1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

funmoods

Discussion in 'Virus & Other Malware Removal' started by esmereldafishwif, May 26, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. esmereldafishwif

    esmereldafishwif Thread Starter

    Joined:
    May 26, 2012
    Messages:
    6
    Hi there - I am having trouble following download of the funmoods tool bar. I play evony and I cannot seem to get onto it at all - it is like it is blocked. Even when i tried to get on the evony forums to find a solution the page would not load. I know its not evony because other people can log onto my account there and use it.

    I post the following reports I have made following your advice.

    Hijackthis

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 12:44:20, on 26/05/2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Windows\vVX1000.exe
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
    C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
    C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files (x86)\Packard Bell\Software Suite SE\SEDevDetect.exe
    C:\Program Files (x86)\STOPzilla!\STOPzilla.exe
    C:\Program Files (x86)\STOPzilla!\SZOptionsFlash.exe
    C:\Users\Lucy\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Lucy\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Lucy\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Lucy\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Users\Lucy\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
    Q:\140061.enu\Office14\EXCEL.EXE
    C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
    C:\Users\Lucy\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Lucy\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Lucy\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Lucy\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Lucy\Downloads\HijackThis.exe
    C:\Windows\SysWOW64\DllHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.msn.com/?ocid=OIE9HP
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=11...HP_ss&mntrId=f212666100000000000070f1a17d8f84
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr...xtreme_m5800&r=17361210i306pe4c5v125y5621213q
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx?tbid=80780&lng=en
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://toolbar.inbox.com/help/sa_customize.aspx?tbid=80780
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx?tbid=80780&lng=en
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox.com/help/sa_customize.aspx?tbid=80780
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - (no file)
    R3 - URLSearchHook: (no name) - {cc8ae5b8-005b-4b1a-a27d-307eddffe5c8} - (no file)
    F2 - REG:system.ini: UserInit=c:\windows\syswow64\userinit.exe,
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
    O3 - Toolbar: Recipe Hub - {cf51de5b-eb36-4114-bb69-84df63fbadb4} - (no file)
    O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O3 - Toolbar: (no name) - !{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - (no file)
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files (x86)\\Lexmark Fax Solutions\fm3032.exe" /s
    O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
    O4 - HKLM\..\Run: [Packard Bell Photo Frame] C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe -A
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKCU\..\Run: [Software Suite SE] "C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe" /run
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Lucy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [PC Cleaner] C:\Program Files (x86)\PC Cleaner\PCCLauncher.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Driver Detective] C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe /applicationMode:systemTray /showWelcome:false
    O4 - Startup: CurseClientStartup.ccip
    O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: &Search - http://tbedits.recipehub.com/one-to...04B3-9E59-4909-94FB-7FA0C018839B&n=2012050815
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O15 - Trusted Zone: *.clonewarsadventures.com
    O15 - Trusted Zone: *.freerealms.com
    O15 - Trusted Zone: *.soe.com
    O15 - Trusted Zone: *.sony.com
    O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: MSCamSvc - Unknown owner - C:\Program Files\Microsoft LifeCam\MSCamS64.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: STOPzilla Service (szserver) - iS3, Inc. - C:\Program Files (x86)\Common Files\iS3\Anti-Spyware\SZServer.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
    O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 14850 bytes


    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
    Run by Lucy at 12:47:43 on 2012-05-26
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3063.515 [GMT 1:00]
    .
    AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: STOPzilla Anti-Spyware *Enabled/Updated* {B2E69928-50DC-94CA-6A80-AAB054008761}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Program Files (x86)\Common Files\iS3\Anti-Spyware\SZServer.exe
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\atieclxx.exe
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Program Files\AVAST Software\Avast\afwServ.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\vVX1000.exe
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe
    C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe
    C:\OEM\USBDECTION\USBS3S4Detection.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
    C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
    C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Users\Lucy\AppData\Local\Apps\2.0\OX1VYE3V.02C\BCOWW0Z3.1R6\curs..tion_eee711038731a406_0004.0000_2bd39706d04e72c8\CurseClient.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\Packard Bell\Software Suite SE\SEDevDetect.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUI.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\WUDFHost.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\DllHost.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Users\Lucy\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Lucy\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Lucy\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Lucy\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Users\Lucy\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
    Q:\140061.enu\Office14\EXCEL.EXE
    C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
    C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    C:\Users\Lucy\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    C:\Users\Lucy\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Lucy\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Lucy\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\notepad.exe
    C:\Windows\SysWOW64\ctfmon.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://search.babylon.com/?affID=111803&tt=180312_cp2&babsrc=HP_ss&mntrId=f212666100000000000070f1a17d8f84
    uWindow Title = Internet Explorer, optimized for Bing and MSN
    uSearch Bar = hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language
    mDefault_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0809&m=ixtreme_m5800&r=17361210i306pe4c5v125y5621213q
    mStart Page = hxxp://home.sweetim.com
    mSearchAssistant = hxxp://toolbar.inbox.com/search/ie.aspx?tbid=80780&lng=en
    mCustomizeSearch = hxxp://toolbar.inbox.com/help/sa_customize.aspx?tbid=80780
    uURLSearchHooks: H - No File
    uURLSearchHooks: N/A: {cc8ae5b8-005b-4b1a-a27d-307eddffe5c8} -
    mWinlogon: Userinit=c:\windows\syswow64\userinit.exe,
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO: SweetIM Toolbar Helper: {eee6c35c-6118-11dc-9c72-001320c79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
    TB: Recipe Hub: {cf51de5b-eb36-4114-bb69-84df63fbadb4} -
    TB: SweetIM Toolbar for Internet Explorer: {eee6c35b-6118-11dc-9c72-001320c79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    TB: !{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No File
    TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
    uRun: [Software Suite SE] "C:\Program Files (x86)\Packard Bell\Software Suite SE\SoftSuiteSE.exe" /run
    uRun: [Google Update] "C:\Users\Lucy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [PC Cleaner] C:\Program Files (x86)\PC Cleaner\PCCLauncher.exe
    uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    uRun: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    uRun: [Driver Detective] C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe /applicationMode:systemTray /showWelcome:false
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [FaxCenterServer] "C:\Program Files (x86)\\Lexmark Fax Solutions\fm3032.exe" /s
    mRun: [Hotkey Utility] C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
    mRun: [Packard Bell Photo Frame] C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe -A
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
    mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    StartupFolder: C:\Users\Lucy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
    uPolicies-explorer: NoInstrumentation = 1 (0x1)
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: &Search - http://tbedits.recipehub.com/one-to...04B3-9E59-4909-94FB-7FA0C018839B&n=2012050815
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Trusted Zone: clonewarsadventures.com
    Trusted Zone: freerealms.com
    Trusted Zone: soe.com
    Trusted Zone: sony.com
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
    DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
    TCP: Interfaces\{065DA501-09EC-4E2C-9E5C-C2806652C19B}\34F6F6075627723702E4564777F627B6 : DhcpNameServer = 194.168.4.100 194.168.8.100
    TCP: Interfaces\{F0243EF4-9BD4-40DD-BE19-3B600CD5739B} : DhcpNameServer = 194.168.4.100 194.168.8.100
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO-X64: SkypeIEPluginBHO - No File
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO-X64: SweetIM Toolbar Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
    BHO-X64: SWEETIE - No File
    TB-X64: Recipe Hub: {cf51de5b-eb36-4114-bb69-84df63fbadb4} -
    TB-X64: SweetIM Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
    TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    TB-X64: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun-x64: [FaxCenterServer] "C:\Program Files (x86)\\Lexmark Fax Solutions\fm3032.exe" /s
    mRun-x64: [Hotkey Utility] C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
    mRun-x64: [Packard Bell Photo Frame] C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe -A
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun-x64: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
    mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Lucy\AppData\Roaming\Mozilla\Firefox\Profiles\b0gx4h6n.default\
    FF - prefs.js: browser.search.defaulturl -
    FF - prefs.js: browser.startup.homepage - www.google.com
    FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1339827&SearchSource=2&q=
    FF - prefs.js: network.proxy.type - 0
    FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\coFFPlgn\components\coFFPlgn.dll
    FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\IPSFFPlgn\components\IPSFFPl.dll
    FF - component: C:\Users\Lucy\AppData\Roaming\Mozilla\Firefox\Profiles\b0gx4h6n.default\extensions\{1aec5771-fcd6-4537-a6b7-5f1935fd527c}\components\RadioWMPCoreGecko19.dll
    FF - component: C:\Users\Lucy\AppData\Roaming\Mozilla\Firefox\Profiles\b0gx4h6n.default\extensions\[email protected]\components\RadioWMPCoreGecko19.dll
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\NP2jStub.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Users\Lucy\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
    FF - plugin: C:\Users\Lucy\AppData\Roaming\Mozilla\Firefox\Profiles\b0gx4h6n.default\extensions\{b67fa914-5d1d-4bea-97f0-87798333ad72}\plugins\np-mswmp.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: extentions.y2layers.installId - 818454ce-e09d-4afc-a0b6-577d348f0877
    FF - user.js: extensions.funmoods.autoRvrt - false
    FF - user.js: extensions.funmoods.srchPrvdr - Search
    FF - user.js: extensions.funmoods.newTabUrl - hxxp://start.funmoods.com/?f=2&a=bf4
    FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://start.funmoods.com/results.php?f=3&a=bf4&q=
    FF - user.js: extensions.funmoods.id - f212666100000000000070f1a17d8f84
    FF - user.js: extensions.funmoods.instlDay - 15461
    FF - user.js: extensions.funmoods.vrsn - 1.5.19.3
    FF - user.js: extensions.funmoods.vrsni - 1.5.19.3
    FF - user.js: extensions.funmoods.prtnrId - funmoods
    FF - user.js: extensions.funmoods.prdct - funmoods
    FF - user.js: extensions.funmoods.aflt - bf4
    FF - user.js: extensions.funmoods.tlbrId - base
    FF - user.js: extensions.funmoods.instlRef -
    FF - user.js: extensions.funmoods.dfltLng -
    FF - user.js: extensions.funmoods.excTlbr - false
    FF - user.js: extensions.funmoods.admin - false
    FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111803&tt=180312_cp2
    FF - user.js: extensions.BabylonToolbar_i.babExt -
    FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
    FF - user.js: extensions.BabylonToolbar_i.id - f212666100000000000070f1a17d8f84
    FF - user.js: extensions.BabylonToolbar_i.hardId - f212666100000000000070f1a17d8f84
    FF - user.js: extensions.BabylonToolbar_i.instlDay - 15463
    FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
    FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
    FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.175:59:38
    FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
    FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
    FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
    FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
    FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
    FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
    FF - user.js: extensions.funmoods_i.hmpg - true
    FF - user.js: extensions.funmoods_i.hmpgUrl - hxxp://start.funmoods.com/?f=1&a=axl
    FF - user.js: extensions.funmoods_i.dfltSrch - true
    FF - user.js: extensions.funmoods_i.srchPrvdr - Search
    FF - user.js: extensions.funmoods_i.dnsErr - true
    FF - user.js: extensions.funmoods_i.newTabUrl - hxxp://start.funmoods.com/?f=2&a=axl
    FF - user.js: extensions.funmoods_i.newTab - false
    FF - user.js: extensions.funmoods_i.tlbrSrchUrl - hxxp://start.funmoods.com/results.php?f=3&a=axl&q=
    FF - user.js: extensions.funmoods_i.id - f212666100000000000070f1a17d8f84
    FF - user.js: extensions.funmoods_i.instlDay - 15481
    FF - user.js: extensions.funmoods_i.vrsn - 1.5.11.16
    FF - user.js: extensions.funmoods_i.vrsni - 1.5.11.16
    FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.11.1623:05:30
    FF - user.js: extensions.funmoods_i.prtnrId - funmoods
    FF - user.js: extensions.funmoods_i.prdct - funmoods
    FF - user.js: extensions.funmoods_i.aflt - axl
    FF - user.js: extensions.funmoods_i.smplGrp - none
    FF - user.js: extensions.funmoods_i.tlbrId - base
    FF - user.js: extensions.funmoods_i.instlRef -
    FF - user.js: extensions.funmoods_i.dfltLng -
    FF - user.js: extensions.funmoods_i.excTlbr - false
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 aswNdis;avast! Firewall NDIS Filter Service;C:\Windows\system32\DRIVERS\aswNdis.sys --> C:\Windows\system32\DRIVERS\aswNdis.sys [?]
    R0 aswNdis2;avast! Firewall Core Firewall Service;C:\Windows\system32\drivers\aswNdis2.sys --> C:\Windows\system32\drivers\aswNdis2.sys [?]
    R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
    R1 aswFW;avast! TDI Firewall driver;C:\Windows\system32\drivers\aswFW.sys --> C:\Windows\system32\drivers\aswFW.sys [?]
    R1 aswKbd;aswKbd;C:\Windows\system32\drivers\aswKbd.sys --> C:\Windows\system32\drivers\aswKbd.sys [?]
    R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
    R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
    R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
    R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-4-20 44768]
    R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2012-5-9 134920]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
    R2 Greg_Service;GRegService;C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [2009-8-28 1150496]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
    R2 Updater Service;Updater Service;C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-3-29 243232]
    R2 USBS3S4Detection;USBS3S4Detection;C:\OEM\USBDECTION\USBS3S4Detection.exe [2009-12-10 76320]
    R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
    R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
    R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
    R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
    R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
    R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
    R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
    R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
    S1 SBRE;SBRE;\??\C:\Windows\system32\drivers\SBREdrv.sys --> C:\Windows\system32\drivers\SBREdrv.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-22 135664]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-4-5 158856]
    S3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-9 169312]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-3 257696]
    S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-22 135664]
    S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
    S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-22 129976]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    .
    =============== Created Last 30 ================
    .
    2012-05-26 10:24:20 -------- d-----w- C:\Windows\pss
    2012-05-26 09:49:38 -------- d-----w- C:\Users\Lucy\AppData\Local\{91FA771B-FDC5-4BA1-ACDC-518C517A1F07}
    2012-05-26 09:48:59 -------- d-----w- C:\Users\Lucy\AppData\Local\{45CCB84B-D90C-4CC2-B2E5-D5DC58D0CF19}
    2012-05-26 05:48:01 0 ----a-w- C:\Windows\SysWow64\sho152E.tmp
    2012-05-26 05:37:41 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2012-05-25 21:35:35 -------- d-----w- C:\Users\Lucy\AppData\Local\{EA1F93CF-10EE-4104-9094-1557A891ABD3}
    2012-05-25 21:35:12 -------- d-----w- C:\Users\Lucy\AppData\Local\{8C2444E4-A76F-4D8B-A13C-A4421C67B527}
    2012-05-25 20:48:34 -------- d-----w- C:\Users\Lucy\AppData\Roaming\Malwarebytes
    2012-05-25 20:48:30 -------- d-----w- C:\ProgramData\Malwarebytes
    2012-05-25 20:48:29 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2012-05-25 20:17:53 -------- d-----w- C:\Users\Lucy\AppData\Local\{59C023BC-1DBC-439E-B670-66112A55BE84}
    2012-05-25 20:17:22 -------- d-----w- C:\Users\Lucy\AppData\Local\{21AD6584-CD0E-4AAE-8295-0E3FE87388EA}
    2012-05-24 20:03:14 -------- d-----w- C:\Users\Lucy\AppData\Local\{46F1B9F1-1FB1-4E30-872E-B7EF754DB065}
    2012-05-24 20:03:02 -------- d-----w- C:\Users\Lucy\AppData\Local\{E30D47EF-6AF0-4447-8484-8BAEF9324FE1}
    2012-05-23 18:11:53 -------- d-----w- C:\Users\Lucy\AppData\Local\{D9DC2AA3-4114-459B-9798-ECC16EC62C9C}
    2012-05-23 18:11:30 -------- d-----w- C:\Users\Lucy\AppData\Local\{4A894754-DC91-4EBE-95F5-792A6D82D4EE}
    2012-05-22 18:35:05 -------- d-----w- C:\Users\Lucy\AppData\Local\{9560901D-3418-47E1-9549-82CBC33C5FD8}
    2012-05-22 18:34:46 -------- d-----w- C:\Users\Lucy\AppData\Local\{4B7D232E-9871-4006-B13D-C804002C0937}
    2012-05-22 06:34:09 -------- d-----w- C:\Users\Lucy\AppData\Local\{FE16FD46-AF8D-485E-8875-56E78E3DDDFC}
    2012-05-22 06:33:53 -------- d-----w- C:\Users\Lucy\AppData\Local\{635E83ED-299A-46AC-AD47-F92D0CB5A59E}
    2012-05-21 22:02:34 -------- d-----w- C:\Program Files (x86)\FYZip
    2012-05-21 18:33:20 -------- d-----w- C:\Users\Lucy\AppData\Local\{86F1ECB7-713C-4790-8B4E-42D3102FCD3B}
    2012-05-21 18:32:46 -------- d-----w- C:\Users\Lucy\AppData\Local\{6463FEE1-0C93-49B1-BD14-FB6EC81235F2}
    2012-05-20 13:40:04 -------- d-----w- C:\Users\Lucy\AppData\Local\{8F79BC1E-B8E2-40B9-BB87-92ECB2913945}
    2012-05-20 13:39:34 -------- d-----w- C:\Users\Lucy\AppData\Local\{8C727B85-216D-4B82-B3DB-2D2F22256B63}
    2012-05-20 13:36:07 -------- d-----w- C:\Users\Lucy\AppData\Local\{1459C90C-7D53-4C58-BA02-0E406C1024AE}
    2012-05-20 13:35:06 -------- d-----w- C:\Users\Lucy\AppData\Local\{60497723-4FDA-400C-9ED4-A1CC236C6385}
    2012-05-19 10:26:40 -------- d-----w- C:\Users\Lucy\AppData\Local\{78B309BB-73B1-4A32-9EBB-97164752818C}
    2012-05-19 10:26:25 -------- d-----w- C:\Users\Lucy\AppData\Local\{AE6A2B49-59E8-4FDE-9331-665113B62C37}
    2012-05-19 10:20:50 -------- d-----w- C:\Program Files (x86)\ATI Technologies
    2012-05-19 10:17:45 -------- d-----w- C:\Program Files\ATI Technologies
    2012-05-19 10:14:01 -------- d-----w- C:\AMD
    2012-05-19 10:08:44 -------- d-----w- C:\ProgramData\PC Drivers HeadQuarters
    2012-05-19 10:07:54 -------- d-----w- C:\Program Files (x86)\PC Drivers HeadQuarters
    2012-05-19 08:42:04 -------- d-----w- C:\Program Files (x86)\Diablo III
    2012-05-19 08:40:36 -------- d-----w- C:\ProgramData\Battle.net
    2012-05-18 21:41:27 -------- d-----w- C:\Users\Lucy\AppData\Local\{82C33707-7487-4491-BD88-95DCD40F59E5}
    2012-05-18 21:41:03 -------- d-----w- C:\Users\Lucy\AppData\Local\{E4479773-EA81-4D2E-BF54-87FE10404AA7}
    2012-05-17 19:52:21 -------- d-----w- C:\Users\Lucy\AppData\Local\{F9416F68-6DEB-4435-AE84-C588EFF21B4B}
    2012-05-17 19:51:42 -------- d-----w- C:\Users\Lucy\AppData\Local\{1C92F848-8A2F-4548-8F3F-F9CF8B5F2446}
    2012-05-16 17:59:48 -------- d-----w- C:\Users\Lucy\AppData\Local\{89DBD7A1-9EFE-498E-91F5-89116F5D982C}
    2012-05-16 17:59:21 -------- d-----w- C:\Users\Lucy\AppData\Local\{E8EFB33C-522A-443A-AB61-06641F1DE805}
    2012-05-15 15:31:09 -------- d-----w- C:\Users\Lucy\AppData\Local\{F3C42559-F9E2-4D46-8ABA-DC0F4F2C468C}
    2012-05-15 15:30:19 -------- d-----w- C:\Users\Lucy\AppData\Local\{4E322D68-F9A8-4579-B319-FE0C109994C1}
    2012-05-14 18:29:47 -------- d-----w- C:\Users\Lucy\AppData\Local\{767A6F53-E6D9-48E0-AA7C-656190EE8880}
    2012-05-14 18:29:02 -------- d-----w- C:\Users\Lucy\AppData\Local\{3F4FE7FF-C57B-48B4-8C85-22837845D4A3}
    2012-05-13 13:09:14 -------- d-----w- C:\Users\Lucy\AppData\Local\{A7E574A1-E5EB-4172-8327-6BE8E482E08D}
    2012-05-13 13:08:59 -------- d-----w- C:\Users\Lucy\AppData\Local\{1DCB4804-663C-4EF5-88D8-AAADC7E367EA}
    2012-05-12 22:00:40 -------- d-----w- C:\Users\Lucy\AppData\Local\{66431E9A-47EB-4F8C-AD89-9B9473D2A18C}
    2012-05-12 21:59:39 -------- d-----w- C:\Users\Lucy\AppData\Local\{60764E00-66C8-466B-9A2E-5E804CBBF9EE}
    2012-05-11 20:24:10 -------- d-----w- C:\Users\Lucy\AppData\Local\{605F7ACC-B1E6-4E4D-883B-B82F4B20B90A}
    2012-05-11 20:23:56 -------- d-----w- C:\Users\Lucy\AppData\Local\{8E723C3D-61E1-4AD8-85C0-0424F0413B28}
    2012-05-10 20:31:13 -------- d-----w- C:\Users\Lucy\AppData\Local\{80F263EA-CFC3-4325-9216-637C1D57DB6C}
    2012-05-10 20:30:48 -------- d-----w- C:\Users\Lucy\AppData\Local\{B443DEBB-DE82-42F2-9A12-98B6212A41C0}
    2012-05-09 19:04:26 141144 ----a-w- C:\Windows\System32\drivers\aswFW.sys
    2012-05-09 19:04:15 28504 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
    2012-05-09 19:04:15 258904 ----a-w- C:\Windows\System32\drivers\aswNdis2.sys
    2012-05-09 19:04:14 12368 ----a-w- C:\Windows\System32\drivers\aswNdis.sys
    2012-05-09 07:30:37 -------- d-----w- C:\Users\Lucy\AppData\Local\{F1BEADAB-5743-43DF-8FF6-F69E3474E2D6}
    2012-05-09 07:30:15 -------- d-----w- C:\Users\Lucy\AppData\Local\{082607AA-CB30-4E81-8F10-99E424A71ECA}
    2012-05-09 00:56:24 1544704 ----a-w- C:\Windows\System32\DWrite.dll
    2012-05-09 00:56:24 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
    2012-05-09 00:56:21 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2012-05-09 00:56:19 3146240 ----a-w- C:\Windows\System32\win32k.sys
    2012-05-09 00:56:18 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2012-05-09 00:56:17 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2012-05-09 00:55:57 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
    2012-05-09 00:55:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2012-05-09 00:55:44 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
    2012-05-09 00:55:44 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
    2012-05-09 00:55:44 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
    2012-05-09 00:55:43 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
    2012-05-09 00:55:43 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
    2012-05-08 19:43:40 -------- d--h--w- C:\ProgramData\Common Files
    2012-05-08 19:29:36 -------- d-----w- C:\Users\Lucy\AppData\Local\{CD58CC95-81D8-4271-A864-2328968EF186}
    2012-05-08 19:28:53 -------- d-----w- C:\Users\Lucy\AppData\Local\{3E96B028-56B8-4AEE-8EB4-7E1AED767C2E}
    2012-05-07 13:40:21 -------- d-----w- C:\Users\Lucy\AppData\Local\{0592968E-2D0F-4970-8BF5-47C4F7DCB352}
    2012-05-07 13:39:39 -------- d-----w- C:\Users\Lucy\AppData\Local\{1BC55AD8-6410-40E2-AB69-8C689DAD0368}
    2012-05-06 14:04:48 -------- d-----w- C:\Users\Lucy\AppData\Local\{FA1DEA2F-00AC-4AAD-956A-3CDF9A53BE91}
    2012-05-06 14:04:37 -------- d-----w- C:\Users\Lucy\AppData\Local\{D04AE3F3-F5CF-485D-9A66-C378999B6783}
    2012-05-03 19:26:34 57976 ----a-r- C:\Windows\System32\drivers\SBREDrv.sys
    2012-05-03 19:26:32 -------- d-----w- C:\Program Files (x86)\STOPzilla!
    2012-05-03 19:26:31 -------- d-----w- C:\ProgramData\STOPzilla!
    2012-05-03 19:26:31 -------- d-----w- C:\Program Files (x86)\Common Files\iS3
    2012-05-03 18:48:32 -------- d-----w- C:\Users\Lucy\AppData\Local\{4FE68127-E3B9-44A3-B7D2-6DEFF4EA78D9}
    2012-05-03 18:48:20 -------- d-----w- C:\Users\Lucy\AppData\Local\{9559673F-4989-4FE7-BD53-7231137C5BFB}
    2012-05-03 04:52:24 -------- d-----w- C:\Users\Lucy\AppData\Local\{869D28B2-2615-40C1-A03A-C8B1AC5017FE}
    2012-05-03 04:51:52 -------- d-----w- C:\Users\Lucy\AppData\Local\{296C9454-CE74-4ADF-9924-C943CC53EFBD}
    2012-05-01 18:32:50 -------- d-----w- C:\Program Files\Babylon
    2012-05-01 18:17:13 -------- d-----w- C:\ProgramData\Premium
    2012-05-01 18:17:03 -------- d-----w- C:\Program Files (x86)\wxDownload Fast
    2012-05-01 18:16:58 -------- d-----w- C:\ProgramData\wxDfast
    2012-05-01 18:16:43 -------- d-----w- C:\ProgramData\InstallMate
    2012-05-01 18:10:27 -------- d-----w- C:\Users\Lucy\AppData\Local\Ilivid Player
    2012-05-01 18:10:07 -------- d-----w- C:\Program Files (x86)\iLivid
    2012-05-01 17:57:38 -------- d-----w- C:\Users\Lucy\AppData\Local\{DE6132FC-0009-4308-8259-2ACE3583A7BB}
    2012-05-01 17:57:12 -------- d-----w- C:\Users\Lucy\AppData\Local\{20472BB1-11F0-45D5-A3E8-B6AEE4CB7066}
    2012-04-30 20:56:35 -------- d-----w- C:\Users\Lucy\AppData\Local\{E44B0A46-7196-4062-BB82-A043E8A3DA77}
    2012-04-30 20:56:07 -------- d-----w- C:\Users\Lucy\AppData\Local\{919C5D86-27FD-47F2-8D81-8897D0445C14}
    2012-04-29 08:57:45 -------- d-----w- C:\Users\Lucy\AppData\Local\{B7F7E1B7-4759-482E-8B6E-73904534ACEF}
    2012-04-29 08:57:32 -------- d-----w- C:\Users\Lucy\AppData\Local\{5F9AB539-E6E1-4F91-9BDE-A62F094852A0}
    2012-04-28 12:16:06 -------- d-----w- C:\Users\Lucy\AppData\Local\{5F9734DC-268F-4E1E-811A-BD7241EB7F2B}
    2012-04-28 12:15:33 -------- d-----w- C:\Users\Lucy\AppData\Local\{39BFF8A7-A6B1-4166-BFE9-FA9AFC63FE94}
    2012-04-27 04:48:18 -------- d-----w- C:\Users\Lucy\AppData\Local\{ECCC2DD7-1C19-433A-8C07-30AEFEC431FA}
    2012-04-27 04:47:36 -------- d-----w- C:\Users\Lucy\AppData\Local\{A4520541-EB5B-4AFA-BC68-983F705829E2}
    .
    ==================== Find3M ====================
    .
    2012-05-05 07:25:10 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-05-05 07:25:10 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-05-05 07:25:04 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
    2012-04-25 10:35:32 23376 ----a-r- C:\Windows\SysWow64\SZIO5.dll
    2012-04-25 10:35:22 546640 ----a-r- C:\Windows\SysWow64\SZComp5.dll
    2012-04-25 10:35:16 481104 ----a-r- C:\Windows\SysWow64\SZBase5.dll
    2012-04-19 16:39:44 29008 ----a-r- C:\Windows\SysWow64\IS3XDat5.dll
    2012-04-19 16:39:44 231248 ----a-r- C:\Windows\SysWow64\IS3Win325.dll
    2012-04-19 16:39:42 390992 ----a-r- C:\Windows\SysWow64\IS3UI5.dll
    2012-04-19 16:39:42 100176 ----a-r- C:\Windows\SysWow64\IS3Svc5.dll
    2012-04-19 16:39:36 104272 ----a-r- C:\Windows\SysWow64\IS3Inet5.dll
    2012-04-19 16:39:34 67408 ----a-r- C:\Windows\SysWow64\IS3Hks5.dll
    2012-04-19 16:39:34 132944 ----a-r- C:\Windows\SysWow64\IS3HTUI5.dll
    2012-04-19 16:39:32 456528 ----a-r- C:\Windows\SysWow64\IS3DBA5.dll
    2012-04-19 16:39:30 808784 ----a-r- C:\Windows\SysWow64\IS3Base5.dll
    2012-04-06 05:22:40 11174400 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
    2012-04-06 02:22:00 159744 ----a-w- C:\Windows\System32\atiapfxx.exe
    2012-04-06 02:21:52 909312 ----a-w- C:\Windows\SysWow64\aticfx32.dll
    2012-04-06 02:20:04 1067520 ----a-w- C:\Windows\System32\aticfx64.dll
    2012-04-06 02:16:52 442368 ----a-w- C:\Windows\System32\ATIDEMGX.dll
    2012-04-06 02:16:46 503808 ----a-w- C:\Windows\System32\atieclxx.exe
    2012-04-06 02:16:02 236544 ----a-w- C:\Windows\System32\atiesrxx.exe
    2012-04-06 02:14:44 120320 ----a-w- C:\Windows\System32\atitmm64.dll
    2012-04-06 02:14:30 21504 ----a-w- C:\Windows\System32\atimuixx.dll
    2012-04-06 02:14:26 59392 ----a-w- C:\Windows\System32\atiedu64.dll
    2012-04-06 02:14:20 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
    2012-04-06 02:13:42 6800896 ----a-w- C:\Windows\SysWow64\atidxx32.dll
    2012-04-06 02:10:50 26181632 ----a-w- C:\Windows\System32\atio6axx.dll
    2012-04-06 02:00:10 64000 ----a-w- C:\Windows\System32\coinst.dll
    2012-04-06 01:54:46 7479296 ----a-w- C:\Windows\System32\atidxx64.dll
    2012-04-06 01:50:56 19753984 ----a-w- C:\Windows\SysWow64\atioglxx.dll
    2012-04-06 01:35:24 1120768 ----a-w- C:\Windows\System32\atiumd6v.dll
    2012-04-06 01:34:50 1831424 ----a-w- C:\Windows\SysWow64\atiumdmv.dll
    2012-04-06 01:34:34 4731904 ----a-w- C:\Windows\System32\atiumd6a.dll
    2012-04-06 01:34:04 6203392 ----a-w- C:\Windows\SysWow64\atiumdag.dll
    2012-04-06 01:30:16 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
    2012-04-06 01:30:14 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
    2012-04-06 01:30:08 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
    2012-04-06 01:30:06 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
    2012-04-06 01:29:54 16090624 ----a-w- C:\Windows\System32\aticaldd64.dll
    2012-04-06 01:25:30 13764096 ----a-w- C:\Windows\SysWow64\aticaldd.dll
    2012-04-06 01:23:24 7431680 ----a-w- C:\Windows\System32\atiumd64.dll
    2012-04-06 01:22:54 4795904 ----a-w- C:\Windows\SysWow64\atiumdva.dll
    2012-04-06 01:11:28 514560 ----a-w- C:\Windows\System32\atiadlxx.dll
    2012-04-06 01:11:20 360448 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
    2012-04-06 01:11:06 17408 ----a-w- C:\Windows\System32\atig6pxx.dll
    2012-04-06 01:11:04 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
    2012-04-06 01:11:04 14848 ----a-w- C:\Windows\System32\atiglpxx.dll
    2012-04-06 01:11:00 41984 ----a-w- C:\Windows\System32\atig6txx.dll
    2012-04-06 01:10:52 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll
    2012-04-06 01:10:44 343040 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
    2012-04-06 01:09:56 54784 ----a-w- C:\Windows\System32\atiuxp64.dll
    2012-04-06 01:09:48 41984 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
    2012-04-06 01:09:42 44544 ----a-w- C:\Windows\System32\atiu9p64.dll
    2012-04-06 01:09:34 32256 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
    2012-04-06 01:09:02 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
    2012-04-06 01:06:08 54784 ----a-w- C:\Windows\System32\atimpc64.dll
    2012-04-06 01:06:08 54784 ----a-w- C:\Windows\System32\amdpcom64.dll
    2012-04-06 01:06:04 53760 ----a-w- C:\Windows\SysWow64\atimpc32.dll
    2012-04-06 01:06:04 53760 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
    2012-03-08 17:50:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll
    2012-03-08 17:37:20 302448 ----a-w- C:\Windows\WLXPGSS.SCR
    2012-03-06 23:15:19 41184 ----a-w- C:\Windows\avastSS.scr
    2012-03-06 23:04:06 819032 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
    2012-03-06 23:02:20 53080 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
    2012-03-06 23:01:52 69976 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
    2012-03-02 22:41:49 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2012-03-01 06:46:16 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
    2012-03-01 06:38:27 220672 ----a-w- C:\Windows\System32\wintrust.dll
    2012-03-01 06:33:50 81408 ----a-w- C:\Windows\System32\imagehlp.dll
    2012-03-01 06:28:47 5120 ----a-w- C:\Windows\System32\wmi.dll
    2012-03-01 05:37:41 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
    2012-03-01 05:33:23 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
    2012-03-01 05:29:16 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
    2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll
    2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll
    2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
    2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
    2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    .
    ============= FINISH: 12:48:31.89 ===============

    i think i have also attached the attach file but i'm blonde (sorry)
    Thanks for your time
     
  2. esmereldafishwif

    esmereldafishwif Thread Starter

    Joined:
    May 26, 2012
    Messages:
    6
    Sorry I forgot to say i thought i had uninstalled the funmood but obviously i haven't but it does not appear now in the control panel.
     
  3. esmereldafishwif

    esmereldafishwif Thread Starter

    Joined:
    May 26, 2012
    Messages:
    6
    Oh and also i have run malware anti malware programme and also scanned with avast and nothing changes the situation. Also tried running evony in another browser chrome with the same result
     
  4. esmereldafishwif

    esmereldafishwif Thread Starter

    Joined:
    May 26, 2012
    Messages:
    6
  5. esmereldafishwif

    esmereldafishwif Thread Starter

    Joined:
    May 26, 2012
    Messages:
    6
  6. esmereldafishwif

    esmereldafishwif Thread Starter

    Joined:
    May 26, 2012
    Messages:
    6
  7. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    10,148
    Run the following and post the logs:

    Download OTL from any of the following links and save to your desktop.

    Link 1
    Link 2
    Link3

    Double click the icon to start the tool. (Note: If you are running on Vista or Windows 7, right-click on the file and choose Run As Administrator).

    • Please check the box next to "LOP check" and "Purtiy check"
    • Click Run Scan and let the program run uninterrupted.
    • When the scan is complete, two text files will be created on your Desktop.
    • OTL.Txt <- this one will be opened
    • Extras.txt <- this one will be minimized

    Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of OTL.Txt and the Extras.txt in your next reply.

    Kevin..
     
  8. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1054676