Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Search Search
Search for:
Tech Support Guy > > >

Need help with possible virus

(In Progress)
(!)

ptstrawther's Avatar
ptstrawther ptstrawther is offline
Member with 22 posts.
THREAD STARTER
 
Join Date: Jun 2012
Experience: Advanced
24-Jun-2012, 08:20 PM #1
Need help with possible virus
The computer is playing various advertising commercials while browsing on the web. I think I am being redirected to other websites as well.

I have disconnected the infected PC from my network and I have completed the following logs. I have also have run malware bytes in safe-mode but the results came back with no infected files.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:47:43 PM, on 6/24/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120623122548.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
O4 - HKCU\..\Run: [EPSON Stylus CX9400Fax Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICFA.EXE /FU "C:\Windows\TEMP\E_S2E8E.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files (x86)\Canon\CAL\CALMAIN.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Dell DataSafe Online (NOBU) - Dell, Inc. - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11404 bytes



.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by LTatum at 19:49:19 on 2012-06-24
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4061.2704 [GMT -5:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Canon\CAL\CALMAIN.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\mcafee.com\agent\mcagent.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\taskeng.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\REGSVR32.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120623122548.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uRun: [EPSON Stylus CX9400Fax Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICFA.EXE /FU "C:\Windows\TEMP\E_S2E8E.tmp" /EF "HKCU"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun: [<NO NAME>]
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
StartupFolder: C:\Users\LTatum\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Trusted Zone: intuit.com\ttlc
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{6D799951-6725-458A-A13A-71550E12849B} : DhcpNameServer = 192.168.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\msc\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120623122548.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO-X64: Ask Toolbar BHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun-x64: [(Default)]
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\system32\DRIVERS\ctxusbm.sys --> C:\Windows\system32\DRIVERS\ctxusbm.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2010-1-11 155648]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-1-5 13336]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-12-22 249936]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-12-22 249936]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-12-22 249936]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-12-22 249936]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2011-12-22 199272]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2011-12-22 210584]
R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]
R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers\IntcHdmi.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-12 257224]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe [2010-9-3 227232]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-8-25 13672]
S4 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-9-4 1116656]
S4 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-9-4 219632]
S4 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-1-5 1692480]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-06-24 23:05:14 388096 ----a-r- C:\Users\LTatum\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-06-24 23:05:13 -------- d-----w- C:\Program Files (x86)\Trend Micro
2012-06-24 19:28:08 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-22 20:01:09 -------- d-----w- C:\Program Files (x86)\Nmap
2012-06-22 20:01:08 -------- d-----w- C:\ProgramData\XDMessaging
2012-06-22 20:00:59 -------- d-----w- C:\Program Files (x86)\iYogi
2012-06-22 19:56:33 -------- d-----w- C:\Program Files (x86)\PC Optimizer Renewal
2012-06-22 12:27:15 -------- d-----w- C:\Users\LTatum\AppData\Local\{375150A6-E68B-4095-8B8E-C76034D7CA2D}
2012-06-22 12:27:04 -------- d-----w- C:\Users\LTatum\AppData\Local\{46BE565E-40D6-4DC0-8A75-A4DD4D7F2928}
2012-06-22 06:15:45 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-22 06:15:35 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-22 06:15:26 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-22 06:15:26 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-22 00:37:30 -------- d-----w- C:\Windows\pss
2012-06-21 23:37:53 -------- dc-h--w- C:\ProgramData\{CBCE2F73-24E4-481F-84B2-1A5EB720D187}
2012-06-21 23:37:05 -------- d-----w- C:\Users\LTatum\AppData\Local\PackageAware
2012-06-21 22:07:57 -------- d-----w- C:\APCT
2012-06-21 22:07:44 -------- d-----w- C:\Users\LTatum\AppData\Roaming\iYogi
2012-06-21 22:03:31 77312 ----a-w- C:\Windows\SysWow64\ztvunace26.dll
2012-06-21 22:03:31 75264 ----a-w- C:\Windows\SysWow64\unacev2.dll
2012-06-21 22:03:31 69632 ----a-w- C:\Windows\SysWow64\ztvcabinet.dll
2012-06-21 22:03:31 162304 ----a-w- C:\Windows\SysWow64\ztvunrar36.dll
2012-06-21 22:03:31 153088 ----a-w- C:\Windows\SysWow64\UNRAR3.dll
2012-06-21 22:03:30 -------- d-----w- C:\ProgramData\Simply Super Software
2012-06-21 22:03:30 -------- d-----w- C:\Program Files (x86)\Trojan Remover
2012-06-21 22:01:51 279317322 ----a-w- C:\backup.reg
2012-06-21 20:52:38 -------- d-----w- C:\Users\LTatum\AppData\Roaming\QuickScan
2012-06-21 20:51:58 -------- d-----w- C:\ProgramData\SmartPCScan
2012-06-21 20:48:05 -------- d-----w- C:\Users\LTatum\AppData\Roaming\Malwarebytes
2012-06-21 20:47:54 -------- d-----w- C:\ProgramData\Malwarebytes
2012-06-21 20:42:41 -------- d-----w- C:\Program Files (x86)\iYogi Support Dock
2012-06-21 15:49:55 -------- d-----w- C:\Users\LTatum\AppData\Local\{C0F7B890-3548-4A26-9CE2-5367DF41320C}
2012-06-21 15:49:45 -------- d-----w- C:\Users\LTatum\AppData\Local\{344AE900-3109-4B43-9021-5137C7DC8026}
2012-06-21 15:45:42 -------- d-----w- C:\Windows\en
2012-06-21 15:43:27 19736 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-06-21 15:40:29 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2f3254491cd4fc406\DXSETUP.exe
2012-06-21 15:40:29 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2f3254491cd4fc406\dsetup32.dll
2012-06-21 15:40:29 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2fb53ff81cd4fc407\MeshBetaRemover.exe
2012-06-21 15:40:28 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2f3254491cd4fc406\DSETUP.dll
2012-06-21 15:40:23 -------- d-----w- C:\Users\LTatum\AppData\Local\{7613BE45-5167-4D6D-8465-3D2DC8C87F0B}
2012-06-21 15:39:47 -------- d-----w- C:\Users\LTatum\AppData\Local\{69DB9448-5722-4430-98CF-3824E84FD0BC}
2012-06-21 15:39:36 -------- d-----w- C:\Users\LTatum\AppData\Local\{256CF503-EA63-4490-96FC-4C34FEC2F828}
2012-06-19 20:59:30 -------- d-----w- C:\Users\LTatum\AppData\Local\{CDF3701A-B43D-4491-9607-8913FF34BF57}
2012-06-19 20:59:14 -------- d-----w- C:\Users\LTatum\AppData\Local\{A7898F41-25D1-4F03-80DE-5AAD645A5474}
2012-06-18 12:03:12 -------- d-----w- C:\Users\LTatum\AppData\Local\{5D089F18-C2DD-4149-B937-60063D653EE6}
2012-06-17 19:06:31 -------- d-----w- C:\Users\LTatum\AppData\Local\{32FF978D-99D9-4167-87C8-0641E375CA9D}
2012-06-16 12:35:42 -------- d-----w- C:\Users\LTatum\AppData\Local\{6577763D-8202-491A-9A0B-EA711027379E}
2012-06-16 00:31:53 -------- d-----w- C:\Users\LTatum\AppData\Local\{2F2A4189-ED9C-4474-AB82-3DE3689EDFA5}
2012-06-13 14:36:06 -------- d-----w- C:\Users\LTatum\AppData\Local\{DF1D5D66-3369-4446-8DC7-8BC8D024B3E9}
2012-06-13 14:35:56 -------- d-----w- C:\Users\LTatum\AppData\Local\{917F9E9F-994D-48C1-AFE4-D9B8E703C5CF}
2012-06-13 14:17:15 -------- d-----w- C:\Users\LTatum\AppData\Local\{CEC0AAE8-3CAC-4C6C-A9DB-9AFFE4B4F405}
2012-06-13 14:17:05 -------- d-----w- C:\Users\LTatum\AppData\Local\{56841181-5AA1-4C0E-9692-5C0BDEC4F0AA}
2012-06-13 13:48:10 -------- d-----w- C:\Users\LTatum\AppData\Local\{F9AE8D07-A034-4D89-AC2B-033A61BF92E6}
2012-06-13 13:47:59 -------- d-----w- C:\Users\LTatum\AppData\Local\{CF1B6FD9-C9C2-4486-AE8C-6DA4013E4C51}
2012-06-13 05:47:02 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-06-13 05:47:02 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-06-13 05:47:01 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-06-13 05:46:06 209920 ----a-w- C:\Windows\System32\profsvc.dll
2012-06-13 05:45:41 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-06-13 05:45:39 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-06-13 05:45:39 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-06-13 05:45:10 3146752 ----a-w- C:\Windows\System32\win32k.sys
2012-06-13 05:44:42 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-06-13 05:44:15 3216384 ----a-w- C:\Windows\System32\msi.dll
2012-06-13 05:44:14 2342400 ----a-w- C:\Windows\SysWow64\msi.dll
2012-06-13 05:44:08 1462272 ----a-w- C:\Windows\System32\crypt32.dll
2012-06-13 05:44:07 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-06-13 05:44:07 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-06-13 05:44:07 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-06-13 05:44:06 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-06-13 05:44:05 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-06-13 00:51:51 -------- d-----w- C:\Users\LTatum\AppData\Local\{6E1B2684-9ECA-4F49-86B1-F3378BCC0FC9}
2012-06-13 00:51:41 -------- d-----w- C:\Users\LTatum\AppData\Local\{4B3ACDA6-D2C6-49B0-BE72-BFCAE96073C9}
2012-06-12 15:17:24 -------- d-----w- C:\Users\LTatum\AppData\Local\{5309EA47-A33F-48CE-BFCB-DCF8C1034FF0}
2012-06-12 15:17:14 -------- d-----w- C:\Users\LTatum\AppData\Local\{D5E204C7-3BFA-4643-8FD1-171F989D1B88}
2012-06-08 16:42:19 -------- d-----w- C:\Users\LTatum\AppData\Local\{ED13C14F-ECB4-4D67-9726-EB7BFA4527B9}
2012-06-08 16:42:09 -------- d-----w- C:\Users\LTatum\AppData\Local\{02546748-BAE7-4D78-82D3-BFCCB1204448}
2012-06-08 14:30:36 -------- d-----w- C:\Users\LTatum\AppData\Local\{9D28A1FA-EF93-4352-BAD4-0A53A4D8C156}
2012-06-08 14:30:25 -------- d-----w- C:\Users\LTatum\AppData\Local\{E99D1455-0C64-40B5-A28C-484569F8A1A8}
2012-06-08 13:43:56 -------- d-----w- C:\Users\LTatum\AppData\Local\{94C87087-3D77-4A5D-8F3F-3114E2FE429E}
2012-06-08 13:43:45 -------- d-----w- C:\Users\LTatum\AppData\Local\{91691764-AE89-41AB-9679-5922E76A2F3F}
2012-06-07 15:23:38 -------- d-----w- C:\Users\LTatum\AppData\Local\{6FB2DE62-FDCC-43C4-A61A-F3BA558090AA}
2012-06-07 15:23:28 -------- d-----w- C:\Users\LTatum\AppData\Local\{3083B39A-47D1-4D83-8F7B-1E7A5B310EC9}
2012-06-06 23:58:04 -------- d-----w- C:\Users\LTatum\AppData\Local\{898726AA-7BBC-4B04-A1BC-A20452D84CD3}
2012-06-06 23:57:53 -------- d-----w- C:\Users\LTatum\AppData\Local\{413A3C3C-6D41-4087-A82A-2F29097DC5CC}
2012-06-06 17:55:13 -------- d-----w- C:\Users\LTatum\AppData\Local\{EA51FBC4-92C3-4E76-8904-50D60429C77D}
2012-06-06 17:55:03 -------- d-----w- C:\Users\LTatum\AppData\Local\{7875012D-5F8C-4F9B-9665-298834027618}
2012-06-06 16:33:37 -------- d-----w- C:\Users\LTatum\AppData\Local\{7D821715-00FC-4DCF-ABAF-8B2CF47CD599}
2012-06-06 16:33:26 -------- d-----w- C:\Users\LTatum\AppData\Local\{B2C6D438-2F64-49EC-ACB3-315CDD852328}
2012-06-05 20:56:52 -------- d-----w- C:\Users\LTatum\AppData\Local\{7018B8BF-3730-49B2-A233-B4135CECB035}
2012-06-05 20:56:41 -------- d-----w- C:\Users\LTatum\AppData\Local\{2F621097-2ED9-42EF-B6D8-F3A93F586DF0}
2012-06-05 19:32:37 -------- d-----w- C:\Users\LTatum\AppData\Local\{0D893943-3D79-4E73-AB91-EB00A505B756}
2012-06-05 19:32:27 -------- d-----w- C:\Users\LTatum\AppData\Local\{17430069-E073-4C8E-AEE8-D7F5DCCB359E}
2012-06-05 14:50:58 -------- d-----w- C:\Users\LTatum\AppData\Local\{8775437E-D3C7-41FE-A953-9157F35ED394}
2012-06-05 14:50:48 -------- d-----w- C:\Users\LTatum\AppData\Local\{B0A6C8F7-0BA2-40CF-8BB9-8063365AAA4B}
2012-06-04 16:50:13 -------- d-----w- C:\Users\LTatum\AppData\Local\{A12181EE-ADF8-4337-91F8-559C2EF317A9}
2012-06-04 16:50:03 -------- d-----w- C:\Users\LTatum\AppData\Local\{43AD9825-FAAC-48A0-B124-BDF88CFFB810}
2012-06-03 15:59:12 -------- d-----w- C:\Users\LTatum\AppData\Local\{F01EAA39-F10E-455B-A4AD-1E4D738A935B}
2012-06-03 15:59:02 -------- d-----w- C:\Users\LTatum\AppData\Local\{287B2615-5B31-4060-A5AA-9AFB373FD312}
2012-06-02 19:00:59 -------- d-----w- C:\Users\LTatum\AppData\Local\{94FA9A36-2268-4D52-961E-184FFD84AA0C}
2012-06-02 19:00:48 -------- d-----w- C:\Users\LTatum\AppData\Local\{7B9B1439-F8C7-4096-97DA-C893C7377881}
2012-06-02 15:58:34 -------- d-----w- C:\Users\LTatum\AppData\Local\{D4717EB2-1CBE-4565-91AB-BAC6C9266B01}
2012-06-02 15:58:24 -------- d-----w- C:\Users\LTatum\AppData\Local\{D4EA7C96-9D88-42B6-95B1-1FF2A5B4EE81}
2012-06-02 14:50:26 -------- d-----w- C:\Users\LTatum\AppData\Local\{E2690EBC-6E5E-4438-A278-1A42EDCA4E91}
2012-06-02 14:50:15 -------- d-----w- C:\Users\LTatum\AppData\Local\{103B7F68-D9D8-4EE0-A6D2-1CE326655439}
2012-06-02 14:46:26 -------- d-----w- C:\Users\LTatum\AppData\Local\{FB930BFF-54E9-4DFC-A561-C98B11607176}
2012-05-30 16:02:00 -------- d-----w- C:\Users\LTatum\AppData\Local\{CA81264B-220C-4495-9763-046EAF0E3A45}
2012-05-30 16:01:50 -------- d-----w- C:\Users\LTatum\AppData\Local\{B026E788-17D4-4EEB-B111-6E61602CF37F}
2012-05-29 20:45:06 -------- d-----w- C:\Users\LTatum\AppData\Local\{E59A831A-5FAF-4B8F-993F-8E78630E449D}
2012-05-29 20:44:56 -------- d-----w- C:\Users\LTatum\AppData\Local\{C70E95BB-B463-4760-BE37-B60B021C0832}
2012-05-29 20:11:09 -------- d-----w- C:\Users\LTatum\AppData\Local\{93A28B5B-EE7C-4CA7-B300-A0383AB39625}
2012-05-29 20:10:58 -------- d-----w- C:\Users\LTatum\AppData\Local\{06FE38CA-0A98-412E-8FD5-BE5CF961065F}
2012-05-29 18:27:10 -------- d-----w- C:\Users\LTatum\AppData\Local\{81E5F753-2843-4CB3-BFD1-68BF59FBE13D}
2012-05-29 18:27:00 -------- d-----w- C:\Users\LTatum\AppData\Local\{7812D4F9-81C0-461D-9F8A-4D131084CBB4}
2012-05-29 13:46:41 -------- d-----w- C:\Users\LTatum\AppData\Local\{ABB11B6B-EB48-46D1-872E-A8FA88E6826D}
2012-05-29 13:46:31 -------- d-----w- C:\Users\LTatum\AppData\Local\{594E7DBB-015F-4B92-81B8-F2E023105EE8}
2012-05-28 13:25:00 163048 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10141.bin
.
==================== Find3M ====================
.
2012-06-13 13:08:41 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-13 13:08:41 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-05-05 08:54:10 8769696 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-03-28 21:37:39 102248 ----a-w- C:\Users\LTatum\GoToAssistDownloadHelper.exe
.
============= FINISH: 19:57:50.96 ===============


ark.txt was blank
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
ptstrawther's Avatar
ptstrawther ptstrawther is offline
Member with 22 posts.
THREAD STARTER
 
Join Date: Jun 2012
Experience: Advanced
26-Jun-2012, 11:12 AM #2
bump
ptstrawther's Avatar
ptstrawther ptstrawther is offline
Member with 22 posts.
THREAD STARTER
 
Join Date: Jun 2012
Experience: Advanced
28-Jun-2012, 07:52 AM #3
bump
flavallee's Avatar
flavallee   (Frank) flavallee is online now flavallee is a Trusted Advisor with special permissions. flavallee has a Profile Picture
Computer Specs
Trusted Advisor with 58,952 posts.
 
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
28-Jun-2012, 11:09 AM #4
Download and save and then install the free version of

SUPERAntiSpyware 5.5.0.1006

Make sure to update its definition files during the install process.

Make sure to uncheck and decline to install any extras, such as toolbars and homepages, it may offer.

After it's installed and updated, restart the computer.

Start it, then run a quick scan.

When the scan is finished, select and remove EVERYTHING it found.

Restart the computer, if prompted to, so the removal process can finish.

----------------------------------------------------------------
flavallee's Avatar
flavallee   (Frank) flavallee is online now flavallee is a Trusted Advisor with special permissions. flavallee has a Profile Picture
Computer Specs
Trusted Advisor with 58,952 posts.
 
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
28-Jun-2012, 11:12 AM #5
Go to Control Panel - Programs And Features, then uninstall

Ask Toolbar

Bing Bar


-----------------------------------------------------------
ptstrawther's Avatar
ptstrawther ptstrawther is offline
Member with 22 posts.
THREAD STARTER
 
Join Date: Jun 2012
Experience: Advanced
28-Jun-2012, 01:50 PM #6
Thank you
I have completed all three tasks.. Shall I do anything else?

The program removed numerous threats
flavallee's Avatar
flavallee   (Frank) flavallee is online now flavallee is a Trusted Advisor with special permissions. flavallee has a Profile Picture
Computer Specs
Trusted Advisor with 58,952 posts.
 
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
28-Jun-2012, 03:38 PM #7
I'm going to assume that you selected and removed EVERYTHING that was found.

Start SUPERAntiSpyware.

Click "View Scan Logs".

Highlight the most current scan log entry, then click "View Selected Log".

When the scan log appears in Notepad, copy-and-paste it here.

--------------------------------------------------

Are you still receiving the commercial ads?

--------------------------------------------------
flavallee's Avatar
flavallee   (Frank) flavallee is online now flavallee is a Trusted Advisor with special permissions. flavallee has a Profile Picture
Computer Specs
Trusted Advisor with 58,952 posts.
 
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
28-Jun-2012, 03:40 PM #8
Java(TM) 6 Update 30 needs to be updated to Java SE Runtime Environment 6 Update 33
("Windows x64" 16.41 MB file)

The new version will replace the old version, so there's no need to uninstall the old version first.

-----------------------------------------------

Skype 4.2 is very outdated.

If you're no longer using it, uninstall it.

-----------------------------------------------
ptstrawther's Avatar
ptstrawther ptstrawther is offline
Member with 22 posts.
THREAD STARTER
 
Join Date: Jun 2012
Experience: Advanced
28-Jun-2012, 03:43 PM #9
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 06/28/2012 at 01:26 PM

Application Version : 5.5.1006

Core Rules Database Version : 8813
Trace Rules Database Version: 6625

Scan type : Quick Scan
Total Scan Time : 00:05:59

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator

Memory items scanned : 334
Memory threats detected : 0
Registry items scanned : 27070
Registry threats detected : 0
File items scanned : 13450
File threats detected : 169

Adware.Tracking Cookie
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\F1XBUYYU.txt [ /yieldmanager.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\OIVS52KS.txt [ /questionmarket.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\4EIPB6C8.txt [ /ads.pointroll.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\QI0EVYX2.txt [ /ru4.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\A1SUMGZC.txt [ /www.burstnet.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\FWDWNNZK.txt [ /ad-vice.biz ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\MFDDVB0N.txt [ /bs.serving-sys.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\MZODDPP2.txt [ /zedo.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\XPUMW90P.txt [ /collective-media.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\A19K20JC.txt [ /fastclick.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\3NM822VD.txt [ /advertising.ezanga.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\35FO57Y0.txt [ /pointroll.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\614Q72GG.txt [ /ads.blogtalkradio.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\R3IM1ZWC.txt [ /ad.yieldmanager.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\JKWM32YV.txt [ /imrworldwide.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\NCYWDYB0.txt [ /ads.pubmatic.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\JJZ00T5Y.txt [ /adfarm1.adition.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\W5G361LK.txt [ /mediaplex.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\KPMN4REK.txt [ /ad.360yield.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\5MJ0J8EX.txt [ /ads.doubleagent.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\6ZYT74G5.txt [ /msnportal.112.2o7.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\GXA06P6T.txt [ /ox-d.fondnessmedia.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\G7KFGWRE.txt [ /adxpose.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\5KLELXHW.txt [ /dc.tremormedia.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\HIMOIJWC.txt [ /ads.adk2.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\89ZQCQZ0.txt [ /amazon-adsystem.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\EO54926E.txt [ /ads.footar.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\V9HQT75A.txt [ /solvemedia.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\6S4DY61B.txt [ /media6degrees.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\D4SVBJOW.txt [ /adnetwork.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\WSIZG7WS.txt [ /in.getclicky.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\H6IY1C6C.txt [ /legolas-media.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\5BMKTPSZ.txt [ /adserver.adtechus.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\TEFTJ7R9.txt [ /drivingaroundthetrack.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\6NYC4B6B.txt [ /adbrite.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\45RI41T8.txt [ /lucidmedia.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\JYTGXVYA.txt [ /ad2.adfarm1.adition.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\JKVUVOTE.txt [ /interclick.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\51LKABKG.txt [ /ads.saymedia.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\HKLG05C6.txt [ /advertising.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\OEWM1I3J.txt [ /media.adfrontiers.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\V62ZVDHV.txt [ /find-great.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\UR5U1W2F.txt [ /doubleclick.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\OCNMZHN6.txt [ /geconsumerfinance.112.2o7.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\AG62DPMI.txt [ /revsci.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\HVD7XA7K.txt [ /pro-market.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\FC1ZPIG1.txt [ /accountonline.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\NHTZU6R8.txt [ /intermundomedia.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\I3ZXINCW.txt [ /mediaservices-d.openxenterprise.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\DWP04XIX.txt [ /liveperson.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\7FTWOPMF.txt [ /casalemedia.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\I3GRRRQF.txt [ /www.hrsaccount.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\JIJ0IMKO.txt [ /ads.gamersmedia.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\TMM8DYDC.txt [ /alliancedata.122.2o7.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\JIVS46Y3.txt [ /1sadx.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\TWJ47UO6.txt [ /247realmedia.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\8P3DG6I8.txt [ /realmedia.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\BCIXBL06.txt [ /ads.ookla.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\BS1T0THL.txt [ /server.iad.liveperson.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\Z61A853A.txt [ /xml.trafficengine.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\I344Z7FD.txt [ /stat.onestat.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\HOGU1G99.txt [ /mm.chitika.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\Y7S82KMI.txt [ /myroitracking.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\V67RZUJ5.txt [ /atdmt.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\3GMCV19K.txt [ /at.atwola.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\BEMLAIDP.txt [ /liveperson.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\T15IVIRX.txt [ /ads.undertone.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\8ADL2U7M.txt [ /serving-sys.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\17ATWVF6.txt [ /ad.wsod.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\MSBHZJ0M.txt [ /trafficmp.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\TJCRLOJ7.txt [ /journalregistercompany.122.2o7.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\62FVPX1W.txt [ /tribalfusion.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\ZBSHYWPK.txt [ /counter.hitslink.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\5X6LM67L.txt [ /apmebf.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\VR046W81.txt [ /openx.overadmedia.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\P10ABNAZ.txt [ /specificclick.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\TDY9CZ6A.txt [ /network.realmedia.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\P6QJEAP3.txt [ /citi.bridgetrack.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\UZWNM8JN.txt [ /burstnet.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\D7E80J08.txt [ /ads.intergi.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\I3GA3PEB.txt [ /invitemedia.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\4N7YG466.txt [ /insightexpressai.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\JWGTCHRP.txt [ /clicksor.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\4TQQYAPP.txt [ /enhance.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\YAJ8V6J5.txt [ /gamersmedia.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\SQ2M1QAJ.txt [ /adtech.de ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\CVLF48GL.txt [ /ad.allvoices.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\04GVXPB8.txt [ /www.burstbeacon.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\RNK66DZU.txt [ /seeclickfix.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\AO6EB6KI.txt [ /ads.us.e-planning.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\ZVDG5TB3.txt [ /eyeviewads.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\HFY7ZM0Z.txt [ /burstbeacon.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\M115B8CC.txt [ /stats.townnews.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\UQRD28O2.txt [ /statcounter.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\L1T7KAEB.txt [ /click4college.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\0B8WIO5H.txt [ /t.pointroll.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\6C4VDYI4.txt [ /xiti.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\RUK8Q991.txt [ /kontera.com ]
C:\USERS\LTATUM\AppData\Roaming\Microsoft\Windows\Cookies\RU2Z0T5H.txt [ Cookie:ltatum@adsonar.com/adserving ]
C:\USERS\LTATUM\Cookies\F1XBUYYU.txt [ Cookie:ltatum@yieldmanager.net/ ]
C:\USERS\LTATUM\Cookies\OIVS52KS.txt [ Cookie:ltatum@questionmarket.com/ ]
C:\USERS\LTATUM\Cookies\4EIPB6C8.txt [ Cookie:ltatum@ads.pointroll.com/ ]
C:\USERS\LTATUM\Cookies\MFDDVB0N.txt [ Cookie:ltatum@bs.serving-sys.com/ ]
C:\USERS\LTATUM\Cookies\MZODDPP2.txt [ Cookie:ltatum@zedo.com/ ]
C:\USERS\LTATUM\Cookies\XPUMW90P.txt [ Cookie:ltatum@collective-media.net/ ]
C:\USERS\LTATUM\Cookies\3NM822VD.txt [ Cookie:ltatum@advertising.ezanga.com/ ]
C:\USERS\LTATUM\Cookies\35FO57Y0.txt [ Cookie:ltatum@pointroll.com/ ]
C:\USERS\LTATUM\Cookies\R3IM1ZWC.txt [ Cookie:ltatum@ad.yieldmanager.com/ ]
C:\USERS\LTATUM\Cookies\JKWM32YV.txt [ Cookie:ltatum@imrworldwide.com/cgi-bin ]
C:\USERS\LTATUM\Cookies\RU2Z0T5H.txt [ Cookie:ltatum@adsonar.com/adserving ]
C:\USERS\LTATUM\Cookies\W5G361LK.txt [ Cookie:ltatum@mediaplex.com/ ]
C:\USERS\LTATUM\Cookies\6ZYT74G5.txt [ Cookie:ltatum@msnportal.112.2o7.net/ ]
C:\USERS\LTATUM\Cookies\GXA06P6T.txt [ Cookie:ltatum@ox-d.fondnessmedia.com/ ]
C:\USERS\LTATUM\Cookies\G7KFGWRE.txt [ Cookie:ltatum@adxpose.com/ ]
C:\USERS\LTATUM\Cookies\5KLELXHW.txt [ Cookie:ltatum@dc.tremormedia.com/ ]
C:\USERS\LTATUM\Cookies\V9HQT75A.txt [ Cookie:ltatum@solvemedia.com/ ]
C:\USERS\LTATUM\Cookies\6S4DY61B.txt [ Cookie:ltatum@media6degrees.com/ ]
C:\USERS\LTATUM\Cookies\D4SVBJOW.txt [ Cookie:ltatum@adnetwork.net/ ]
C:\USERS\LTATUM\Cookies\WSIZG7WS.txt [ Cookie:ltatum@in.getclicky.com/ ]
C:\USERS\LTATUM\Cookies\5BMKTPSZ.txt [ Cookie:ltatum@adserver.adtechus.com/ ]
C:\USERS\LTATUM\Cookies\6NYC4B6B.txt [ Cookie:ltatum@adbrite.com/ ]
C:\USERS\LTATUM\Cookies\JYTGXVYA.txt [ Cookie:ltatum@ad2.adfarm1.adition.com/ ]
C:\USERS\LTATUM\Cookies\JKVUVOTE.txt [ Cookie:ltatum@interclick.com/ ]
C:\USERS\LTATUM\Cookies\51LKABKG.txt [ Cookie:ltatum@ads.saymedia.com/ ]
C:\USERS\LTATUM\Cookies\HKLG05C6.txt [ Cookie:ltatum@advertising.com/ ]
C:\USERS\LTATUM\Cookies\OEWM1I3J.txt [ Cookie:ltatum@media.adfrontiers.com/ ]
C:\USERS\LTATUM\Cookies\OCNMZHN6.txt [ Cookie:ltatum@geconsumerfinance.112.2o7.net/ ]
C:\USERS\LTATUM\Cookies\AG62DPMI.txt [ Cookie:ltatum@revsci.net/ ]
C:\USERS\LTATUM\Cookies\FC1ZPIG1.txt [ Cookie:ltatum@accountonline.com/ ]
C:\USERS\LTATUM\Cookies\NHTZU6R8.txt [ Cookie:ltatum@intermundomedia.com/ ]
C:\USERS\LTATUM\Cookies\I3ZXINCW.txt [ Cookie:ltatum@mediaservices-d.openxenterprise.com/ ]
C:\USERS\LTATUM\Cookies\7FTWOPMF.txt [ Cookie:ltatum@casalemedia.com/ ]
C:\USERS\LTATUM\Cookies\I3GRRRQF.txt [ Cookie:ltatum@www.hrsaccount.com/ ]
C:\USERS\LTATUM\Cookies\JIJ0IMKO.txt [ Cookie:ltatum@ads.gamersmedia.com/ ]
C:\USERS\LTATUM\Cookies\TMM8DYDC.txt [ Cookie:ltatum@alliancedata.122.2o7.net/ ]
C:\USERS\LTATUM\Cookies\JIVS46Y3.txt [ Cookie:ltatum@1sadx.net/ ]
C:\USERS\LTATUM\Cookies\TWJ47UO6.txt [ Cookie:ltatum@247realmedia.com/ ]
C:\USERS\LTATUM\Cookies\8P3DG6I8.txt [ Cookie:ltatum@realmedia.com/ ]
C:\USERS\LTATUM\Cookies\BS1T0THL.txt [ Cookie:ltatum@server.iad.liveperson.net/ ]
C:\USERS\LTATUM\Cookies\Z61A853A.txt [ Cookie:ltatum@xml.trafficengine.net/ ]
C:\USERS\LTATUM\Cookies\I344Z7FD.txt [ Cookie:ltatum@stat.onestat.com/ ]
C:\USERS\LTATUM\Cookies\HOGU1G99.txt [ Cookie:ltatum@mm.chitika.net/ ]
C:\USERS\LTATUM\Cookies\Y7S82KMI.txt [ Cookie:ltatum@myroitracking.com/ ]
C:\USERS\LTATUM\Cookies\V67RZUJ5.txt [ Cookie:ltatum@atdmt.com/ ]
C:\USERS\LTATUM\Cookies\3GMCV19K.txt [ Cookie:ltatum@at.atwola.com/ ]
C:\USERS\LTATUM\Cookies\MSBHZJ0M.txt [ Cookie:ltatum@trafficmp.com/ ]
C:\USERS\LTATUM\Cookies\TJCRLOJ7.txt [ Cookie:ltatum@journalregistercompany.122.2o7.net/ ]
C:\USERS\LTATUM\Cookies\5X6LM67L.txt [ Cookie:ltatum@apmebf.com/ ]
C:\USERS\LTATUM\Cookies\VR046W81.txt [ Cookie:ltatum@openx.overadmedia.com/ ]
C:\USERS\LTATUM\Cookies\P10ABNAZ.txt [ Cookie:ltatum@specificclick.net/ ]
C:\USERS\LTATUM\Cookies\TDY9CZ6A.txt [ Cookie:ltatum@network.realmedia.com/ ]
C:\USERS\LTATUM\Cookies\P6QJEAP3.txt [ Cookie:ltatum@citi.bridgetrack.com/ ]
C:\USERS\LTATUM\Cookies\UZWNM8JN.txt [ Cookie:ltatum@burstnet.com/ ]
C:\USERS\LTATUM\Cookies\JWGTCHRP.txt [ Cookie:ltatum@clicksor.com/ ]
C:\USERS\LTATUM\Cookies\YAJ8V6J5.txt [ Cookie:ltatum@gamersmedia.com/servlet/ajrotator/track/pt1220551 ]
C:\USERS\LTATUM\Cookies\SQ2M1QAJ.txt [ Cookie:ltatum@adtech.de/ ]
C:\USERS\LTATUM\Cookies\04GVXPB8.txt [ Cookie:ltatum@www.burstbeacon.com/ ]
C:\USERS\LTATUM\Cookies\ZVDG5TB3.txt [ Cookie:ltatum@eyeviewads.com/ ]
C:\USERS\LTATUM\Cookies\M115B8CC.txt [ Cookie:ltatum@stats.townnews.com/nhregister.com/ ]
C:\USERS\LTATUM\Cookies\UQRD28O2.txt [ Cookie:ltatum@statcounter.com/ ]
C:\USERS\LTATUM\Cookies\L1T7KAEB.txt [ Cookie:ltatum@click4college.com/ ]
C:\USERS\LTATUM\Cookies\6C4VDYI4.txt [ Cookie:ltatum@xiti.com/ ]
C:\USERS\LTATUM\Cookies\RUK8Q991.txt [ Cookie:ltatum@kontera.com/ ]

Trace.Known Threat Sources
C:\USERS\LTATUM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WC3RKGVG\crossdomain[1].xml [ cache:wista ]
C:\USERS\LTATUM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WC3RKGVG\59b8caa9266b8_2174314[1].flv [ cache:wista ]
C:\USERS\LTATUM\Local Settings\Temporary Internet Files\Content.IE5\WC3RKGVG\crossdomain[1].xml [ cache:wista ]
C:\USERS\LTATUM\Local Settings\Temporary Internet Files\Content.IE5\WC3RKGVG\59b8caa9266b8_2174314[1].flv [ cache:wista ]

PUP.SoftDownloader
C:\USERS\LTATUM\DESKTOP\HIJACKTHIS SETUP.EXE
C:\Windows\Prefetch\HIJACKTHIS SETUP.EXE-C1613C16.pf
flavallee's Avatar
flavallee   (Frank) flavallee is online now flavallee is a Trusted Advisor with special permissions. flavallee has a Profile Picture
Computer Specs
Trusted Advisor with 58,952 posts.
 
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
28-Jun-2012, 04:15 PM #10
You didn't answer my question in post #7.

Don't forget about post #8.

------------------------------------------------------
ptstrawther's Avatar
ptstrawther ptstrawther is offline
Member with 22 posts.
THREAD STARTER
 
Join Date: Jun 2012
Experience: Advanced
28-Jun-2012, 04:18 PM #11
Sorry

I don't hear the ads any longer but the machine isn't connected to the internet right now. I will connect and then listen.

I updated the Java platform and removed the skpe app
flavallee's Avatar
flavallee   (Frank) flavallee is online now flavallee is a Trusted Advisor with special permissions. flavallee has a Profile Picture
Computer Specs
Trusted Advisor with 58,952 posts.
 
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
28-Jun-2012, 04:26 PM #12
Click Start - Run, then type in

%temp% (% is the percent symbol in the number 5 key)

and then click OK.

Once that temp folder appears and you can view its contents, select and delete EVERYTHING that's inside it.

If a few files resist being deleted, that's normal behavior. Leave them alone and delete EVERYTHING else.

If a massive number of files are being deleted, the computer may appear to "hang". Be patient and wait for the deletion process to finish.

After it's done, restart the computer.

-----------------------------------------------------
ptstrawther's Avatar
ptstrawther ptstrawther is offline
Member with 22 posts.
THREAD STARTER
 
Join Date: Jun 2012
Experience: Advanced
28-Jun-2012, 04:32 PM #13
ok that has been completed.
flavallee's Avatar
flavallee   (Frank) flavallee is online now flavallee is a Trusted Advisor with special permissions. flavallee has a Profile Picture
Computer Specs
Trusted Advisor with 58,952 posts.
 
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
28-Jun-2012, 04:37 PM #14
Quote:
Originally Posted by ptstrawther View Post
ok that has been completed.


A large buildup of temp files can cause various problems, and that temp folder is a good place for "nasties" to hide.

That's why I consider it part of regular computer maintenance.

------------------------------------------------------
ptstrawther's Avatar
ptstrawther ptstrawther is offline
Member with 22 posts.
THREAD STARTER
 
Join Date: Jun 2012
Experience: Advanced
28-Jun-2012, 04:40 PM #15
excellent. So that should be it?
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑