1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

shutting down randomly urgent!

Discussion in 'Virus & Other Malware Removal' started by serath40, Jan 19, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. serath40

    serath40 Thread Starter

    Joined:
    Jan 19, 2011
    Messages:
    14
    Hello all i am new here but this is urgent as this is a buisness computer about 3 days ago I got a windows update thats was random and mandatory i guess. but ever since my pc has been shutting randomly on its own every 1-3 hours i have cleaned registry repaired registry. i have checked pc tempature i have scanned for viruses 4 times! did system restore. then i looked on google for hours upon hours i got suspicious of it being because of it possibly being a windows 7 rc version but no it is the newest legit version ive defragged i meen ive done almost everything i can think of im losing it. i called dell support my warranty was up but he said it was most likely something to do with the windows update but im not sure. im not a rich person so i cannot afford really a technician as of now please help. i know its a windows 7 home premium dell inspiron 1764 laptop i3 processor 4gb of ram idk any others im not super pc smart.

    p.s there is no error code or BSOD it just says logging off shutting off then thats it.
     
  2. serath40

    serath40 Thread Starter

    Joined:
    Jan 19, 2011
    Messages:
    14
    i also wanted to add it cannot be overheating my pc temps are all around 35-40 celsius i have eset smart security 4 so it cant be a virus ive scanned 5 times now just did another this pc is only 7 months old. :(
     
  3. RaytheBear

    RaytheBear

    Joined:
    Sep 13, 2010
    Messages:
    628
    Hi,
    First off, never clean your registry unless advised to do so by an expert, this can cause yet more harm then you had to start with.
    Have you tried doing a System Restore prior to installing the update to see if that helps.

    Ray
     
  4. serath40

    serath40 Thread Starter

    Joined:
    Jan 19, 2011
    Messages:
    14
    yes i did do a system restore but no chage at all :(
     
  5. fodelement

    fodelement

    Joined:
    Feb 14, 2009
    Messages:
    128
    Why do you have an RC copy of windows 7 on a new computer, which should have came windows pre-installed? Also if the computer is 7 Months old, your dell warranty is not up as they offer a limited 1 year warranty on their products. Given, dell does not cover software as it is not made by dell, but it is made by microsoft.


    Does the computer turn its self off in safe mode as well? Having one antivirus on your computer does not mean its virus free. Posting a HJT log or even running malware bytes may be a good idea. Unfortunately HJT logs, as well as help in removing malware, has to be done by certified members.
     
  6. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
    Please run the MGA Diagnostic Tool and post back the report it creates:
    • Download MGADiag to your desktop.
    • Double-click on MGADiag.exe to launch the program
    • Click "Continue"
    • Ensure that the "Windows" tab is selected (it should be by default).
    • Click the "Copy" button to copy the MGA Diagnostic Report to the Windows clipboard.
    • Paste the MGA Diagnostic Report back here in your next reply.
     
  7. serath40

    serath40 Thread Starter

    Joined:
    Jan 19, 2011
    Messages:
    14
    fodelement it is not a rc version sorry if i was unclear but it is the build 7600 not rc. and dvk i will do that now. and fodelement how would i do malware bytes or hjt logs?
     
  8. serath40

    serath40 Thread Starter

    Joined:
    Jan 19, 2011
    Messages:
    14
    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->
    Validation Code: 0
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-QCPVQ-KHRB8-RMV82
    Windows Product Key Hash: +Rj3N34NLM2JqoBO/OzgzTZXgbY=
    Windows Product ID: 00359-OEM-8992687-00095
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 6.1.7600.2.00010300.0.0.003
    ID: {5D276CB3-F2BB-4560-BF6A-0C7D9B3E12F1}(1)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Home Premium
    Architecture: 0x00000009
    Build lab: 7600.win7_gdr.100618-1621
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A
    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002
    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002
    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3
    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed
    File Scan Data-->
    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{5D276CB3-F2BB-4560-BF6A-0C7D9B3E12F1}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7600.2.00010300.0.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-RMV82</PKey><PID>00359-OEM-8992687-00095</PID><PIDType>2</PIDType><SID>S-1-5-21-3353836649-3912363437-4109639246</SID><SYSTEM><Manufacturer>Dell Inc.</Manufacturer><Model>Inspiron 1764</Model></SYSTEM><BIOS><Manufacturer>Dell Inc.</Manufacturer><Version>A01</Version><SMBIOSVersion major="2" minor="6"/><Date>20091106000000.000000+000</Date></BIOS><HWID>C3BB3607018400FC</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>DELL </OEMID><OEMTableID>QA09 </OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>
    Spsys.log Content: 0x80070002
    Licensing Data-->
    Software licensing service version: 6.1.7600.16385
    Name: Windows(R) 7, HomePremium edition
    Description: Windows Operating System - Windows(R) 7, OEM_SLP channel
    Activation ID: d2c04e90-c3dd-4260-b0f3-f845f5d27d64
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00359-00178-926-800095-02-1033-7600.0000-0432010
    Installation ID: 016563014076755836839655519221844743683934686562982236
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: RMV82
    License Status: Licensed
    Remaining Windows rearm count: 3
    Trusted time: 1/21/2011 6:47:26 AM
    Windows Activation Technologies-->
    HrOffline: 0x00000000
    HrOnline: 0x00000000
    HealthStatus: 0x0000000000000000
    Event Time Stamp: 12:31:2010 21:39
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:

    HWID Data-->
    HWID Hash Current: NgAAAAIAAgABAAEAAgABAAAAAwABAAEA6GFIyD7l/cAyjppRKD+QgY3vazZ0XQgzws8CnFxd
    OEM Activation 1.0 Data-->
    N/A
    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20001
    OEMID and OEMTableID Consistent: yes
    BIOS Information:
    ACPI Table Name OEMID Value OEMTableID Value
    APIC PTLTD APIC
    FACP INTEL CRESTLNE
    HPET INTEL CRESTLNE
    BOOT PTLTD $SBFTBL$
    MCFG INTEL CRESTLNE
    SLIC DELL QA09
    OSFR DELL DELL
    SSDT PmRef CpuPm

    this is the mgadiag you requested dvk01
     
  9. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
  10. serath40

    serath40 Thread Starter

    Joined:
    Jan 19, 2011
    Messages:
    14
    is it safe by the way to post this up for the web to see just wondering? I believe its ok for members to see just not strangers from all over the web?
     
  11. serath40

    serath40 Thread Starter

    Joined:
    Jan 19, 2011
    Messages:
    14
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 3/8/2010 7:50:32 PM
    System Uptime: 1/19/2011 5:09:28 AM (50 hours ago)
    Motherboard: Dell Inc. | | 0TKV96
    Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz | U2E1 | 917/133mhz
    ==== Disk Partitions =========================
    C: is FIXED (NTFS) - 59 GiB total, 12.931 GiB free.
    D: is FIXED (NTFS) - 397 GiB total, 365.75 GiB free.
    E: is CDROM ()
    F: is CDROM ()
    G: is CDROM ()
    ==== Disabled Device Manager Items =============
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft Virtual WiFi Miniport Adapter
    Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&19573A40&0&01
    Manufacturer: Microsoft
    Name: Microsoft Virtual WiFi Miniport Adapter
    PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&19573A40&0&01
    Service: vwifimp
    ==== System Restore Points ===================
    RP194: 1/19/2011 6:30:01 AM - Scheduled Checkpoint
    ==== Installed Programs ======================
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 9.3.3
    Apple Application Support
    Apple Software Update
    Banctec Service Agreement
    BufferChm
    CCleaner
    Cisco EAP-FAST Module
    Cisco LEAP Module
    Cisco PEAP Module
    Complete Care Business Service Agreement
    Complete Care Consumer Service Agreement
    Consumer In-Home Service Agreement
    Copy
    Coupon Printer for Windows
    D3DX10
    Dell DataSafe Online
    Dell Getting Started Guide
    Dell Home Systems Service Agreement
    Dell Support Center (Support Software)
    Destinations
    DeviceDiscovery
    Diph
    Disk Cleaner (remove only)
    DJ_AIO_05_F4400_Software_Min
    EA Download Manager
    F4400
    Focus Magic 3.02
    Free Window Registry Repair
    Game Booster
    Google Earth
    Google Update Helper
    GoToAssist 8.0.0.514
    GPBaseService2
    HP Photo Creations
    HP Update
    HP USB Disk Storage Format Tool
    HPPhotoGadget
    HPProductAssistant
    HPSSupply
    Intel(R) Graphics Media Accelerator Driver
    Internet TV for Windows Media Center
    iPrep 101 v0.0.6.2 Beta
    Java Auto Updater
    Java(TM) 6 Update 23
    JDownloader
    Junk Mail filter update
    Malwarebytes' Anti-Malware
    MarketResearch
    MCEBrowser
    Microsoft Search Enhancement Pack
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Works
    Mozilla Firefox (3.6.10)
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Pando Media Booster
    PowerDVD DX
    QualXServ Service Agreement
    QuickTime
    Realtek High Definition Audio Driver
    Scan
    Search Toolbar
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    SmartWebPrinting
    Softonic_English Toolbar
    SolutionCenter
    SpeedFan (remove only)
    Status
    Steam
    System Requirements Lab
    System Requirements Lab CYRI
    The Sims&#8482; 2 Double Deluxe
    Toolbox
    TrayApp
    Virtual DJ Home - Atomix Productions
    WavePad Sound Editor
    WebReg
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Installer
    Windows Live Mail
    Windows Live Messenger
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live Sync
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    World of Warcraft
    ==== Event Viewer Messages From Past Week ========
    1/20/2011 7:04:54 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
    1/19/2011 2:44:12 AM, Error: Service Control Manager [7031] - The ESET Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
    1/18/2011 9:11:11 PM, Error: Microsoft-Windows-SharedAccess_NAT [34001] - The ICS_IPV6 failed to configure IPv6 stack.
    1/18/2011 9:09:43 PM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
    1/18/2011 9:08:04 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
    1/17/2011 6:13:44 PM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: [email protected]
    1/17/2011 2:20:57 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
    1/17/2011 2:20:57 AM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    1/17/2011 12:37:52 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the LogMeIn Hamachi 2.0 Tunneling Engine service to connect.
    1/17/2011 12:37:52 PM, Error: Service Control Manager [7000] - The LogMeIn Hamachi 2.0 Tunneling Engine service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    1/17/2011 12:37:37 PM, Error: Service Control Manager [7030] - The LogMeIn Hamachi 2.0 Tunneling Engine service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    1/17/2011 12:37:37 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.
    1/17/2011 12:37:37 PM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    1/16/2011 10:10:45 AM, Error: volsnap [67] - The shadow copy of volume C: being created failed to install.
    ==== End Of File ===========================


    this is thee attach.
     
  12. serath40

    serath40 Thread Starter

    Joined:
    Jan 19, 2011
    Messages:
    14
    DDS (Ver_10-12-12.02) - NTFS_AMD64
    Run by Nova at 7:08:33.42 on Fri 01/21/2011
    Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_23
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3893.2161 [GMT -5:00]
    AV: ESET Smart Security 4.2 *Enabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
    SP: ESET Smart Security 4.2 *Enabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: ESET Personal firewall *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
    ============== Running Processes ===============
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Program Files\Dell\DellDock\DockLogin.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
    C:\Windows\system32\WLANExt.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
    C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\DellTPad\Apoint.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
    C:\Program Files (x86)\Windows Sidebar\sidebar.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\DellTPad\ApMsgFwd.exe
    C:\Program Files\DellTPad\HidFind.exe
    C:\Program Files\DellTPad\Apntex.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\splwow64.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Users\Nova\Desktop\ShutdownGuard.exe
    C:\Program Files\ESET\ESET Smart Security\egui.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
    C:\Windows\system32\LogonUI.exe
    C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Softonic_English\Softonic_EnglishToolbarHelper.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Users\Nova\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5FUI08BM\dds[1].scr
    C:\Windows\system32\conhost.exe
    ============== Pseudo HJT Report ===============
    uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1142338
    uURLSearchHooks: Softonic English Toolbar: {930f1200-f5f1-4870-bac6-e233ec8e7023} - C:\Program Files (x86)\Softonic_English\tbSoft.dll
    mURLSearchHooks: Softonic English Toolbar: {930f1200-f5f1-4870-bac6-e233ec8e7023} - C:\Program Files (x86)\Softonic_English\tbSoft.dll
    BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Softonic English Toolbar: {930f1200-f5f1-4870-bac6-e233ec8e7023} - C:\Program Files (x86)\Softonic_English\tbSoft.dll
    BHO: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    TB: Softonic English Toolbar: {930f1200-f5f1-4870-bac6-e233ec8e7023} - C:\Program Files (x86)\Softonic_English\tbSoft.dll
    TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
    TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
    TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
    EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
    uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    uRun: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
    uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
    uRun: [WinUpdate] C:\Windows\system32\winupd.exe
    uRun: [Adobe Drivers] C:\Users\Nova\AppData\Roaming\Microsoft\Windows Firewall\winnit.exe
    mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
    mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
    mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    mRun: [fsn] C:\Program Files (x86)\Phoenix Technologies Ltd\FailSafe\FailSafeNotifier.exe
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    mRun: [WinUpdate] C:\Windows\system32\winupd.exe
    mRunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    StartupFolder: C:\Users\Nova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\winupd.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab
    DPF: {15B782AF-55D8-11D1-B477-006097098764} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/authorware/awswaxd.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab
    Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
    TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    TB-X64: {930F1200-F5F1-4870-BAC6-E233EC8E7023} - No File
    TB-X64: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
    TB-X64: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
    mRun-x64: [Apoint] C:\Program Files\DellTPad\Apoint.exe
    mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    mRun-x64: [IgfxTray] C:\Windows\system32\igfxtray.exe
    mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe
    mRun-x64: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
    mRun-x64: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe
    mRun-x64: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
    ============= SERVICES / DRIVERS ===============
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
    R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-10-9 92160]
    R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
    R2 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2010-3-24 163888]
    R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2010-3-24 810120]
    R2 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2010-3-24 50600]
    R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
    R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2009-10-12 151040]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2009-9-25 233984]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-3-4 346144]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-1-3 136176]
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2009-7-16 220672]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2009-8-28 49152]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-4-1 1255736]
    =============== Created Last 30 ================
    2011-01-21 11:59:55 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
    2011-01-21 11:59:51 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2011-01-21 11:49:26 -------- d-----w- C:\MGADiagToolOutput
    2011-01-19 01:32:08 -------- d-----w- C:\Program Files (x86)\SpeedFan
    2011-01-18 09:04:59 -------- d-----w- C:\Windows\SysWow64\Profiles
    2011-01-18 04:22:20 -------- d-----w- C:\Program Files (x86)\Free Window Registry Repair
    2011-01-17 22:54:42 -------- d-----w- C:\Users\Nova\AppData\Local\Promosoft Corporation
    2011-01-17 22:54:31 -------- d-----w- C:\Program Files (x86)\Promosoft Corporation
    2011-01-17 22:51:10 -------- d-----w- C:\Users\Nova\AppData\Roaming\SmartPCTools
    2011-01-17 20:07:36 -------- d-----w- C:\Program Files (x86)\CCleaner
    2011-01-17 19:42:33 -------- d-----w- C:\Windows\en
    2011-01-17 19:38:40 469256 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2339de2b1cbb67e05\InstallManager_WLE_WLE.exe
    2011-01-17 19:38:36 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2169b1d61cbb67e04\DXSETUP.exe
    2011-01-17 19:38:35 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2169b1d61cbb67e04\DSETUP.dll
    2011-01-17 19:38:35 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2169b1d61cbb67e04\dsetup32.dll
    2011-01-17 19:38:34 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\1ffd7f4c1cbb67e03\DSETUP.dll
    2011-01-17 19:38:34 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\1ffd7f4c1cbb67e03\DXSETUP.exe
    2011-01-17 19:38:34 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\1ffd7f4c1cbb67e03\dsetup32.dll
    2011-01-17 19:38:24 -------- d-----w- C:\Users\Nova\AppData\Local\Windows Live
    2011-01-17 19:37:50 206848 ----a-w- C:\Windows\System32\mfps.dll
    2011-01-17 19:37:49 4068864 ----a-w- C:\Windows\System32\mf.dll
    2011-01-17 19:37:49 257024 ----a-w- C:\Windows\System32\mfreadwrite.dll
    2011-01-17 19:37:49 196608 ----a-w- C:\Windows\SysWow64\mfreadwrite.dll
    2011-01-17 19:37:49 1888256 ----a-w- C:\Windows\System32\WMVDECOD.DLL
    2011-01-17 19:37:49 1619456 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
    2011-01-17 19:37:48 3181568 ----a-w- C:\Windows\SysWow64\mf.dll
    2011-01-17 17:37:25 33856 ---ha-w- C:\Windows\System32\hamachi.sys
    2011-01-16 01:25:39 -------- d-----w- C:\Users\Nova\AppData\Local\jagexlauncher
    2011-01-15 22:05:42 720896 ----a-w- C:\Windows\System32\odbc32.dll
    2011-01-15 22:05:41 987136 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll
    2011-01-15 22:05:41 573440 ----a-w- C:\Windows\SysWow64\odbc32.dll
    2011-01-15 22:05:41 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll
    2011-01-15 22:05:41 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll
    2011-01-15 22:05:41 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll
    2011-01-15 22:05:41 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll
    2011-01-15 22:05:41 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll
    2011-01-15 22:05:41 1425408 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll
    2011-01-15 22:05:40 208896 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll
    2011-01-06 12:06:42 -------- d-----w- C:\Program Files (x86)\Search Toolbar
    2011-01-06 12:05:50 -------- d-----w- C:\Program Files (x86)\NCH Swift Sound
    2011-01-03 22:40:46 -------- d-----w- C:\Users\Nova\AppData\Local\Google
    2011-01-01 01:23:09 -------- d-----w- C:\PROGRA~3\Electronic Arts
    2010-12-29 22:39:23 -------- d-----w- C:\Program Files (x86)\EA GAMES
    2010-12-23 15:22:18 -------- d-----w- C:\Users\Nova\AppData\Local\ElevatedDiagnostics
    ==================== Find3M ====================
    2010-12-20 23:08:40 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2010-11-12 23:53:06 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2010-11-06 18:35:40 2484072 ----a-w- C:\Windows\SysWow64\abgx360.exe
    2010-11-04 06:35:53 1194496 ----a-w- C:\Windows\System32\wininet.dll
    2010-11-04 06:31:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll
    2010-11-04 05:52:17 978944 ----a-w- C:\Windows\SysWow64\wininet.dll
    2010-11-04 05:48:36 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
    2010-11-04 05:16:14 482816 ----a-w- C:\Windows\System32\html.iec
    2010-11-04 04:41:26 386048 ----a-w- C:\Windows\SysWow64\html.iec
    2010-11-04 04:35:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
    2010-11-04 04:08:54 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2010-11-02 05:18:17 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll
    2010-11-02 05:17:38 473600 ----a-w- C:\Windows\System32\taskcomp.dll
    2010-11-02 05:17:38 1169408 ----a-w- C:\Windows\System32\taskschd.dll
    2010-11-02 05:16:53 1114624 ----a-w- C:\Windows\System32\schedsvc.dll
    2010-11-02 05:10:47 464384 ----a-w- C:\Windows\System32\taskeng.exe
    2010-11-02 05:10:32 285696 ----a-w- C:\Windows\System32\schtasks.exe
    2010-11-02 04:40:36 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll
    2010-11-02 04:40:36 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll
    2010-11-02 04:34:44 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe
    2010-11-02 04:34:33 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe
    2010-10-27 05:06:22 2048 ----a-w- C:\Windows\System32\tzres.dll
    2010-10-27 04:32:36 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2010-04-23 04:00:46 6 ----a-w- C:\Program Files (x86)\Common Files\UnInstallCompleted.tmp
    2010-03-09 03:50:17 150528 ----a-w- C:\Program Files (x86)\Common Files\osdinst.dll
    2010-03-09 01:02:04 4674112 ----a-w- C:\Program Files (x86)\Common Files\xsignal.exe
    ============= FINISH: 7:08:57.74 ===============


    the DDS
     
  13. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
    You do have what appears to be a SDbot trojan/virus

    Delete any existing version of ComboFix you have sitting on your desktop
    Please read and follow all these instructions very carefully
    Do not edit or remove any information or user names etc, otherwise we cannot fix the problem. If you insist on editing out anything then I will close the topic & refuse to offer any help.

    Download ComboFix from Here or Hereto your Desktop.
    As you download it rename it to username123.exe


    **Note: It is important that it is saved directly to your desktop and run from the desktop and not any other folder on your computer**
    --------------------------------------------------------------------
    1. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

    • Very Important! Temporarily disable your anti-virus and anti-malware real-time protection and any script blocking components of them or your firewall before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results" or stop combofix running at all
    • Click on THIS LINK to see instructions on how to temporarily disable many security programs while running combofix. The list does not cover every program. If yours is not listed and you don't know how to disable it, please ask.
    • Remember to re enable the protection again after combofix has finished
    --------------------------------------------------------------------
    2. Close any open browsers and any other programs you might have running
    Double click on combofix.exe & follow the prompts.​
    If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?"
    Please select yes & let it download the files it needs to do this. Once the recovery console is installed Combofix will then offer to scan for malware. Select continue or yes.
    When finished, it will produce a report for you.
    Please post the "C:\ComboFix.txt" for further review


    ****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

    Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
    Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply. Read HERE why we disable autoruns

    Please do not install any new programs or update anything (always allow your antivirus/antispyware to update) unless told to do so while we are fixing your problem. If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.

    Please tell us if it has cured the problems or if there are any outstanding issues
     
  14. serath40

    serath40 Thread Starter

    Joined:
    Jan 19, 2011
    Messages:
    14
    i cant tell if it worked...but here is the log i got from it. ComboFix 11-01-20.03 - Nova 01/21/2011 7:52.1.4 - x64
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3893.2524 [GMT -5:00]
    Running from: c:\users\Nova\Desktop\username123.exe.exe
    AV: ESET Smart Security 4.2 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
    FW: ESET Personal firewall *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
    SP: ESET Smart Security 4.2 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    c:\program files (x86)\Search Toolbar
    c:\program files (x86)\Search Toolbar\icon.ico
    c:\program files (x86)\Search Toolbar\SearchToolbar.dll
    c:\program files (x86)\Search Toolbar\SearchToolbarUninstall.exe
    c:\program files (x86)\Search Toolbar\SearchToolbarUpdater.exe
    c:\users\Nova\AppData\Local\Temp\FB8D.tmp
    c:\users\Nova\AppData\Roaming\inst.exe
    c:\users\Nova\AppData\Roaming\Microsoft\system.exe
    c:\users\Nova\AppData\Roaming\Microsoft\Windows Firewall
    c:\users\Nova\AppData\Roaming\Microsoft\Windows\Templates\1.jpeg
    .
    ((((((((((((((((((((((((( Files Created from 2010-12-21 to 2011-01-21 )))))))))))))))))))))))))))))))
    .
    2011-01-21 12:56 . 2011-01-21 12:56 -------- d-----w- c:\users\Mcx1-NOVA-PC\AppData\Local\temp
    2011-01-21 12:56 . 2011-01-21 12:56 -------- d-----w- c:\users\Default\AppData\Local\temp
    2011-01-21 11:59 . 2010-12-20 23:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
    2011-01-21 11:59 . 2011-01-21 11:59 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2011-01-21 11:49 . 2011-01-21 11:49 -------- d-----w- C:\MGADiagToolOutput
    2011-01-21 11:47 . 2011-01-21 11:47 -------- d-----w- c:\progra~3\Office Genuine Advantage
    2011-01-19 01:32 . 2011-01-19 01:32 -------- d-----w- c:\program files (x86)\SpeedFan
    2011-01-18 09:04 . 2011-01-18 09:04 -------- d-----w- c:\windows\SysWow64\Profiles
    2011-01-18 04:22 . 2011-01-18 04:31 -------- d-----w- c:\program files (x86)\Free Window Registry Repair
    2011-01-17 22:54 . 2011-01-17 23:13 -------- d-----w- c:\users\Nova\AppData\Local\Promosoft Corporation
    2011-01-17 22:54 . 2011-01-17 23:13 -------- d-----w- c:\program files (x86)\Promosoft Corporation
    2011-01-17 22:51 . 2011-01-17 22:51 -------- d-----w- c:\users\Nova\AppData\Roaming\SmartPCTools
    2011-01-17 20:07 . 2011-01-17 20:07 -------- d-----w- c:\program files (x86)\CCleaner
    2011-01-17 19:42 . 2011-01-17 19:42 -------- d-----w- c:\windows\en
    2011-01-17 19:40 . 2011-01-17 19:40 -------- d-----w- c:\program files\Windows Live
    2011-01-17 19:38 . 2011-01-17 19:38 469256 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\2339de2b1cbb67e05\InstallManager_WLE_WLE.exe
    2011-01-17 19:38 . 2011-01-17 19:38 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\2169b1d61cbb67e04\DXSETUP.exe
    2011-01-17 19:38 . 2011-01-17 19:38 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\2169b1d61cbb67e04\DSETUP.dll
    2011-01-17 19:38 . 2011-01-17 19:38 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\2169b1d61cbb67e04\dsetup32.dll
    2011-01-17 19:38 . 2011-01-17 19:38 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\1ffd7f4c1cbb67e03\DSETUP.dll
    2011-01-17 19:38 . 2011-01-17 19:38 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\1ffd7f4c1cbb67e03\DXSETUP.exe
    2011-01-17 19:38 . 2011-01-17 19:38 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\1ffd7f4c1cbb67e03\dsetup32.dll
    2011-01-17 19:38 . 2011-01-21 12:43 -------- d-----w- c:\users\Nova\AppData\Local\Windows Live
    2011-01-17 19:37 . 2010-05-23 08:35 206848 ----a-w- c:\windows\system32\mfps.dll
    2011-01-17 19:37 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
    2011-01-17 19:37 . 2010-05-23 10:11 196608 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
    2011-01-17 19:37 . 2010-05-23 08:37 1888256 ----a-w- c:\windows\system32\WMVDECOD.DLL
    2011-01-17 19:37 . 2010-05-23 08:35 257024 ----a-w- c:\windows\system32\mfreadwrite.dll
    2011-01-17 19:37 . 2010-05-23 08:35 4068864 ----a-w- c:\windows\system32\mf.dll
    2011-01-17 19:37 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\SysWow64\mf.dll
    2011-01-17 17:37 . 2009-03-18 21:35 33856 ---ha-w- c:\windows\system32\hamachi.sys
    2011-01-17 16:22 . 2011-01-17 16:22 -------- d-----w- c:\program files (x86)\Electronic Arts
    2011-01-16 01:25 . 2011-01-17 19:47 -------- d-----w- c:\users\Nova\AppData\Local\jagexlauncher
    2011-01-15 22:05 . 2010-10-16 05:17 720896 ----a-w- c:\windows\system32\odbc32.dll
    2011-01-15 22:05 . 2010-10-16 05:16 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
    2011-01-15 22:05 . 2010-10-16 05:16 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
    2011-01-15 22:05 . 2010-10-16 05:16 1425408 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
    2011-01-15 22:05 . 2010-10-16 05:16 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
    2011-01-15 22:05 . 2010-10-16 04:34 573440 ----a-w- c:\windows\SysWow64\odbc32.dll
    2011-01-15 22:05 . 2010-10-16 04:33 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll
    2011-01-15 22:05 . 2010-10-16 04:33 352256 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll
    2011-01-15 22:05 . 2010-10-16 04:33 987136 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll
    2011-01-15 22:05 . 2010-10-16 04:33 208896 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll
    2011-01-06 12:05 . 2011-01-06 12:05 -------- d-----w- c:\users\Nova\AppData\Roaming\NCH Swift Sound
    2011-01-06 12:05 . 2011-01-06 12:05 -------- d-----w- c:\program files (x86)\NCH Swift Sound
    2011-01-03 22:40 . 2011-01-03 22:41 -------- d-----w- c:\program files (x86)\Google
    2011-01-03 22:40 . 2011-01-03 22:41 -------- d-----w- c:\users\Nova\AppData\Local\Google
    2011-01-01 01:23 . 2011-01-17 16:22 -------- d-----w- c:\progra~3\Electronic Arts
    2010-12-29 22:39 . 2010-12-29 22:39 -------- d-----w- c:\program files (x86)\EA GAMES
    2010-12-23 15:22 . 2011-01-15 21:29 -------- d-----w- c:\users\Nova\AppData\Local\ElevatedDiagnostics
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-12-20 23:08 . 2010-03-21 17:23 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-11-12 23:53 . 2010-08-06 03:41 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
    2010-11-06 18:35 . 2010-11-06 18:35 2484072 ----a-w- c:\windows\SysWow64\abgx360.exe
    2010-11-04 06:35 . 2010-12-16 05:44 1194496 ----a-w- c:\windows\system32\wininet.dll
    2010-11-04 06:31 . 2010-12-16 05:44 57856 ----a-w- c:\windows\system32\licmgr10.dll
    2010-11-04 05:52 . 2010-12-16 05:44 978944 ----a-w- c:\windows\SysWow64\wininet.dll
    2010-11-04 05:48 . 2010-12-16 05:44 44544 ----a-w- c:\windows\SysWow64\licmgr10.dll
    2010-11-04 05:16 . 2010-12-16 05:44 482816 ----a-w- c:\windows\system32\html.iec
    2010-11-04 04:41 . 2010-12-16 05:44 386048 ----a-w- c:\windows\SysWow64\html.iec
    2010-11-04 04:35 . 2010-12-16 05:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb
    2010-11-04 04:08 . 2010-12-16 05:44 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
    2010-11-02 05:18 . 2010-12-16 05:45 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll
    2010-11-02 05:17 . 2010-12-16 05:45 473600 ----a-w- c:\windows\system32\taskcomp.dll
    2010-11-02 05:17 . 2010-12-16 05:45 1169408 ----a-w- c:\windows\system32\taskschd.dll
    2010-11-02 05:16 . 2010-12-16 05:45 1114624 ----a-w- c:\windows\system32\schedsvc.dll
    2010-11-02 05:10 . 2010-12-16 05:45 464384 ----a-w- c:\windows\system32\taskeng.exe
    2010-11-02 05:10 . 2010-12-16 05:45 285696 ----a-w- c:\windows\system32\schtasks.exe
    2010-11-02 04:40 . 2010-12-16 05:45 496128 ----a-w- c:\windows\SysWow64\taskschd.dll
    2010-11-02 04:40 . 2010-12-16 05:45 305152 ----a-w- c:\windows\SysWow64\taskcomp.dll
    2010-11-02 04:34 . 2010-12-16 05:45 192000 ----a-w- c:\windows\SysWow64\taskeng.exe
    2010-11-02 04:34 . 2010-12-16 05:45 179712 ----a-w- c:\windows\SysWow64\schtasks.exe
    2010-10-29 16:18 . 2010-09-24 16:04 588096 ----a-w- c:\progra~3\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
    2010-10-28 16:24 . 2010-07-28 16:36 737072 ----a-w- c:\progra~3\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
    2010-10-27 05:06 . 2010-12-16 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
    2010-10-27 04:32 . 2010-12-16 05:45 2048 ----a-w- c:\windows\SysWow64\tzres.dll
    2010-04-23 04:00 . 2010-04-23 04:00 6 ----a-w- c:\program files (x86)\Common Files\UnInstallCompleted.tmp
    2010-03-09 03:50 . 2010-03-09 03:50 150528 ----a-w- c:\program files (x86)\Common Files\osdinst.dll
    2010-03-09 01:02 . 2010-03-09 03:50 4674112 ----a-w- c:\program files (x86)\Common Files\xsignal.exe
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{930f1200-f5f1-4870-bac6-e233ec8e7023}"= "c:\program files (x86)\Softonic_English\tbSoft.dll" [2009-10-27 2325528]
    [HKEY_CLASSES_ROOT\clsid\{930f1200-f5f1-4870-bac6-e233ec8e7023}]
    [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{930f1200-f5f1-4870-bac6-e233ec8e7023}]
    2009-10-27 15:45 2325528 ----a-w- c:\program files (x86)\Softonic_English\tbSoft.dll
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
    "{930f1200-f5f1-4870-bac6-e233ec8e7023}"= "c:\program files (x86)\Softonic_English\tbSoft.dll" [2009-10-27 2325528]
    [HKEY_CLASSES_ROOT\clsid\{930f1200-f5f1-4870-bac6-e233ec8e7023}]
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-09-23 4240760]
    "Sidebar"="c:\program files (x86)\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
    "AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2009-11-15 33120]
    "Steam"="c:\program files (x86)\Steam\Steam.exe" [2010-11-21 1242448]
    "DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2010-04-15 427328]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520]
    "Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2009-07-07 1779952]
    "DellSupportCenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
    "fsn"="c:\program files (x86)\Phoenix Technologies Ltd\FailSafe\FailSafeNotifier.exe" [2010-03-09 137792]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2009-11-11 417792]
    "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
    "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
    c:\users\Nova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    CurseClientStartup.ccip [2010-3-10 0]
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
    winupd.exe [2010-7-18 196096]
    c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-30 1316192]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "aux1"=wdmaud.drv
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-03 136176]
    R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-07-17 220672]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2009-08-29 49152]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-01 1255736]
    R3 WPRO_40_1340;WinPcap Packet Driver (WPRO_40_1340);c:\windows\system32\drivers\WPRO_40_1340.sys [x]
    S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-05 828912]
    S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-03-25 139704]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
    S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-10-09 92160]
    S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
    S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-03-25 163888]
    S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2010-03-25 810120]
    S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2010-03-25 50600]
    S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
    S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-12 151040]
    S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2009-09-26 233984]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]

    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    Contents of the 'Scheduled Tasks' folder
    2011-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-03 22:40]
    2011-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-03 22:40]
    .
    --------- x86-64 -----------

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-09-16 357376]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-09 8158240]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-10-23 166424]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-10-23 390168]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2009-10-23 408600]
    "QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2009-10-01 3189016]
    "Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]
    "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-03-25 2839840]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x0
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1142338
    DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab
    DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab
    FF - ProfilePath - c:\users\Nova\AppData\Roaming\Mozilla\Firefox\Profiles\scrb9w7i.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1098640&SearchSource=3&q={searchTerms}
    FF - prefs.js: browser.search.selectedEngine - free-downloads.net Customized Web Search
    FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT1098640&SearchSource=13
    FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=VUZTDF&PC=VUZE&q=
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
    FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
    FF - Ext: Tamper Data: {9c51bd27-6ed8-4000-a2bf-36cb95c0c947} - %profile%\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}
    FF - Ext: Firebug: [email protected] - %profile%\extensions\[email protected]
    FF - Ext: free-downloads.net Toolbar: {ecdee021-0d17-467f-a1ff-c7a115230949} - %profile%\extensions\{ecdee021-0d17-467f-a1ff-c7a115230949}
    FF - Ext: Search Toolbar: [email protected] - %profile%\extensions\[email protected]
    FF - user.js: yahoo.homepage.dontask - true
    .
    - - - - ORPHANS REMOVED - - - -
    Toolbar-Locked - (no file)
    SafeBoot-mcmscsvc
    SafeBoot-MCODS
    Toolbar-Locked - (no file)
    WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
    WebBrowser-{930F1200-F5F1-4870-BAC6-E233EC8E7023} - (no file)
    AddRemove-Search Toolbar - c:\program files (x86)\Search Toolbar\SearchToolbarUninstall.exe

    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    [HKEY_USERS\S-1-5-21-3353836649-3912363437-4109639246-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="WindowsLiveMail.Email.1"
    [HKEY_USERS\S-1-5-21-3353836649-3912363437-4109639246-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="WindowsLiveMail.VCard.1"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
    "ThreadingModel"="Apartment"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx"
    "ThreadingModel"="Apartment"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10i.ocx, 1"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    c:\program files (x86)\IObit\Game Booster\GameBox.exe
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\winupd.exe
    c:\program files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    c:\program files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    c:\program files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    c:\program files (x86)\Dell Support Center\bin\sprtsvc.exe
    .
    **************************************************************************
    .
    Completion time: 2011-01-21 08:03:18 - machine was rebooted
    ComboFix-quarantined-files.txt 2011-01-21 13:03
    Pre-Run: 13,811,634,176 bytes free
    Post-Run: 13,969,072,128 bytes free
    - - End Of File - - E4948CF43CE075A2FFBB4007895A641F
     
  15. serath40

    serath40 Thread Starter

    Joined:
    Jan 19, 2011
    Messages:
    14
    and sorry my son puts crazy programs on my pc which must be the cause. i let him check the logs out before i posted as he has some experience with the pc he must have deleted something before he saved.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/975720

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice