1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Need help with possible virus

Discussion in 'Virus & Other Malware Removal' started by ptstrawther, Jun 24, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. ptstrawther

    ptstrawther Thread Starter

    Joined:
    Jun 24, 2012
    Messages:
    22
    The computer is playing various advertising commercials while browsing on the web. I think I am being redirected to other websites as well.

    I have disconnected the infected PC from my network and I have completed the following logs. I have also have run malware bytes in safe-mode but the results came back with no infected files.

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 7:47:43 PM, on 6/24/2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16446)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120623122548.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
    O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
    O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    O4 - HKLM\..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
    O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    O4 - HKLM\..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
    O4 - HKCU\..\Run: [EPSON Stylus CX9400Fax Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICFA.EXE /FU "C:\Windows\TEMP\E_S2E8E.tmp" /EF "HKCU"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
    O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files (x86)\Canon\CAL\CALMAIN.exe
    O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe
    O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
    O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Dell DataSafe Online (NOBU) - Dell, Inc. - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 11404 bytes



    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421
    Run by LTatum at 19:49:19 on 2012-06-24
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4061.2704 [GMT -5:00]
    .
    AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
    FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Program Files\Dell\DellDock\DockLogin.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    C:\Windows\system32\mfevtps.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
    C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Canon\CAL\CALMAIN.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files\Microsoft IntelliType Pro\itype.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
    C:\Program Files\Dell\DellDock\DellDock.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Program Files\mcafee.com\agent\mcagent.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\WUDFHost.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Windows\System32\svchost.exe -k swprv
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\REGSVR32.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    mWinlogon: Userinit=userinit.exe,
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120623122548.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    uRun: [EPSON Stylus CX9400Fax Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICFA.EXE /FU "C:\Windows\TEMP\E_S2E8E.tmp" /EF "HKCU"
    mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
    mRun: [<NO NAME>]
    mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
    StartupFolder: C:\Users\LTatum\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorUser = 0 (0x0)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Trusted Zone: intuit.com\ttlc
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{6D799951-6725-458A-A13A-71550E12849B} : DhcpNameServer = 192.168.1.1
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\msc\McSnIePl.dll
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120623122548.dll
    BHO-X64: scriptproxy - No File
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO-X64: SkypeIEPluginBHO - No File
    BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    BHO-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    BHO-X64: Ask Toolbar BHO - No File
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    TB-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun-x64: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
    mRun-x64: [(Default)]
    mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
    R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
    R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
    R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\system32\DRIVERS\ctxusbm.sys --> C:\Windows\system32\DRIVERS\ctxusbm.sys [?]
    R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
    R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2010-1-11 155648]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-1-5 13336]
    R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-12-22 249936]
    R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-12-22 249936]
    R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-12-22 249936]
    R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-12-22 249936]
    R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2011-12-22 199272]
    R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2011-12-22 210584]
    R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]
    R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
    R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
    R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers\IntcHdmi.sys [?]
    R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
    R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
    R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
    R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
    R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-12 257224]
    S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
    S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe [2010-9-3 227232]
    S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S4 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-8-25 13672]
    S4 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-9-4 1116656]
    S4 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-9-4 219632]
    S4 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-1-5 1692480]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2012-06-24 23:05:14 388096 ----a-r- C:\Users\LTatum\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2012-06-24 23:05:13 -------- d-----w- C:\Program Files (x86)\Trend Micro
    2012-06-24 19:28:08 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2012-06-22 20:01:09 -------- d-----w- C:\Program Files (x86)\Nmap
    2012-06-22 20:01:08 -------- d-----w- C:\ProgramData\XDMessaging
    2012-06-22 20:00:59 -------- d-----w- C:\Program Files (x86)\iYogi
    2012-06-22 19:56:33 -------- d-----w- C:\Program Files (x86)\PC Optimizer Renewal
    2012-06-22 12:27:15 -------- d-----w- C:\Users\LTatum\AppData\Local\{375150A6-E68B-4095-8B8E-C76034D7CA2D}
    2012-06-22 12:27:04 -------- d-----w- C:\Users\LTatum\AppData\Local\{46BE565E-40D6-4DC0-8A75-A4DD4D7F2928}
    2012-06-22 06:15:45 2622464 ----a-w- C:\Windows\System32\wucltux.dll
    2012-06-22 06:15:35 99840 ----a-w- C:\Windows\System32\wudriver.dll
    2012-06-22 06:15:26 36864 ----a-w- C:\Windows\System32\wuapp.exe
    2012-06-22 06:15:26 186752 ----a-w- C:\Windows\System32\wuwebv.dll
    2012-06-22 00:37:30 -------- d-----w- C:\Windows\pss
    2012-06-21 23:37:53 -------- dc-h--w- C:\ProgramData\{CBCE2F73-24E4-481F-84B2-1A5EB720D187}
    2012-06-21 23:37:05 -------- d-----w- C:\Users\LTatum\AppData\Local\PackageAware
    2012-06-21 22:07:57 -------- d-----w- C:\APCT
    2012-06-21 22:07:44 -------- d-----w- C:\Users\LTatum\AppData\Roaming\iYogi
    2012-06-21 22:03:31 77312 ----a-w- C:\Windows\SysWow64\ztvunace26.dll
    2012-06-21 22:03:31 75264 ----a-w- C:\Windows\SysWow64\unacev2.dll
    2012-06-21 22:03:31 69632 ----a-w- C:\Windows\SysWow64\ztvcabinet.dll
    2012-06-21 22:03:31 162304 ----a-w- C:\Windows\SysWow64\ztvunrar36.dll
    2012-06-21 22:03:31 153088 ----a-w- C:\Windows\SysWow64\UNRAR3.dll
    2012-06-21 22:03:30 -------- d-----w- C:\ProgramData\Simply Super Software
    2012-06-21 22:03:30 -------- d-----w- C:\Program Files (x86)\Trojan Remover
    2012-06-21 22:01:51 279317322 ----a-w- C:\backup.reg
    2012-06-21 20:52:38 -------- d-----w- C:\Users\LTatum\AppData\Roaming\QuickScan
    2012-06-21 20:51:58 -------- d-----w- C:\ProgramData\SmartPCScan
    2012-06-21 20:48:05 -------- d-----w- C:\Users\LTatum\AppData\Roaming\Malwarebytes
    2012-06-21 20:47:54 -------- d-----w- C:\ProgramData\Malwarebytes
    2012-06-21 20:42:41 -------- d-----w- C:\Program Files (x86)\iYogi Support Dock
    2012-06-21 15:49:55 -------- d-----w- C:\Users\LTatum\AppData\Local\{C0F7B890-3548-4A26-9CE2-5367DF41320C}
    2012-06-21 15:49:45 -------- d-----w- C:\Users\LTatum\AppData\Local\{344AE900-3109-4B43-9021-5137C7DC8026}
    2012-06-21 15:45:42 -------- d-----w- C:\Windows\en
    2012-06-21 15:43:27 19736 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
    2012-06-21 15:40:29 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2f3254491cd4fc406\DXSETUP.exe
    2012-06-21 15:40:29 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2f3254491cd4fc406\dsetup32.dll
    2012-06-21 15:40:29 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2fb53ff81cd4fc407\MeshBetaRemover.exe
    2012-06-21 15:40:28 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2f3254491cd4fc406\DSETUP.dll
    2012-06-21 15:40:23 -------- d-----w- C:\Users\LTatum\AppData\Local\{7613BE45-5167-4D6D-8465-3D2DC8C87F0B}
    2012-06-21 15:39:47 -------- d-----w- C:\Users\LTatum\AppData\Local\{69DB9448-5722-4430-98CF-3824E84FD0BC}
    2012-06-21 15:39:36 -------- d-----w- C:\Users\LTatum\AppData\Local\{256CF503-EA63-4490-96FC-4C34FEC2F828}
    2012-06-19 20:59:30 -------- d-----w- C:\Users\LTatum\AppData\Local\{CDF3701A-B43D-4491-9607-8913FF34BF57}
    2012-06-19 20:59:14 -------- d-----w- C:\Users\LTatum\AppData\Local\{A7898F41-25D1-4F03-80DE-5AAD645A5474}
    2012-06-18 12:03:12 -------- d-----w- C:\Users\LTatum\AppData\Local\{5D089F18-C2DD-4149-B937-60063D653EE6}
    2012-06-17 19:06:31 -------- d-----w- C:\Users\LTatum\AppData\Local\{32FF978D-99D9-4167-87C8-0641E375CA9D}
    2012-06-16 12:35:42 -------- d-----w- C:\Users\LTatum\AppData\Local\{6577763D-8202-491A-9A0B-EA711027379E}
    2012-06-16 00:31:53 -------- d-----w- C:\Users\LTatum\AppData\Local\{2F2A4189-ED9C-4474-AB82-3DE3689EDFA5}
    2012-06-13 14:36:06 -------- d-----w- C:\Users\LTatum\AppData\Local\{DF1D5D66-3369-4446-8DC7-8BC8D024B3E9}
    2012-06-13 14:35:56 -------- d-----w- C:\Users\LTatum\AppData\Local\{917F9E9F-994D-48C1-AFE4-D9B8E703C5CF}
    2012-06-13 14:17:15 -------- d-----w- C:\Users\LTatum\AppData\Local\{CEC0AAE8-3CAC-4C6C-A9DB-9AFFE4B4F405}
    2012-06-13 14:17:05 -------- d-----w- C:\Users\LTatum\AppData\Local\{56841181-5AA1-4C0E-9692-5C0BDEC4F0AA}
    2012-06-13 13:48:10 -------- d-----w- C:\Users\LTatum\AppData\Local\{F9AE8D07-A034-4D89-AC2B-033A61BF92E6}
    2012-06-13 13:47:59 -------- d-----w- C:\Users\LTatum\AppData\Local\{CF1B6FD9-C9C2-4486-AE8C-6DA4013E4C51}
    2012-06-13 05:47:02 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
    2012-06-13 05:47:02 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
    2012-06-13 05:47:01 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
    2012-06-13 05:46:06 209920 ----a-w- C:\Windows\System32\profsvc.dll
    2012-06-13 05:45:41 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2012-06-13 05:45:39 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2012-06-13 05:45:39 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2012-06-13 05:45:10 3146752 ----a-w- C:\Windows\System32\win32k.sys
    2012-06-13 05:44:42 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
    2012-06-13 05:44:15 3216384 ----a-w- C:\Windows\System32\msi.dll
    2012-06-13 05:44:14 2342400 ----a-w- C:\Windows\SysWow64\msi.dll
    2012-06-13 05:44:08 1462272 ----a-w- C:\Windows\System32\crypt32.dll
    2012-06-13 05:44:07 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
    2012-06-13 05:44:07 140288 ----a-w- C:\Windows\System32\cryptnet.dll
    2012-06-13 05:44:07 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll
    2012-06-13 05:44:06 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
    2012-06-13 05:44:05 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
    2012-06-13 00:51:51 -------- d-----w- C:\Users\LTatum\AppData\Local\{6E1B2684-9ECA-4F49-86B1-F3378BCC0FC9}
    2012-06-13 00:51:41 -------- d-----w- C:\Users\LTatum\AppData\Local\{4B3ACDA6-D2C6-49B0-BE72-BFCAE96073C9}
    2012-06-12 15:17:24 -------- d-----w- C:\Users\LTatum\AppData\Local\{5309EA47-A33F-48CE-BFCB-DCF8C1034FF0}
    2012-06-12 15:17:14 -------- d-----w- C:\Users\LTatum\AppData\Local\{D5E204C7-3BFA-4643-8FD1-171F989D1B88}
    2012-06-08 16:42:19 -------- d-----w- C:\Users\LTatum\AppData\Local\{ED13C14F-ECB4-4D67-9726-EB7BFA4527B9}
    2012-06-08 16:42:09 -------- d-----w- C:\Users\LTatum\AppData\Local\{02546748-BAE7-4D78-82D3-BFCCB1204448}
    2012-06-08 14:30:36 -------- d-----w- C:\Users\LTatum\AppData\Local\{9D28A1FA-EF93-4352-BAD4-0A53A4D8C156}
    2012-06-08 14:30:25 -------- d-----w- C:\Users\LTatum\AppData\Local\{E99D1455-0C64-40B5-A28C-484569F8A1A8}
    2012-06-08 13:43:56 -------- d-----w- C:\Users\LTatum\AppData\Local\{94C87087-3D77-4A5D-8F3F-3114E2FE429E}
    2012-06-08 13:43:45 -------- d-----w- C:\Users\LTatum\AppData\Local\{91691764-AE89-41AB-9679-5922E76A2F3F}
    2012-06-07 15:23:38 -------- d-----w- C:\Users\LTatum\AppData\Local\{6FB2DE62-FDCC-43C4-A61A-F3BA558090AA}
    2012-06-07 15:23:28 -------- d-----w- C:\Users\LTatum\AppData\Local\{3083B39A-47D1-4D83-8F7B-1E7A5B310EC9}
    2012-06-06 23:58:04 -------- d-----w- C:\Users\LTatum\AppData\Local\{898726AA-7BBC-4B04-A1BC-A20452D84CD3}
    2012-06-06 23:57:53 -------- d-----w- C:\Users\LTatum\AppData\Local\{413A3C3C-6D41-4087-A82A-2F29097DC5CC}
    2012-06-06 17:55:13 -------- d-----w- C:\Users\LTatum\AppData\Local\{EA51FBC4-92C3-4E76-8904-50D60429C77D}
    2012-06-06 17:55:03 -------- d-----w- C:\Users\LTatum\AppData\Local\{7875012D-5F8C-4F9B-9665-298834027618}
    2012-06-06 16:33:37 -------- d-----w- C:\Users\LTatum\AppData\Local\{7D821715-00FC-4DCF-ABAF-8B2CF47CD599}
    2012-06-06 16:33:26 -------- d-----w- C:\Users\LTatum\AppData\Local\{B2C6D438-2F64-49EC-ACB3-315CDD852328}
    2012-06-05 20:56:52 -------- d-----w- C:\Users\LTatum\AppData\Local\{7018B8BF-3730-49B2-A233-B4135CECB035}
    2012-06-05 20:56:41 -------- d-----w- C:\Users\LTatum\AppData\Local\{2F621097-2ED9-42EF-B6D8-F3A93F586DF0}
    2012-06-05 19:32:37 -------- d-----w- C:\Users\LTatum\AppData\Local\{0D893943-3D79-4E73-AB91-EB00A505B756}
    2012-06-05 19:32:27 -------- d-----w- C:\Users\LTatum\AppData\Local\{17430069-E073-4C8E-AEE8-D7F5DCCB359E}
    2012-06-05 14:50:58 -------- d-----w- C:\Users\LTatum\AppData\Local\{8775437E-D3C7-41FE-A953-9157F35ED394}
    2012-06-05 14:50:48 -------- d-----w- C:\Users\LTatum\AppData\Local\{B0A6C8F7-0BA2-40CF-8BB9-8063365AAA4B}
    2012-06-04 16:50:13 -------- d-----w- C:\Users\LTatum\AppData\Local\{A12181EE-ADF8-4337-91F8-559C2EF317A9}
    2012-06-04 16:50:03 -------- d-----w- C:\Users\LTatum\AppData\Local\{43AD9825-FAAC-48A0-B124-BDF88CFFB810}
    2012-06-03 15:59:12 -------- d-----w- C:\Users\LTatum\AppData\Local\{F01EAA39-F10E-455B-A4AD-1E4D738A935B}
    2012-06-03 15:59:02 -------- d-----w- C:\Users\LTatum\AppData\Local\{287B2615-5B31-4060-A5AA-9AFB373FD312}
    2012-06-02 19:00:59 -------- d-----w- C:\Users\LTatum\AppData\Local\{94FA9A36-2268-4D52-961E-184FFD84AA0C}
    2012-06-02 19:00:48 -------- d-----w- C:\Users\LTatum\AppData\Local\{7B9B1439-F8C7-4096-97DA-C893C7377881}
    2012-06-02 15:58:34 -------- d-----w- C:\Users\LTatum\AppData\Local\{D4717EB2-1CBE-4565-91AB-BAC6C9266B01}
    2012-06-02 15:58:24 -------- d-----w- C:\Users\LTatum\AppData\Local\{D4EA7C96-9D88-42B6-95B1-1FF2A5B4EE81}
    2012-06-02 14:50:26 -------- d-----w- C:\Users\LTatum\AppData\Local\{E2690EBC-6E5E-4438-A278-1A42EDCA4E91}
    2012-06-02 14:50:15 -------- d-----w- C:\Users\LTatum\AppData\Local\{103B7F68-D9D8-4EE0-A6D2-1CE326655439}
    2012-06-02 14:46:26 -------- d-----w- C:\Users\LTatum\AppData\Local\{FB930BFF-54E9-4DFC-A561-C98B11607176}
    2012-05-30 16:02:00 -------- d-----w- C:\Users\LTatum\AppData\Local\{CA81264B-220C-4495-9763-046EAF0E3A45}
    2012-05-30 16:01:50 -------- d-----w- C:\Users\LTatum\AppData\Local\{B026E788-17D4-4EEB-B111-6E61602CF37F}
    2012-05-29 20:45:06 -------- d-----w- C:\Users\LTatum\AppData\Local\{E59A831A-5FAF-4B8F-993F-8E78630E449D}
    2012-05-29 20:44:56 -------- d-----w- C:\Users\LTatum\AppData\Local\{C70E95BB-B463-4760-BE37-B60B021C0832}
    2012-05-29 20:11:09 -------- d-----w- C:\Users\LTatum\AppData\Local\{93A28B5B-EE7C-4CA7-B300-A0383AB39625}
    2012-05-29 20:10:58 -------- d-----w- C:\Users\LTatum\AppData\Local\{06FE38CA-0A98-412E-8FD5-BE5CF961065F}
    2012-05-29 18:27:10 -------- d-----w- C:\Users\LTatum\AppData\Local\{81E5F753-2843-4CB3-BFD1-68BF59FBE13D}
    2012-05-29 18:27:00 -------- d-----w- C:\Users\LTatum\AppData\Local\{7812D4F9-81C0-461D-9F8A-4D131084CBB4}
    2012-05-29 13:46:41 -------- d-----w- C:\Users\LTatum\AppData\Local\{ABB11B6B-EB48-46D1-872E-A8FA88E6826D}
    2012-05-29 13:46:31 -------- d-----w- C:\Users\LTatum\AppData\Local\{594E7DBB-015F-4B92-81B8-F2E023105EE8}
    2012-05-28 13:25:00 163048 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10141.bin
    .
    ==================== Find3M ====================
    .
    2012-06-13 13:08:41 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-06-13 13:08:41 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll
    2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2012-05-05 08:54:10 8769696 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
    2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2012-03-28 21:37:39 102248 ----a-w- C:\Users\LTatum\GoToAssistDownloadHelper.exe
    .
    ============= FINISH: 19:57:50.96 ===============


    ark.txt was blank
     

    Attached Files:

  2. ptstrawther

    ptstrawther Thread Starter

    Joined:
    Jun 24, 2012
    Messages:
    22
  3. ptstrawther

    ptstrawther Thread Starter

    Joined:
    Jun 24, 2012
    Messages:
    22
  4. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,609
    Download and save and then install the free version of

    SUPERAntiSpyware 5.5.0.1006

    Make sure to update its definition files during the install process.

    Make sure to uncheck and decline to install any extras, such as toolbars and homepages, it may offer.

    After it's installed and updated, restart the computer.

    Start it, then run a quick scan.

    When the scan is finished, select and remove EVERYTHING it found.

    Restart the computer, if prompted to, so the removal process can finish.

    ----------------------------------------------------------------
     
  5. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,609
    Go to Control Panel - Programs And Features, then uninstall

    Ask Toolbar

    Bing Bar


    -----------------------------------------------------------
     
  6. ptstrawther

    ptstrawther Thread Starter

    Joined:
    Jun 24, 2012
    Messages:
    22
    Thank you
    I have completed all three tasks.. Shall I do anything else?

    The program removed numerous threats
     
  7. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,609
    I'm going to assume that you selected and removed EVERYTHING that was found.

    Start SUPERAntiSpyware.

    Click "View Scan Logs".

    Highlight the most current scan log entry, then click "View Selected Log".

    When the scan log appears in Notepad, copy-and-paste it here.

    --------------------------------------------------

    Are you still receiving the commercial ads?

    --------------------------------------------------
     
  8. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,609
    Java(TM) 6 Update 30 needs to be updated to Java SE Runtime Environment 6 Update 33
    ("Windows x64" 16.41 MB file)

    The new version will replace the old version, so there's no need to uninstall the old version first.

    -----------------------------------------------

    Skype 4.2 is very outdated.

    If you're no longer using it, uninstall it.

    -----------------------------------------------
     
  9. ptstrawther

    ptstrawther Thread Starter

    Joined:
    Jun 24, 2012
    Messages:
    22
    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 06/28/2012 at 01:26 PM

    Application Version : 5.5.1006

    Core Rules Database Version : 8813
    Trace Rules Database Version: 6625

    Scan type : Quick Scan
    Total Scan Time : 00:05:59

    Operating System Information
    Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
    UAC Off - Administrator

    Memory items scanned : 334
    Memory threats detected : 0
    Registry items scanned : 27070
    Registry threats detected : 0
    File items scanned : 13450
    File threats detected : 169

    Adware.Tracking Cookie
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\F1XBUYYU.txt [ /yieldmanager.net ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\OIVS52KS.txt [ /questionmarket.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\4EIPB6C8.txt [ /ads.pointroll.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\QI0EVYX2.txt [ /ru4.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\A1SUMGZC.txt [ /www.burstnet.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\FWDWNNZK.txt [ /ad-vice.biz ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\MFDDVB0N.txt [ /bs.serving-sys.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\MZODDPP2.txt [ /zedo.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\XPUMW90P.txt [ /collective-media.net ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\A19K20JC.txt [ /fastclick.net ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\3NM822VD.txt [ /advertising.ezanga.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\35FO57Y0.txt [ /pointroll.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\614Q72GG.txt [ /ads.blogtalkradio.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\R3IM1ZWC.txt [ /ad.yieldmanager.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\JKWM32YV.txt [ /imrworldwide.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\NCYWDYB0.txt [ /ads.pubmatic.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\JJZ00T5Y.txt [ /adfarm1.adition.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\W5G361LK.txt [ /mediaplex.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\KPMN4REK.txt [ /ad.360yield.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\5MJ0J8EX.txt [ /ads.doubleagent.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\6ZYT74G5.txt [ /msnportal.112.2o7.net ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\GXA06P6T.txt [ /ox-d.fondnessmedia.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\G7KFGWRE.txt [ /adxpose.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\5KLELXHW.txt [ /dc.tremormedia.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\HIMOIJWC.txt [ /ads.adk2.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\89ZQCQZ0.txt [ /amazon-adsystem.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\EO54926E.txt [ /ads.footar.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\V9HQT75A.txt [ /solvemedia.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\6S4DY61B.txt [ /media6degrees.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\D4SVBJOW.txt [ /adnetwork.net ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\WSIZG7WS.txt [ /in.getclicky.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\H6IY1C6C.txt [ /legolas-media.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\5BMKTPSZ.txt [ /adserver.adtechus.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\TEFTJ7R9.txt [ /drivingaroundthetrack.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\6NYC4B6B.txt [ /adbrite.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\45RI41T8.txt [ /lucidmedia.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\JYTGXVYA.txt [ /ad2.adfarm1.adition.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\JKVUVOTE.txt [ /interclick.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\51LKABKG.txt [ /ads.saymedia.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\HKLG05C6.txt [ /advertising.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\OEWM1I3J.txt [ /media.adfrontiers.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\V62ZVDHV.txt [ /find-great.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\UR5U1W2F.txt [ /doubleclick.net ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\OCNMZHN6.txt [ /geconsumerfinance.112.2o7.net ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\AG62DPMI.txt [ /revsci.net ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\HVD7XA7K.txt [ /pro-market.net ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\FC1ZPIG1.txt [ /accountonline.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\NHTZU6R8.txt [ /intermundomedia.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\I3ZXINCW.txt [ /mediaservices-d.openxenterprise.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\DWP04XIX.txt [ /liveperson.net ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\7FTWOPMF.txt [ /casalemedia.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\I3GRRRQF.txt [ /www.hrsaccount.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\JIJ0IMKO.txt [ /ads.gamersmedia.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\TMM8DYDC.txt [ /alliancedata.122.2o7.net ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\JIVS46Y3.txt [ /1sadx.net ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\TWJ47UO6.txt [ /247realmedia.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\8P3DG6I8.txt [ /realmedia.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\BCIXBL06.txt [ /ads.ookla.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\BS1T0THL.txt [ /server.iad.liveperson.net ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\Z61A853A.txt [ /xml.trafficengine.net ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\I344Z7FD.txt [ /stat.onestat.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\HOGU1G99.txt [ /mm.chitika.net ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\Y7S82KMI.txt [ /myroitracking.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\V67RZUJ5.txt [ /atdmt.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\3GMCV19K.txt [ /at.atwola.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\BEMLAIDP.txt [ /liveperson.net ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\T15IVIRX.txt [ /ads.undertone.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\8ADL2U7M.txt [ /serving-sys.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\17ATWVF6.txt [ /ad.wsod.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\MSBHZJ0M.txt [ /trafficmp.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\TJCRLOJ7.txt [ /journalregistercompany.122.2o7.net ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\62FVPX1W.txt [ /tribalfusion.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\ZBSHYWPK.txt [ /counter.hitslink.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\5X6LM67L.txt [ /apmebf.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\VR046W81.txt [ /openx.overadmedia.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\P10ABNAZ.txt [ /specificclick.net ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\TDY9CZ6A.txt [ /network.realmedia.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\P6QJEAP3.txt [ /citi.bridgetrack.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\UZWNM8JN.txt [ /burstnet.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\D7E80J08.txt [ /ads.intergi.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\I3GA3PEB.txt [ /invitemedia.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\4N7YG466.txt [ /insightexpressai.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\JWGTCHRP.txt [ /clicksor.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\4TQQYAPP.txt [ /enhance.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\YAJ8V6J5.txt [ /gamersmedia.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\SQ2M1QAJ.txt [ /adtech.de ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\CVLF48GL.txt [ /ad.allvoices.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\04GVXPB8.txt [ /www.burstbeacon.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\RNK66DZU.txt [ /seeclickfix.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\AO6EB6KI.txt [ /ads.us.e-planning.net ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\ZVDG5TB3.txt [ /eyeviewads.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\HFY7ZM0Z.txt [ /burstbeacon.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\M115B8CC.txt [ /stats.townnews.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\UQRD28O2.txt [ /statcounter.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\L1T7KAEB.txt [ /click4college.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\0B8WIO5H.txt [ /t.pointroll.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\6C4VDYI4.txt [ /xiti.com ]
    C:\Users\LTatum\AppData\Roaming\Microsoft\Windows\Cookies\RUK8Q991.txt [ /kontera.com ]
    C:\USERS\LTATUM\AppData\Roaming\Microsoft\Windows\Cookies\RU2Z0T5H.txt [ Cookie:[email protected]/adserving ]
    C:\USERS\LTATUM\Cookies\F1XBUYYU.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\OIVS52KS.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\4EIPB6C8.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\MFDDVB0N.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\MZODDPP2.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\XPUMW90P.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\3NM822VD.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\35FO57Y0.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\R3IM1ZWC.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\JKWM32YV.txt [ Cookie:[email protected]/cgi-bin ]
    C:\USERS\LTATUM\Cookies\RU2Z0T5H.txt [ Cookie:[email protected]/adserving ]
    C:\USERS\LTATUM\Cookies\W5G361LK.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\6ZYT74G5.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\GXA06P6T.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\G7KFGWRE.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\5KLELXHW.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\V9HQT75A.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\6S4DY61B.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\D4SVBJOW.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\WSIZG7WS.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\5BMKTPSZ.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\6NYC4B6B.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\JYTGXVYA.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\JKVUVOTE.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\51LKABKG.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\HKLG05C6.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\OEWM1I3J.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\OCNMZHN6.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\AG62DPMI.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\FC1ZPIG1.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\NHTZU6R8.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\I3ZXINCW.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\7FTWOPMF.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\I3GRRRQF.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\JIJ0IMKO.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\TMM8DYDC.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\JIVS46Y3.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\TWJ47UO6.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\8P3DG6I8.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\BS1T0THL.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\Z61A853A.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\I344Z7FD.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\HOGU1G99.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\Y7S82KMI.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\V67RZUJ5.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\3GMCV19K.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\MSBHZJ0M.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\TJCRLOJ7.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\5X6LM67L.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\VR046W81.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\P10ABNAZ.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\TDY9CZ6A.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\P6QJEAP3.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\UZWNM8JN.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\JWGTCHRP.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\YAJ8V6J5.txt [ Cookie:[email protected]/servlet/ajrotator/track/pt1220551 ]
    C:\USERS\LTATUM\Cookies\SQ2M1QAJ.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\04GVXPB8.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\ZVDG5TB3.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\M115B8CC.txt [ Cookie:[email protected]/nhregister.com/ ]
    C:\USERS\LTATUM\Cookies\UQRD28O2.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\L1T7KAEB.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\6C4VDYI4.txt [ Cookie:[email protected]/ ]
    C:\USERS\LTATUM\Cookies\RUK8Q991.txt [ Cookie:[email protected]/ ]

    Trace.Known Threat Sources
    C:\USERS\LTATUM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WC3RKGVG\crossdomain[1].xml [ cache:wista ]
    C:\USERS\LTATUM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WC3RKGVG\59b8caa9266b8_2174314[1].flv [ cache:wista ]
    C:\USERS\LTATUM\Local Settings\Temporary Internet Files\Content.IE5\WC3RKGVG\crossdomain[1].xml [ cache:wista ]
    C:\USERS\LTATUM\Local Settings\Temporary Internet Files\Content.IE5\WC3RKGVG\59b8caa9266b8_2174314[1].flv [ cache:wista ]

    PUP.SoftDownloader
    C:\USERS\LTATUM\DESKTOP\HIJACKTHIS SETUP.EXE
    C:\Windows\Prefetch\HIJACKTHIS SETUP.EXE-C1613C16.pf
     
  10. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,609
    You didn't answer my question in post #7.

    Don't forget about post #8.

    ------------------------------------------------------
     
  11. ptstrawther

    ptstrawther Thread Starter

    Joined:
    Jun 24, 2012
    Messages:
    22
    Sorry

    I don't hear the ads any longer but the machine isn't connected to the internet right now. I will connect and then listen.

    I updated the Java platform and removed the skpe app
     
  12. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,609
    Click Start - Run, then type in

    %temp% (% is the percent symbol in the number 5 key)

    and then click OK.

    Once that temp folder appears and you can view its contents, select and delete EVERYTHING that's inside it.

    If a few files resist being deleted, that's normal behavior. Leave them alone and delete EVERYTHING else.

    If a massive number of files are being deleted, the computer may appear to "hang". Be patient and wait for the deletion process to finish.

    After it's done, restart the computer.

    -----------------------------------------------------
     
  13. ptstrawther

    ptstrawther Thread Starter

    Joined:
    Jun 24, 2012
    Messages:
    22
    ok that has been completed.
     
  14. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,609
    (y)

    A large buildup of temp files can cause various problems, and that temp folder is a good place for "nasties" to hide.

    That's why I consider it part of regular computer maintenance.

    ------------------------------------------------------
     
  15. ptstrawther

    ptstrawther Thread Starter

    Joined:
    Jun 24, 2012
    Messages:
    22
    excellent. So that should be it?
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1058425