Need help with possible virus

ptstrawther · 24-Jun-2012, 09:20 PM #1

The computer is playing various advertising commercials while browsing on the web. I think I am being redirected to other websites as well.

I have disconnected the infected PC from my network and I have completed the following logs. I have also have run malware bytes in safe-mode but the results came back with no infected files.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:47:43 PM, on 6/24/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120623122548.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
O4 - HKCU\..\Run: [EPSON Stylus CX9400Fax Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICFA.EXE /FU "C:\Windows\TEMP\E_S2E8E.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files (x86)\Canon\CAL\CALMAIN.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Dell DataSafe Online (NOBU) - Dell, Inc. - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11404 bytes

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by LTatum at 19:49:19 on 2012-06-24
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4061.2704 [GMT -5:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Canon\CAL\CALMAIN.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\mcafee.com\agent\mcagent.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\taskeng.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\REGSVR32.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120623122548.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uRun: [EPSON Stylus CX9400Fax Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICFA.EXE /FU "C:\Windows\TEMP\E_S2E8E.tmp" /EF "HKCU"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun: [<NO NAME>]
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
StartupFolder: C:\Users\LTatum\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Trusted Zone: intuit.com\ttlc
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{6D799951-6725-458A-A13A-71550E12849B} : DhcpNameServer = 192.168.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\msc\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120623122548.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO-X64: Ask Toolbar BHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun-x64: [(Default)]
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\system32\DRIVERS\ctxusbm.sys --> C:\Windows\system32\DRIVERS\ctxusbm.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2010-1-11 155648]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-1-5 13336]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-12-22 249936]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-12-22 249936]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-12-22 249936]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-12-22 249936]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2011-12-22 199272]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2011-12-22 210584]
R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]
R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers\IntcHdmi.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-12 257224]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe [2010-9-3 227232]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-8-25 13672]
S4 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-9-4 1116656]
S4 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-9-4 219632]
S4 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-1-5 1692480]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-06-24 23:05:14 388096 ----a-r- C:\Users\LTatum\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-06-24 23:05:13 -------- d-----w- C:\Program Files (x86)\Trend Micro
2012-06-24 19:28:08 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-22 20:01:09 -------- d-----w- C:\Program Files (x86)\Nmap
2012-06-22 20:01:08 -------- d-----w- C:\ProgramData\XDMessaging
2012-06-22 20:00:59 -------- d-----w- C:\Program Files (x86)\iYogi
2012-06-22 19:56:33 -------- d-----w- C:\Program Files (x86)\PC Optimizer Renewal
2012-06-22 12:27:15 -------- d-----w- C:\Users\LTatum\AppData\Local\{375150A6-E68B-4095-8B8E-C76034D7CA2D}
2012-06-22 12:27:04 -------- d-----w- C:\Users\LTatum\AppData\Local\{46BE565E-40D6-4DC0-8A75-A4DD4D7F2928}
2012-06-22 06:15:45 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-22 06:15:35 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-22 06:15:26 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-22 06:15:26 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-22 00:37:30 -------- d-----w- C:\Windows\pss
2012-06-21 23:37:53 -------- dc-h--w- C:\ProgramData\{CBCE2F73-24E4-481F-84B2-1A5EB720D187}
2012-06-21 23:37:05 -------- d-----w- C:\Users\LTatum\AppData\Local\PackageAware
2012-06-21 22:07:57 -------- d-----w- C:\APCT
2012-06-21 22:07:44 -------- d-----w- C:\Users\LTatum\AppData\Roaming\iYogi
2012-06-21 22:03:31 77312 ----a-w- C:\Windows\SysWow64\ztvunace26.dll
2012-06-21 22:03:31 75264 ----a-w- C:\Windows\SysWow64\unacev2.dll
2012-06-21 22:03:31 69632 ----a-w- C:\Windows\SysWow64\ztvcabinet.dll
2012-06-21 22:03:31 162304 ----a-w- C:\Windows\SysWow64\ztvunrar36.dll
2012-06-21 22:03:31 153088 ----a-w- C:\Windows\SysWow64\UNRAR3.dll
2012-06-21 22:03:30 -------- d-----w- C:\ProgramData\Simply Super Software
2012-06-21 22:03:30 -------- d-----w- C:\Program Files (x86)\Trojan Remover
2012-06-21 22:01:51 279317322 ----a-w- C:\backup.reg
2012-06-21 20:52:38 -------- d-----w- C:\Users\LTatum\AppData\Roaming\QuickScan
2012-06-21 20:51:58 -------- d-----w- C:\ProgramData\SmartPCScan
2012-06-21 20:48:05 -------- d-----w- C:\Users\LTatum\AppData\Roaming\Malwarebytes
2012-06-21 20:47:54 -------- d-----w- C:\ProgramData\Malwarebytes
2012-06-21 20:42:41 -------- d-----w- C:\Program Files (x86)\iYogi Support Dock
2012-06-21 15:49:55 -------- d-----w- C:\Users\LTatum\AppData\Local\{C0F7B890-3548-4A26-9CE2-5367DF41320C}
2012-06-21 15:49:45 -------- d-----w- C:\Users\LTatum\AppData\Local\{344AE900-3109-4B43-9021-5137C7DC8026}
2012-06-21 15:45:42 -------- d-----w- C:\Windows\en
2012-06-21 15:43:27 19736 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-06-21 15:40:29 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2f3254491cd4fc406\DXSETUP.exe
2012-06-21 15:40:29 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2f3254491cd4fc406\dsetup32.dll
2012-06-21 15:40:29 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2fb53ff81cd4fc407\MeshBetaRemover.exe
2012-06-21 15:40:28 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2f3254491cd4fc406\DSETUP.dll
2012-06-21 15:40:23 -------- d-----w- C:\Users\LTatum\AppData\Local\{7613BE45-5167-4D6D-8465-3D2DC8C87F0B}
2012-06-21 15:39:47 -------- d-----w- C:\Users\LTatum\AppData\Local\{69DB9448-5722-4430-98CF-3824E84FD0BC}
2012-06-21 15:39:36 -------- d-----w- C:\Users\LTatum\AppData\Local\{256CF503-EA63-4490-96FC-4C34FEC2F828}
2012-06-19 20:59:30 -------- d-----w- C:\Users\LTatum\AppData\Local\{CDF3701A-B43D-4491-9607-8913FF34BF57}
2012-06-19 20:59:14 -------- d-----w- C:\Users\LTatum\AppData\Local\{A7898F41-25D1-4F03-80DE-5AAD645A5474}
2012-06-18 12:03:12 -------- d-----w- C:\Users\LTatum\AppData\Local\{5D089F18-C2DD-4149-B937-60063D653EE6}
2012-06-17 19:06:31 -------- d-----w- C:\Users\LTatum\AppData\Local\{32FF978D-99D9-4167-87C8-0641E375CA9D}
2012-06-16 12:35:42 -------- d-----w- C:\Users\LTatum\AppData\Local\{6577763D-8202-491A-9A0B-EA711027379E}
2012-06-16 00:31:53 -------- d-----w- C:\Users\LTatum\AppData\Local\{2F2A4189-ED9C-4474-AB82-3DE3689EDFA5}
2012-06-13 14:36:06 -------- d-----w- C:\Users\LTatum\AppData\Local\{DF1D5D66-3369-4446-8DC7-8BC8D024B3E9}
2012-06-13 14:35:56 -------- d-----w- C:\Users\LTatum\AppData\Local\{917F9E9F-994D-48C1-AFE4-D9B8E703C5CF}
2012-06-13 14:17:15 -------- d-----w- C:\Users\LTatum\AppData\Local\{CEC0AAE8-3CAC-4C6C-A9DB-9AFFE4B4F405}
2012-06-13 14:17:05 -------- d-----w- C:\Users\LTatum\AppData\Local\{56841181-5AA1-4C0E-9692-5C0BDEC4F0AA}
2012-06-13 13:48:10 -------- d-----w- C:\Users\LTatum\AppData\Local\{F9AE8D07-A034-4D89-AC2B-033A61BF92E6}
2012-06-13 13:47:59 -------- d-----w- C:\Users\LTatum\AppData\Local\{CF1B6FD9-C9C2-4486-AE8C-6DA4013E4C51}
2012-06-13 05:47:02 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-06-13 05:47:02 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-06-13 05:47:01 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-06-13 05:46:06 209920 ----a-w- C:\Windows\System32\profsvc.dll
2012-06-13 05:45:41 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-06-13 05:45:39 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-06-13 05:45:39 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-06-13 05:45:10 3146752 ----a-w- C:\Windows\System32\win32k.sys
2012-06-13 05:44:42 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-06-13 05:44:15 3216384 ----a-w- C:\Windows\System32\msi.dll
2012-06-13 05:44:14 2342400 ----a-w- C:\Windows\SysWow64\msi.dll
2012-06-13 05:44:08 1462272 ----a-w- C:\Windows\System32\crypt32.dll
2012-06-13 05:44:07 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-06-13 05:44:07 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-06-13 05:44:07 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-06-13 05:44:06 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-06-13 05:44:05 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-06-13 00:51:51 -------- d-----w- C:\Users\LTatum\AppData\Local\{6E1B2684-9ECA-4F49-86B1-F3378BCC0FC9}
2012-06-13 00:51:41 -------- d-----w- C:\Users\LTatum\AppData\Local\{4B3ACDA6-D2C6-49B0-BE72-BFCAE96073C9}
2012-06-12 15:17:24 -------- d-----w- C:\Users\LTatum\AppData\Local\{5309EA47-A33F-48CE-BFCB-DCF8C1034FF0}
2012-06-12 15:17:14 -------- d-----w- C:\Users\LTatum\AppData\Local\{D5E204C7-3BFA-4643-8FD1-171F989D1B88}
2012-06-08 16:42:19 -------- d-----w- C:\Users\LTatum\AppData\Local\{ED13C14F-ECB4-4D67-9726-EB7BFA4527B9}
2012-06-08 16:42:09 -------- d-----w- C:\Users\LTatum\AppData\Local\{02546748-BAE7-4D78-82D3-BFCCB1204448}
2012-06-08 14:30:36 -------- d-----w- C:\Users\LTatum\AppData\Local\{9D28A1FA-EF93-4352-BAD4-0A53A4D8C156}
2012-06-08 14:30:25 -------- d-----w- C:\Users\LTatum\AppData\Local\{E99D1455-0C64-40B5-A28C-484569F8A1A8}
2012-06-08 13:43:56 -------- d-----w- C:\Users\LTatum\AppData\Local\{94C87087-3D77-4A5D-8F3F-3114E2FE429E}
2012-06-08 13:43:45 -------- d-----w- C:\Users\LTatum\AppData\Local\{91691764-AE89-41AB-9679-5922E76A2F3F}
2012-06-07 15:23:38 -------- d-----w- C:\Users\LTatum\AppData\Local\{6FB2DE62-FDCC-43C4-A61A-F3BA558090AA}
2012-06-07 15:23:28 -------- d-----w- C:\Users\LTatum\AppData\Local\{3083B39A-47D1-4D83-8F7B-1E7A5B310EC9}
2012-06-06 23:58:04 -------- d-----w- C:\Users\LTatum\AppData\Local\{898726AA-7BBC-4B04-A1BC-A20452D84CD3}
2012-06-06 23:57:53 -------- d-----w- C:\Users\LTatum\AppData\Local\{413A3C3C-6D41-4087-A82A-2F29097DC5CC}
2012-06-06 17:55:13 -------- d-----w- C:\Users\LTatum\AppData\Local\{EA51FBC4-92C3-4E76-8904-50D60429C77D}
2012-06-06 17:55:03 -------- d-----w- C:\Users\LTatum\AppData\Local\{7875012D-5F8C-4F9B-9665-298834027618}
2012-06-06 16:33:37 -------- d-----w- C:\Users\LTatum\AppData\Local\{7D821715-00FC-4DCF-ABAF-8B2CF47CD599}
2012-06-06 16:33:26 -------- d-----w- C:\Users\LTatum\AppData\Local\{B2C6D438-2F64-49EC-ACB3-315CDD852328}
2012-06-05 20:56:52 -------- d-----w- C:\Users\LTatum\AppData\Local\{7018B8BF-3730-49B2-A233-B4135CECB035}
2012-06-05 20:56:41 -------- d-----w- C:\Users\LTatum\AppData\Local\{2F621097-2ED9-42EF-B6D8-F3A93F586DF0}
2012-06-05 19:32:37 -------- d-----w- C:\Users\LTatum\AppData\Local\{0D893943-3D79-4E73-AB91-EB00A505B756}
2012-06-05 19:32:27 -------- d-----w- C:\Users\LTatum\AppData\Local\{17430069-E073-4C8E-AEE8-D7F5DCCB359E}
2012-06-05 14:50:58 -------- d-----w- C:\Users\LTatum\AppData\Local\{8775437E-D3C7-41FE-A953-9157F35ED394}
2012-06-05 14:50:48 -------- d-----w- C:\Users\LTatum\AppData\Local\{B0A6C8F7-0BA2-40CF-8BB9-8063365AAA4B}
2012-06-04 16:50:13 -------- d-----w- C:\Users\LTatum\AppData\Local\{A12181EE-ADF8-4337-91F8-559C2EF317A9}
2012-06-04 16:50:03 -------- d-----w- C:\Users\LTatum\AppData\Local\{43AD9825-FAAC-48A0-B124-BDF88CFFB810}
2012-06-03 15:59:12 -------- d-----w- C:\Users\LTatum\AppData\Local\{F01EAA39-F10E-455B-A4AD-1E4D738A935B}
2012-06-03 15:59:02 -------- d-----w- C:\Users\LTatum\AppData\Local\{287B2615-5B31-4060-A5AA-9AFB373FD312}
2012-06-02 19:00:59 -------- d-----w- C:\Users\LTatum\AppData\Local\{94FA9A36-2268-4D52-961E-184FFD84AA0C}
2012-06-02 19:00:48 -------- d-----w- C:\Users\LTatum\AppData\Local\{7B9B1439-F8C7-4096-97DA-C893C7377881}
2012-06-02 15:58:34 -------- d-----w- C:\Users\LTatum\AppData\Local\{D4717EB2-1CBE-4565-91AB-BAC6C9266B01}
2012-06-02 15:58:24 -------- d-----w- C:\Users\LTatum\AppData\Local\{D4EA7C96-9D88-42B6-95B1-1FF2A5B4EE81}
2012-06-02 14:50:26 -------- d-----w- C:\Users\LTatum\AppData\Local\{E2690EBC-6E5E-4438-A278-1A42EDCA4E91}
2012-06-02 14:50:15 -------- d-----w- C:\Users\LTatum\AppData\Local\{103B7F68-D9D8-4EE0-A6D2-1CE326655439}
2012-06-02 14:46:26 -------- d-----w- C:\Users\LTatum\AppData\Local\{FB930BFF-54E9-4DFC-A561-C98B11607176}
2012-05-30 16:02:00 -------- d-----w- C:\Users\LTatum\AppData\Local\{CA81264B-220C-4495-9763-046EAF0E3A45}
2012-05-30 16:01:50 -------- d-----w- C:\Users\LTatum\AppData\Local\{B026E788-17D4-4EEB-B111-6E61602CF37F}
2012-05-29 20:45:06 -------- d-----w- C:\Users\LTatum\AppData\Local\{E59A831A-5FAF-4B8F-993F-8E78630E449D}
2012-05-29 20:44:56 -------- d-----w- C:\Users\LTatum\AppData\Local\{C70E95BB-B463-4760-BE37-B60B021C0832}
2012-05-29 20:11:09 -------- d-----w- C:\Users\LTatum\AppData\Local\{93A28B5B-EE7C-4CA7-B300-A0383AB39625}
2012-05-29 20:10:58 -------- d-----w- C:\Users\LTatum\AppData\Local\{06FE38CA-0A98-412E-8FD5-BE5CF961065F}
2012-05-29 18:27:10 -------- d-----w- C:\Users\LTatum\AppData\Local\{81E5F753-2843-4CB3-BFD1-68BF59FBE13D}
2012-05-29 18:27:00 -------- d-----w- C:\Users\LTatum\AppData\Local\{7812D4F9-81C0-461D-9F8A-4D131084CBB4}
2012-05-29 13:46:41 -------- d-----w- C:\Users\LTatum\AppData\Local\{ABB11B6B-EB48-46D1-872E-A8FA88E6826D}
2012-05-29 13:46:31 -------- d-----w- C:\Users\LTatum\AppData\Local\{594E7DBB-015F-4B92-81B8-F2E023105EE8}
2012-05-28 13:25:00 163048 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10141.bin
.
==================== Find3M ====================
.
2012-06-13 13:08:41 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-13 13:08:41 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-05-05 08:54:10 8769696 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-03-28 21:37:39 102248 ----a-w- C:\Users\LTatum\GoToAssistDownloadHelper.exe
.
============= FINISH: 19:57:50.96 ===============

ark.txt was blank

ptstrawther · 26-Jun-2012, 12:12 PM #2

bump

ptstrawther · 28-Jun-2012, 08:52 AM #3

bump

flavallee · 28-Jun-2012, 12:09 PM #4

Download and save and then install the free version of

SUPERAntiSpyware 5.5.0.1006

Make sure to update its definition files during the install process.

Make sure to uncheck and decline to install any extras, such as toolbars and homepages, it may offer.

After it's installed and updated, restart the computer.

Start it, then run a quick scan.

When the scan is finished, select and remove EVERYTHING it found.

Restart the computer, if prompted to, so the removal process can finish.

----------------------------------------------------------------

flavallee · 28-Jun-2012, 12:12 PM #5

Go to Control Panel - Programs And Features, then uninstall

Ask Toolbar

Bing Bar

-----------------------------------------------------------

ptstrawther · 28-Jun-2012, 02:50 PM #6

Thank you
I have completed all three tasks.. Shall I do anything else?

The program removed numerous threats

flavallee · 28-Jun-2012, 04:38 PM #7

I'm going to assume that you selected and removed EVERYTHING that was found.

Start SUPERAntiSpyware.

Click "View Scan Logs".

Highlight the most current scan log entry, then click "View Selected Log".

When the scan log appears in Notepad, copy-and-paste it here.

--------------------------------------------------

Are you still receiving the commercial ads?

--------------------------------------------------

flavallee · 28-Jun-2012, 04:40 PM #8

Java(TM) 6 Update 30 needs to be updated to Java SE Runtime Environment 6 Update 33
("Windows x64" 16.41 MB file)

The new version will replace the old version, so there's no need to uninstall the old version first.

-----------------------------------------------

Skype 4.2 is very outdated.

If you're no longer using it, uninstall it.

-----------------------------------------------

ptstrawther · 28-Jun-2012, 04:43 PM #9

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 06/28/2012 at 01:26 PM

Application Version : 5.5.1006

Core Rules Database Version : 8813
Trace Rules Database Version: 6625

Scan type : Quick Scan
Total Scan Time : 00:05:59

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator

Memory items scanned : 334
Memory threats detected : 0
Registry items scanned : 27070
Registry threats detected : 0
File items scanned : 13450
File threats detected : 169

Adware.Tracking Cookie
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\F1XBUYYU.txt [ /yieldmanager.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\OIVS52KS.txt [ /questionmarket.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\4EIPB6C8.txt [ /ads.pointroll.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\QI0EVYX2.txt [ /ru4.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\A1SUMGZC.txt [ /www.burstnet.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\FWDWNNZK.txt [ /ad-vice.biz ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\MFDDVB0N.txt [ /bs.serving-sys.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\MZODDPP2.txt [ /zedo.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\XPUMW90P.txt [ /collective-media.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\A19K20JC.txt [ /fastclick.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\3NM822VD.txt [ /advertising.ezanga.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\35FO57Y0.txt [ /pointroll.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\614Q72GG.txt [ /ads.blogtalkradio.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\R3IM1ZWC.txt [ /ad.yieldmanager.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\JKWM32YV.txt [ /imrworldwide.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\NCYWDYB0.txt [ /ads.pubmatic.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\JJZ00T5Y.txt [ /adfarm1.adition.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\W5G361LK.txt [ /mediaplex.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\KPMN4REK.txt [ /ad.360yield.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\5MJ0J8EX.txt [ /ads.doubleagent.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\6ZYT74G5.txt [ /msnportal.112.2o7.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\GXA06P6T.txt [ /ox-d.fondnessmedia.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\G7KFGWRE.txt [ /adxpose.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\5KLELXHW.txt [ /dc.tremormedia.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\HIMOIJWC.txt [ /ads.adk2.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\89ZQCQZ0.txt [ /amazon-adsystem.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\EO54926E.txt [ /ads.footar.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\V9HQT75A.txt [ /solvemedia.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\6S4DY61B.txt [ /media6degrees.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\D4SVBJOW.txt [ /adnetwork.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\WSIZG7WS.txt [ /in.getclicky.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\H6IY1C6C.txt [ /legolas-media.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\5BMKTPSZ.txt [ /adserver.adtechus.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\TEFTJ7R9.txt [ /drivingaroundthetrack.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\6NYC4B6B.txt [ /adbrite.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\45RI41T8.txt [ /lucidmedia.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\JYTGXVYA.txt [ /ad2.adfarm1.adition.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\JKVUVOTE.txt [ /interclick.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\51LKABKG.txt [ /ads.saymedia.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\HKLG05C6.txt [ /advertising.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\OEWM1I3J.txt [ /media.adfrontiers.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\V62ZVDHV.txt [ /find-great.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\UR5U1W2F.txt [ /doubleclick.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\OCNMZHN6.txt [ /geconsumerfinance.112.2o7.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\AG62DPMI.txt [ /revsci.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\HVD7XA7K.txt [ /pro-market.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\FC1ZPIG1.txt [ /accountonline.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\NHTZU6R8.txt [ /intermundomedia.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\I3ZXINCW.txt [ /mediaservices-d.openxenterprise.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\DWP04XIX.txt [ /liveperson.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\7FTWOPMF.txt [ /casalemedia.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\I3GRRRQF.txt [ /www.hrsaccount.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\JIJ0IMKO.txt [ /ads.gamersmedia.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\TMM8DYDC.txt [ /alliancedata.122.2o7.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\JIVS46Y3.txt [ /1sadx.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\TWJ47UO6.txt [ /247realmedia.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\8P3DG6I8.txt [ /realmedia.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\BCIXBL06.txt [ /ads.ookla.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\BS1T0THL.txt [ /server.iad.liveperson.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\Z61A853A.txt [ /xml.trafficengine.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\I344Z7FD.txt [ /stat.onestat.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\HOGU1G99.txt [ /mm.chitika.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\Y7S82KMI.txt [ /myroitracking.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\V67RZUJ5.txt [ /atdmt.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\3GMCV19K.txt [ /at.atwola.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\BEMLAIDP.txt [ /liveperson.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\T15IVIRX.txt [ /ads.undertone.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\8ADL2U7M.txt [ /serving-sys.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\17ATWVF6.txt [ /ad.wsod.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\MSBHZJ0M.txt [ /trafficmp.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\TJCRLOJ7.txt [ /journalregistercompany.122.2o7.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\62FVPX1W.txt [ /tribalfusion.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\ZBSHYWPK.txt [ /counter.hitslink.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\5X6LM67L.txt [ /apmebf.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\VR046W81.txt [ /openx.overadmedia.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\P10ABNAZ.txt [ /specificclick.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\TDY9CZ6A.txt [ /network.realmedia.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\P6QJEAP3.txt [ /citi.bridgetrack.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\UZWNM8JN.txt [ /burstnet.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\D7E80J08.txt [ /ads.intergi.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\I3GA3PEB.txt [ /invitemedia.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\4N7YG466.txt [ /insightexpressai.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\JWGTCHRP.txt [ /clicksor.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\4TQQYAPP.txt [ /enhance.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\YAJ8V6J5.txt [ /gamersmedia.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\SQ2M1QAJ.txt [ /adtech.de ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\CVLF48GL.txt [ /ad.allvoices.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\04GVXPB8.txt [ /www.burstbeacon.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\RNK66DZU.txt [ /seeclickfix.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\AO6EB6KI.txt [ /ads.us.e-planning.net ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\ZVDG5TB3.txt [ /eyeviewads.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\HFY7ZM0Z.txt [ /burstbeacon.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\M115B8CC.txt [ /stats.townnews.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\UQRD28O2.txt [ /statcounter.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\L1T7KAEB.txt [ /click4college.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\0B8WIO5H.txt [ /t.pointroll.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\6C4VDYI4.txt [ /xiti.com ]
C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\RUK8Q991.txt [ /kontera.com ]
C:\USERS\LTATUM\AppData\Roaming\Microsoft\Windows\Cookies\RU2Z0T5H.txt [ Cookie:ltatum@adsonar.com/adserving ]
C:\USERS\LTATUM\Cookies\F1XBUYYU.txt [ Cookie:ltatum@yieldmanager.net/ ]
C:\USERS\LTATUM\Cookies\OIVS52KS.txt [ Cookie:ltatum@questionmarket.com/ ]
C:\USERS\LTATUM\Cookies\4EIPB6C8.txt [ Cookie:ltatum@ads.pointroll.com/ ]
C:\USERS\LTATUM\Cookies\MFDDVB0N.txt [ Cookie:ltatum@bs.serving-sys.com/ ]
C:\USERS\LTATUM\Cookies\MZODDPP2.txt [ Cookie:ltatum@zedo.com/ ]
C:\USERS\LTATUM\Cookies\XPUMW90P.txt [ Cookie:ltatum@collective-media.net/ ]
C:\USERS\LTATUM\Cookies\3NM822VD.txt [ Cookie:ltatum@advertising.ezanga.com/ ]
C:\USERS\LTATUM\Cookies\35FO57Y0.txt [ Cookie:ltatum@pointroll.com/ ]
C:\USERS\LTATUM\Cookies\R3IM1ZWC.txt [ Cookie:ltatum@ad.yieldmanager.com/ ]
C:\USERS\LTATUM\Cookies\JKWM32YV.txt [ Cookie:ltatum@imrworldwide.com/cgi-bin ]
C:\USERS\LTATUM\Cookies\RU2Z0T5H.txt [ Cookie:ltatum@adsonar.com/adserving ]
C:\USERS\LTATUM\Cookies\W5G361LK.txt [ Cookie:ltatum@mediaplex.com/ ]
C:\USERS\LTATUM\Cookies\6ZYT74G5.txt [ Cookie:ltatum@msnportal.112.2o7.net/ ]
C:\USERS\LTATUM\Cookies\GXA06P6T.txt [ Cookie:ltatum@ox-d.fondnessmedia.com/ ]
C:\USERS\LTATUM\Cookies\G7KFGWRE.txt [ Cookie:ltatum@adxpose.com/ ]
C:\USERS\LTATUM\Cookies\5KLELXHW.txt [ Cookie:ltatum@dc.tremormedia.com/ ]
C:\USERS\LTATUM\Cookies\V9HQT75A.txt [ Cookie:ltatum@solvemedia.com/ ]
C:\USERS\LTATUM\Cookies\6S4DY61B.txt [ Cookie:ltatum@media6degrees.com/ ]
C:\USERS\LTATUM\Cookies\D4SVBJOW.txt [ Cookie:ltatum@adnetwork.net/ ]
C:\USERS\LTATUM\Cookies\WSIZG7WS.txt [ Cookie:ltatum@in.getclicky.com/ ]
C:\USERS\LTATUM\Cookies\5BMKTPSZ.txt [ Cookie:ltatum@adserver.adtechus.com/ ]
C:\USERS\LTATUM\Cookies\6NYC4B6B.txt [ Cookie:ltatum@adbrite.com/ ]
C:\USERS\LTATUM\Cookies\JYTGXVYA.txt [ Cookie:ltatum@ad2.adfarm1.adition.com/ ]
C:\USERS\LTATUM\Cookies\JKVUVOTE.txt [ Cookie:ltatum@interclick.com/ ]
C:\USERS\LTATUM\Cookies\51LKABKG.txt [ Cookie:ltatum@ads.saymedia.com/ ]
C:\USERS\LTATUM\Cookies\HKLG05C6.txt [ Cookie:ltatum@advertising.com/ ]
C:\USERS\LTATUM\Cookies\OEWM1I3J.txt [ Cookie:ltatum@media.adfrontiers.com/ ]
C:\USERS\LTATUM\Cookies\OCNMZHN6.txt [ Cookie:ltatum@geconsumerfinance.112.2o7.net/ ]
C:\USERS\LTATUM\Cookies\AG62DPMI.txt [ Cookie:ltatum@revsci.net/ ]
C:\USERS\LTATUM\Cookies\FC1ZPIG1.txt [ Cookie:ltatum@accountonline.com/ ]
C:\USERS\LTATUM\Cookies\NHTZU6R8.txt [ Cookie:ltatum@intermundomedia.com/ ]
C:\USERS\LTATUM\Cookies\I3ZXINCW.txt [ Cookie:ltatum@mediaservices-d.openxenterprise.com/ ]
C:\USERS\LTATUM\Cookies\7FTWOPMF.txt [ Cookie:ltatum@casalemedia.com/ ]
C:\USERS\LTATUM\Cookies\I3GRRRQF.txt [ Cookie:ltatum@www.hrsaccount.com/ ]
C:\USERS\LTATUM\Cookies\JIJ0IMKO.txt [ Cookie:ltatum@ads.gamersmedia.com/ ]
C:\USERS\LTATUM\Cookies\TMM8DYDC.txt [ Cookie:ltatum@alliancedata.122.2o7.net/ ]
C:\USERS\LTATUM\Cookies\JIVS46Y3.txt [ Cookie:ltatum@1sadx.net/ ]
C:\USERS\LTATUM\Cookies\TWJ47UO6.txt [ Cookie:ltatum@247realmedia.com/ ]
C:\USERS\LTATUM\Cookies\8P3DG6I8.txt [ Cookie:ltatum@realmedia.com/ ]
C:\USERS\LTATUM\Cookies\BS1T0THL.txt [ Cookie:ltatum@server.iad.liveperson.net/ ]
C:\USERS\LTATUM\Cookies\Z61A853A.txt [ Cookie:ltatum@xml.trafficengine.net/ ]
C:\USERS\LTATUM\Cookies\I344Z7FD.txt [ Cookie:ltatum@stat.onestat.com/ ]
C:\USERS\LTATUM\Cookies\HOGU1G99.txt [ Cookie:ltatum@mm.chitika.net/ ]
C:\USERS\LTATUM\Cookies\Y7S82KMI.txt [ Cookie:ltatum@myroitracking.com/ ]
C:\USERS\LTATUM\Cookies\V67RZUJ5.txt [ Cookie:ltatum@atdmt.com/ ]
C:\USERS\LTATUM\Cookies\3GMCV19K.txt [ Cookie:ltatum@at.atwola.com/ ]
C:\USERS\LTATUM\Cookies\MSBHZJ0M.txt [ Cookie:ltatum@trafficmp.com/ ]
C:\USERS\LTATUM\Cookies\TJCRLOJ7.txt [ Cookie:ltatum@journalregistercompany.122.2o7.net/ ]
C:\USERS\LTATUM\Cookies\5X6LM67L.txt [ Cookie:ltatum@apmebf.com/ ]
C:\USERS\LTATUM\Cookies\VR046W81.txt [ Cookie:ltatum@openx.overadmedia.com/ ]
C:\USERS\LTATUM\Cookies\P10ABNAZ.txt [ Cookie:ltatum@specificclick.net/ ]
C:\USERS\LTATUM\Cookies\TDY9CZ6A.txt [ Cookie:ltatum@network.realmedia.com/ ]
C:\USERS\LTATUM\Cookies\P6QJEAP3.txt [ Cookie:ltatum@citi.bridgetrack.com/ ]
C:\USERS\LTATUM\Cookies\UZWNM8JN.txt [ Cookie:ltatum@burstnet.com/ ]
C:\USERS\LTATUM\Cookies\JWGTCHRP.txt [ Cookie:ltatum@clicksor.com/ ]
C:\USERS\LTATUM\Cookies\YAJ8V6J5.txt [ Cookie:ltatum@gamersmedia.com/servlet/ajrotator/track/pt1220551 ]
C:\USERS\LTATUM\Cookies\SQ2M1QAJ.txt [ Cookie:ltatum@adtech.de/ ]
C:\USERS\LTATUM\Cookies\04GVXPB8.txt [ Cookie:ltatum@www.burstbeacon.com/ ]
C:\USERS\LTATUM\Cookies\ZVDG5TB3.txt [ Cookie:ltatum@eyeviewads.com/ ]
C:\USERS\LTATUM\Cookies\M115B8CC.txt [ Cookie:ltatum@stats.townnews.com/nhregister.com/ ]
C:\USERS\LTATUM\Cookies\UQRD28O2.txt [ Cookie:ltatum@statcounter.com/ ]
C:\USERS\LTATUM\Cookies\L1T7KAEB.txt [ Cookie:ltatum@click4college.com/ ]
C:\USERS\LTATUM\Cookies\6C4VDYI4.txt [ Cookie:ltatum@xiti.com/ ]
C:\USERS\LTATUM\Cookies\RUK8Q991.txt [ Cookie:ltatum@kontera.com/ ]

Trace.Known Threat Sources
C:\USERS\LTATUM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WC3RKGVG\crossdomain[1].xml [ cache:wista ]
C:\USERS\LTATUM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WC3RKGVG\59b8caa9266b8_2174314[1].flv [ cache:wista ]
C:\USERS\LTATUM\Local Settings\Temporary Internet Files\Content.IE5\WC3RKGVG\crossdomain[1].xml [ cache:wista ]
C:\USERS\LTATUM\Local Settings\Temporary Internet Files\Content.IE5\WC3RKGVG\59b8caa9266b8_2174314[1].flv [ cache:wista ]

PUP.SoftDownloader
C:\USERS\LTATUM\DESKTOP\HIJACKTHIS SETUP.EXE
C:\Windows\Prefetch\HIJACKTHIS SETUP.EXE-C1613C16.pf

flavallee · 28-Jun-2012, 05:15 PM **#10**

You didn't answer my question in post #7.

Don't forget about post #8.

------------------------------------------------------

ptstrawther · 28-Jun-2012, 05:18 PM **#11**

Sorry

I don't hear the ads any longer but the machine isn't connected to the internet right now. I will connect and then listen.

I updated the Java platform and removed the skpe app

flavallee · 28-Jun-2012, 05:26 PM **#12**

Click Start - Run, then type in

%temp% (% is the percent symbol in the number 5 key)

and then click OK.

Once that temp folder appears and you can view its contents, select and delete EVERYTHING that's inside it.

If a few files resist being deleted, that's normal behavior. Leave them alone and delete EVERYTHING else.

If a massive number of files are being deleted, the computer may appear to "hang". Be patient and wait for the deletion process to finish.

After it's done, restart the computer.

-----------------------------------------------------

ptstrawther · 28-Jun-2012, 05:32 PM **#13**

ok that has been completed.

flavallee · 28-Jun-2012, 05:37 PM **#14**

Quote:

Originally Posted by ptstrawther

ok that has been completed.

A large buildup of temp files can cause various problems, and that temp folder is a good place for "nasties" to hide.

That's why I consider it part of regular computer maintenance.

------------------------------------------------------

ptstrawther · 28-Jun-2012, 05:40 PM **#15**

excellent. So that should be it?

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Search
Search for:

Need help with possible virus

Find the solution to your computer problem!

Find the solution to your
computer problem!