 02:00:02

Memory items scanned : 697
Memory threats detected : 0
Registry items scanned : 15504
Registry threats detected : 0
File items scanned : 57867
File threats detected : 2

Adware.Tracking Cookie
C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@atdmt[2].txt
C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\owner@atdmt.combing[2].txt

jholland1964 650 Posting Expert Team Colleague Featured Poster · Answer 16 · 2011-06-25T01:23:08+00:00

You are still showing tracking cookies being found. You need to change your browser settings on all of your browsers to block all 3rd party cookies which include tracking cookies.

Now you said the chrome browser had been renamed. That isn't showing in the logs.
Look at my attachments do you mean that where google normally shows, as in my first attachment that it now shows "what what" similar my second attachment? I don't have the chrome browser so I just had to create these from web pictures so they may not be what you are talking about. If you can could you post a print screen to make it clearer?

gerbil 216 Industrious Poster · Answer 17 · 2011-06-25T19:16:04+00:00

Isn't this new "Google paradigm" sweet? You are now actually able to clock up some sleep, Jude.

jholland1964 650 Posting Expert Team Colleague Featured Poster · Answer 18 · 2011-06-25T20:07:42+00:00

Isn't this new "Google paradigm" sweet? You are now actually able to clock up some sleep, Jude.

What what??:D

killza 0 Light Poster · Answer 19 · 2011-07-01T10:22:30+00:00

So I reinstalled my OS (windows Vista) today and this was the problem I was talking about http://imgur.com/vW19S

jholland1964 650 Posting Expert Team Colleague Featured Poster · Answer 20 · 2011-07-01T10:39:25+00:00

Sorry, like I told you I don't use Chrome so somebody who does will have to answer that. Have you tried renaming it?

the.avon.lady1 0 Newbie Poster · Answer 21 · 2011-07-02T23:47:36+00:00

I am new here and have a question and not sure where to post it. I found this because I was doing a serch for "AppData/Roming/Microsoft/Windows can't get rid of this tracking cookie what do I do?" I am in a dilemma and don't know what to do. I am not very computer savy. I need to say that up front, now here is my story. I have a new Dell computer only a few months old. I have McAfee and Super Anti- Spyware installed. My computer was makeing a clicking noise so I called customer support for Dell. The tec got on my computer via online and did some checks then said I had spyware and wanted to charge me $199.99 then said he would give me a deal for half. I am on a tight budget and paying off the computer so just can't afford it. So called Mcafee which said no spyware. However, when I run the Super Anti-Spyware it keeps showing the above listed tracking cookies. It prompts me to reboot to get rid of it but they won't go away. So I don't know if I have spyware or not but am afraid to do nothing. Somebody please advise because I don't know what to do! Thanks in advance for any help!!

jholland1964 650 Posting Expert Team Colleague Featured Poster · Answer 22 · 2011-07-03T00:15:52+00:00

the.avon.lady1, this is another person's thread and you shouldn't post your problems in anothers. Too confusing for one thing and also unfair to the original thread creator.

Go to the top of the front page and click Start a new thread, as shown in my attachment. Then name and create your own thread. State all of your problems and somebody will be most happy to assist.