1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Unwelcomed 'Welcome to nginx!'

Discussion in 'Virus & Other Malware Removal' started by radiocycle, Apr 9, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. radiocycle

    radiocycle Thread Starter

    Joined:
    Apr 9, 2012
    Messages:
    4
    Hi All,

    I hope I'm posting this correctly, so here goes. All of a sudden when I try to log into my fave site, priuschat.com, I get the 'Welcome to nginx!' and a all white screen. This only happens when I use my usual browser Firefox 12. When I try to access priuschat.com with Chrome, it works fine. I've scanned with Malwarebytes but it didn't come up with anything. I'm running Win 7 (64bit).

    So here's the HT log and the DDS scan:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 2:52:31 PM, on 4/9/2012
    Platform: Unknown Windows (WinNT 6.01.3505 SP1)
    MSIE: Internet Explorer v8.00 (8.00.7601.17514)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Vista Start Menu\VistaStartMenu.exe
    C:\Users\radiocycle\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe
    C:\ProgramData\Clickfree\HDDV2NUSB3\Reminder\SacReminder.exe
    C:\Users\radiocycle\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe
    C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe
    C:\Windows\FixCamera.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
    C:\Program Files (x86)\Spell Check Anywhere\sa.exe
    C:\Program Files (x86)\Spell Check Anywhere\SpellCheckAnywhereAssist.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
    C:\Users\radiocycle\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\radiocycle\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Users\radiocycle\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Users\radiocycle\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
    C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=93&bd=Pavilion&pf=cndt
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.blekko.com/ws/?sourc...20120402D186422F8F87FB5E8EA10702&tbp=homepage
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - (no file)
    F2 - REG:system.ini: UserInit=userinit.exe,
    O1 - Hosts: ::1 localhost
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    O2 - BHO: Search.com Bar - {80987362-6216-49bc-98e4-77e6cf71a5d7} - C:\Program Files (x86)\searchcom_001\searchcom_001X.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O2 - BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0552.0\msneshellx.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0552.0\msneshellx.dll
    O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
    O3 - Toolbar: Search.com Bar - {80987362-6216-49bc-98e4-77e6cf71a5d7} - C:\Program Files (x86)\searchcom_001\searchcom_001X.dll
    O4 - HKLM\..\Run: [RunSpellCheckAnywhere] C:\Program Files (x86)\Spell Check Anywhere\sastarter.exe startup
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKLM\..\Run: [EaseUs Watch] "C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe"
    O4 - HKLM\..\Run: [EaseUs Tray] "C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe"
    O4 - HKLM\..\Run: [FixCamera] C:\Windows\FixCamera.exe
    O4 - HKLM\..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe
    O4 - HKLM\..\Run: [tsnp2uvc] C:\Windows\tsnp2uvc.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
    O4 - HKCU\..\Run: [VistaStartMenu] C:\Program Files (x86)\Vista Start Menu\VistaStartMenu.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Users\radiocycle\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [SacReminderHDDV2N] C:\ProgramData\Clickfree\HDDV2NUSB3\reminder\SacReminder.exe
    O4 - HKCU\..\Run: [cdloader] "C:\Users\radiocycle\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Startup: Dropbox.lnk = radiocycle\AppData\Roaming\Dropbox\bin\Dropbox.exe
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O13 - Gopher Prefix:
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: B-Service - Unknown owner - C:\Users\radiocycle\AppData\Roaming\Mikogo\B-Service.exe
    O23 - Service: CFUACProxy_hddv2nusb3 - Storage Appliance Corp. - C:\ProgramData\Clickfree\HDDV2NUSB3\UACProxy.exe
    O23 - Service: EaseUS Agent - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
    O23 - Service: Guard Agent - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: M4-Service - Unknown owner - C:\Users\radiocycle\AppData\Roaming\Mikogo 4\M4-Service.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files (x86)\Rosewill\Common\RaRegistry.exe
    O23 - Service: Ralink Registry Writer 64 (RalinkRegistryWriter64) - Ralink Technology, Corp. - C:\Program Files (x86)\Rosewill\Common\RaRegistry64.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: SacNetAgentService_C57C4F854F53 - Storage Appliance Corporation - C:\ProgramData\Clickfree\HDDV2NUSB3\Reminder\SacNetAgent.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 13058 bytes

    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_31
    Run by radiocycle at 20:06:45 on 2012-04-09
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6134.4495 [GMT -7:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
    SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\LSI SoftModem\agr64svc.exe
    C:\ProgramData\Clickfree\HDDV2NUSB3\UACProxy.exe
    C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe
    c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    C:\Users\radiocycle\AppData\Roaming\Mikogo 4\M4-Service.exe
    C:\Users\radiocycle\AppData\Roaming\Mikogo 4\M4-Capture.exe
    C:\Program Files (x86)\Rosewill\Common\RaRegistry.exe
    C:\Program Files (x86)\Rosewill\Common\RaRegistry64.exe
    C:\ProgramData\Clickfree\HDDV2NUSB3\Reminder\SacNetAgent.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Vista Start Menu\VistaStartMenu.exe
    C:\ProgramData\Clickfree\HDDV2NUSB3\Reminder\SacReminder.exe
    C:\Users\radiocycle\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe
    C:\Users\radiocycle\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler64.exe
    C:\Users\radiocycle\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe
    C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe
    C:\Windows\FixCamera.exe
    C:\Program Files (x86)\Spell Check Anywhere\sa.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
    C:\Windows\splwow64.exe
    C:\Program Files (x86)\Spell Check Anywhere\SpellCheckAnywhereAssist.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\System32\vds.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Vista Start Menu\VistaHookApp.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=93&bd=Pavilion&pf=cndt
    uStart Page = https://search.blekko.com/ws/?sourc...20120402D186422F8F87FB5E8EA10702&tbp=homepage
    uURLSearchHooks: H - No File
    mWinlogon: Userinit=userinit.exe,
    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO: Search.com Bar: {80987362-6216-49bc-98e4-77e6cf71a5d7} - C:\Program Files (x86)\searchcom_001\searchcom_001X.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0552.0\msneshellx.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0552.0\msneshellx.dll
    TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
    TB: Search.com Bar: {80987362-6216-49bc-98e4-77e6cf71a5d7} - C:\Program Files (x86)\searchcom_001\searchcom_001X.dll
    TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
    TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
    uRun: [VistaStartMenu] C:\Program Files (x86)\Vista Start Menu\VistaStartMenu.exe
    uRun: [Google Update] "C:\Users\radiocycle\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [SacReminderHDDV2N] C:\ProgramData\Clickfree\HDDV2NUSB3\reminder\SacReminder.exe
    uRun: [cdloader] "C:\Users\radiocycle\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
    mRun: [RunSpellCheckAnywhere] C:\Program Files (x86)\Spell Check Anywhere\sastarter.exe startup
    mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    mRun: [EaseUs Watch] "C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe"
    mRun: [EaseUs Tray] "C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe"
    mRun: [FixCamera] C:\Windows\FixCamera.exe
    mRun: [snp2uvc] C:\Windows\vsnp2uvc.exe
    mRun: [tsnp2uvc] C:\Windows\tsnp2uvc.exe
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
    StartupFolder: C:\Users\RADIOC~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\radiocycle\AppData\Roaming\Dropbox\bin\Dropbox.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    mPolicies-system: EnableLinkedConnections = 1 (0x1)
    IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    TCP: DhcpNameServer = 192.168.7.254
    TCP: Interfaces\{F9A0C53F-DCD6-4FEE-B59F-4A928392F1F2} : DhcpNameServer = 192.168.7.254
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
    BHO-X64: 0x1 - No File
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    BHO-X64: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
    BHO-X64: Canon Easy-WebPrint EX BHO - No File
    BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO-X64: Search.com Bar: {80987362-6216-49bc-98e4-77e6cf71a5d7} - C:\Program Files (x86)\searchcom_001\searchcom_001X.dll
    BHO-X64: Search.com Bar - No File
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO-X64: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0552.0\msneshellx.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB-X64: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0552.0\msneshellx.dll
    TB-X64: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
    TB-X64: Search.com Bar: {80987362-6216-49bc-98e4-77e6cf71a5d7} - C:\Program Files (x86)\searchcom_001\searchcom_001X.dll
    TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
    TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    EB-X64: {21347690-EC41-4F9A-8887-1F4AEE672439} - No File
    mRun-x64: [RunSpellCheckAnywhere] C:\Program Files (x86)\Spell Check Anywhere\sastarter.exe startup
    mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    mRun-x64: [EaseUs Watch] "C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe"
    mRun-x64: [EaseUs Tray] "C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe"
    mRun-x64: [FixCamera] C:\Windows\FixCamera.exe
    mRun-x64: [snp2uvc] C:\Windows\vsnp2uvc.exe
    mRun-x64: [tsnp2uvc] C:\Windows\tsnp2uvc.exe
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun-x64: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\radiocycle\AppData\Roaming\Mozilla\Firefox\Profiles\gaq9mth5.default\
    FF - prefs.js: browser.search.selectedEngine - Dogpile
    FF - prefs.js: browser.startup.homepage - hxxp://www.besthomepageever.com/
    FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z128&form=ZGAADF&install_date=20110929&q=
    FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
    FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordlegacyext.dll
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll
    FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
    FF - plugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll
    FF - plugin: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll
    FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPFxViewer.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
    FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
    FF - plugin: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
    FF - plugin: C:\Users\radiocycle\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
    FF - plugin: C:\Users\radiocycle\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
    FF - plugin: C:\Users\radiocycle\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
    ============= SERVICES / DRIVERS ===============
    .
    R0 EUBAKUP;EUBAKUP;C:\Windows\system32\drivers\eubakup.sys --> C:\Windows\system32\drivers\eubakup.sys [?]
    R0 EUBKMON;EUBKMON;C:\Windows\system32\drivers\EUBKMON.sys --> C:\Windows\system32\drivers\EUBKMON.sys [?]
    R1 EUDSKACS;EUDSKACS;\??\C:\Windows\system32\drivers\eudskacs.sys --> C:\Windows\system32\drivers\eudskacs.sys [?]
    R1 EUFDDISK;EUFDDISK;\??\C:\Windows\system32\drivers\EuFdDisk.sys --> C:\Windows\system32\drivers\EuFdDisk.sys [?]
    R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
    R2 CFUACProxy_hddv2nusb3;CFUACProxy_hddv2nusb3;C:\ProgramData\Clickfree\HDDV2NUSB3\UACProxy.exe [2012-3-13 83792]
    R2 EaseUS Agent;EaseUS Agent;C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [2012-2-17 61064]
    R2 Guard Agent;Guard Agent;C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [2012-2-17 23176]
    R2 M4-Service;M4-Service;C:\Users\radiocycle\AppData\Roaming\Mikogo 4\M4-Service.exe [2011-8-4 1003888]
    R2 RalinkRegistryWriter;Ralink Registry Writer;C:\Program Files (x86)\Rosewill\Common\RaRegistry.exe [2011-2-5 185632]
    R2 RalinkRegistryWriter64;Ralink Registry Writer 64;C:\Program Files (x86)\Rosewill\Common\RaRegistry64.exe [2011-2-5 211232]
    R2 SacNetAgentService_C57C4F854F53;SacNetAgentService_C57C4F854F53;C:\ProgramData\Clickfree\HDDV2NUSB3\Reminder\SacNetAgent.exe [2012-3-13 163664]
    R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
    R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
    R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-5-24 13336]
    S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-2-20 652360]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-4 253600]
    S3 B-Service;B-Service;C:\Users\radiocycle\AppData\Roaming\Mikogo\B-Service.exe [2011-4-20 185640]
    S3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2009-12-18 17864]
    S3 DroidCam;DroidCam Virtual Audio;C:\Windows\system32\drivers\droidcam.sys --> C:\Windows\system32\drivers\droidcam.sys [?]
    S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
    S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-7-11 130976]
    S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
    S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-3-31 129976]
    S3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver;C:\Windows\system32\DRIVERS\netr28ux.sys --> C:\Windows\system32\DRIVERS\netr28ux.sys [?]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
    S3 WSDScan;WSD Scan Support via UMB;C:\Windows\system32\DRIVERS\WSDScan.sys --> C:\Windows\system32\DRIVERS\WSDScan.sys [?]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2012-04-09 23:06:35 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{70245F9F-707B-4FD8-A33E-703A9FF963CF}\offreg.dll
    2012-04-09 21:52:01 -------- d-----w- C:\Program Files (x86)\Trend Micro
    2012-04-09 20:39:03 -------- d-----w- C:\Users\radiocycle\AppData\Local\{D894E4DB-B8E9-4D13-AFF9-E1AB9B42E42D}
    2012-04-09 20:38:52 -------- d-----w- C:\Users\radiocycle\AppData\Local\{F482D002-7AB3-4CE9-AD2D-6825DE62A5CD}
    2012-04-09 20:28:28 -------- d-----w- C:\Users\radiocycle\AppData\Local\{DF80EA95-9E43-4EF4-9D0A-2170918C4020}
    2012-04-09 14:19:20 8669240 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{70245F9F-707B-4FD8-A33E-703A9FF963CF}\mpengine.dll
    2012-04-07 17:19:43 -------- d-----w- C:\Users\radiocycle\AppData\Local\{5A7B19D1-7A6E-4B69-AE58-76F8456C020B}
    2012-04-07 17:19:31 -------- d-----w- C:\Users\radiocycle\AppData\Local\{D42ADC88-DDBC-4EBF-9D4D-45CACEEBDE83}
    2012-04-07 05:01:51 -------- d-----w- C:\Users\radiocycle\AppData\Local\{58B896E9-619D-41AB-9B69-1FDE223A6CCA}
    2012-04-07 03:29:41 -------- d-----w- C:\Users\radiocycle\AppData\Local\{701DD336-F8AF-445C-ACC9-01284BB0F86D}
    2012-04-04 15:12:08 8767136 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
    2012-04-04 14:26:19 418464 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-04-03 14:58:02 -------- d-----w- C:\Users\radiocycle\AppData\Local\{0E50AE10-D22C-4E43-BB75-F56B23B325F3}
    2012-04-02 13:42:18 -------- d-----w- C:\Users\radiocycle\AppData\Local\Ashisoft
    2012-04-02 13:42:09 -------- d-----w- C:\Users\radiocycle\AppData\Roaming\Ashisoft
    2012-04-02 13:41:49 -------- d-----w- C:\Program Files (x86)\Duplicate Finder
    2012-04-02 13:41:36 -------- d-----w- C:\ProgramData\blekko toolbars
    2012-04-02 13:41:30 -------- d-----w- C:\Program Files (x86)\searchcom_001
    2012-04-02 13:41:29 -------- d-----w- C:\Users\radiocycle\AppData\Local\searchcom_001
    2012-04-02 13:41:29 -------- d-----w- C:\ProgramData\Anti-phishing Domain Advisor
    2012-03-31 19:53:36 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
    2012-03-31 19:53:30 157352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
    2012-03-31 19:53:30 129976 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe
    2012-03-29 22:25:45 -------- d-----w- C:\Schizm CD
    2012-03-27 10:46:52 -------- d-----w- C:\Users\radiocycle\AppData\Local\{75AFACF2-AF7A-4E1D-908B-7C4F4373A847}
    2012-03-27 10:46:41 -------- d-----w- C:\Users\radiocycle\AppData\Local\{55E18704-5BF1-4346-9C76-F98F023A9B1E}
    2012-03-21 19:06:12 -------- d-----w- C:\Users\radiocycle\AppData\Local\{D46CC601-E59E-49DB-9DEF-AE7720FEFC6A}
    2012-03-21 19:06:01 -------- d-----w- C:\Users\radiocycle\AppData\Local\{24638614-0454-4694-A822-2E574FF5409C}
    2012-03-20 14:42:50 -------- d-----w- C:\Users\radiocycle\AppData\Local\tjnet
    2012-03-19 20:17:33 -------- d-----w- C:\ProgramData\magicJack
    2012-03-19 20:17:15 -------- d-----w- C:\Users\radiocycle\AppData\Roaming\mjusbsp
    2012-03-19 20:17:01 -------- d-----w- C:\Users\radiocycle\AppData\Local\magicJack
    2012-03-18 23:57:56 -------- d-----w- C:\Users\radiocycle\AppData\Local\{DAC3E7AD-81A3-4776-8536-4532ADECF780}
    2012-03-18 23:57:45 -------- d-----w- C:\Users\radiocycle\AppData\Local\{7F624635-16C3-4D47-B6BD-41EA4CDD5EC6}
    2012-03-17 20:57:28 -------- d-----w- C:\Users\radiocycle\AppData\Roaming\Elephant Games
    2012-03-17 03:06:56 -------- d-----w- C:\Users\radiocycle\AppData\Local\{4CD3F6B4-0968-4283-9610-5A02CE3C35DC}
    2012-03-17 02:46:57 -------- d-----w- C:\Program Files (x86)\ACLog 3.2
    2012-03-16 02:24:19 -------- d-----w- C:\Program Files (x86)\Audacity
    2012-03-15 15:08:00 588728 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
    2012-03-15 15:08:00 43960 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
    2012-03-15 14:45:09 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2012-03-15 14:45:09 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2012-03-15 14:45:08 3913584 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2012-03-14 14:45:09 3145728 ----a-w- C:\Windows\System32\win32k.sys
    2012-03-14 14:45:08 1544192 ----a-w- C:\Windows\System32\DWrite.dll
    2012-03-14 14:45:08 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
    2012-03-14 14:44:50 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
    2012-03-14 14:44:50 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
    2012-03-14 14:44:50 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
    2012-03-14 14:44:50 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
    2012-03-14 14:44:49 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
    2012-03-14 14:44:49 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
    2012-03-14 14:44:49 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
    2012-03-14 00:20:17 -------- d-----w- C:\ProgramData\CFTEMP
    2012-03-13 20:20:34 -------- d-----w- C:\ProgramData\Clickfree
    2012-03-13 02:04:03 -------- d-----w- C:\Users\radiocycle\AppData\Local\{CB0C0617-DCC5-418A-BFE1-B664C4F1CF63}
    2012-03-13 02:03:52 -------- d-----w- C:\Users\radiocycle\AppData\Local\{05875AAC-234D-4DAD-9F22-325A6EED67BB}
    2012-03-12 00:01:20 184320 ----a-w- C:\Windows\SysWow64\rsnp2uvc.dll
    2012-03-12 00:01:20 178688 ----a-w- C:\Windows\System32\rsnp2uvc.dll
    2012-03-12 00:01:19 331776 ----a-w- C:\Windows\tsnp2uvc.exe
    2012-03-12 00:01:18 -------- d-----w- C:\Program Files (x86)\Common Files\SNP2UVC
    2012-03-12 00:01:17 94208 ----a-w- C:\Windows\amcap.exe
    2012-03-12 00:01:17 20480 ----a-w- C:\Windows\FixCamera.exe
    .
    ==================== Find3M ====================
    .
    2012-04-04 15:12:30 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-03-31 23:52:02 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2012-03-31 23:49:18 3026 ----a-w- C:\Windows\SysWow64\drivers\hwinterface.sys
    2012-03-17 02:46:51 249856 ------w- C:\Windows\Setup1.exe
    2012-03-17 02:46:50 73216 ----a-w- C:\Windows\ST6UNST.EXE
    2012-01-31 12:44:20 279656 ------w- C:\Windows\System32\MpSigStub.exe
    .
    ============= FINISH: 20:07:59.95 ===============


    Thanks!

    radio
     
  2. radiocycle

    radiocycle Thread Starter

    Joined:
    Apr 9, 2012
    Messages:
    4
    OK, I cleared my cache and now I can go to the offending site using Firefox. I would delete this post, if I knew how...

    Thanks for the help.

    radio
     
  3. Deejay100six

    Deejay100six

    Joined:
    Sep 27, 2011
    Messages:
    496
    You should see a "solved" button top left of page, just click that. I would wait a couple of days though in case it happens again.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1048669