onimod
2010-08-30, 04:58
As my main browser i use firefox but lately i have been having some serious issues with it using too much ram and it also will not work from the shortcut on the desktop i have to go into start programs and use firefox safe mode.
My system is an acer aspire running windows vista home premium and has the windows firewall on as well as eset smart security and i occasionally run malwarebytes ccleaner and spybot s&d.
I have tried to remove firefox and re install but this has done nothing and the programs above i have ran and they fix any of the small issues that come up.
DDS LOG:
DDS (Ver_10-03-17.01) - NTFSX64
Run by Jock at 2:48:48.96 on 30/08/2010
Internet Explorer: 8.0.6001.18943 BrowserJavaVersion: 1.6.0_20
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.4094.2043 [GMT 1:00]
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\SiteAdvisor\6172\SAService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RAVCpl64.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\mobsync.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Jock\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.co.uk/
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&s=1&o=vp64&d=0309&m=aspire_x1700
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&s=1&o=vp64&d=0309&m=aspire_x1700
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&s=1&o=vp64&d=0309&m=aspire_x1700
mLocal Page = c:\windows\syswow64\blank.htm
uInternet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,;*.local
uInternet Settings,ProxyServer = socks=
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files (x86)\adobe\/Adobe Contribute CS3/contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files (x86)\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~2\spybot~1\SDHelper.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files (x86)\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files (x86)\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files (x86)\windows live\companion\companioncore.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files (x86)\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files (x86)\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\program files (x86)\acer\empowering technology\edatasecurity\x86\eDStoolbar.dll
TB: {C17590D2-ECB4-4b15-8820-F58798DCC118} - No File
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files (x86)\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files (x86)\adobe\/Adobe Contribute CS3/contributeieplugin.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files (x86)\ask.com\GenericAskToolbar.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files (x86)\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [msnmsgr] "c:\program files (x86)\windows live\messenger\msnmsgr.exe" /background
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [ITTAgent]
mRun: [eRecoveryService]
mRun: [<NO NAME>]
mRun: [Microsoft Default Manager] "c:\program files (x86)\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [Hercules DJ Series] c:\program files\hercules\audio\dj console series\HDJSeriesCPL.exe /boot
mRun: [iTunesHelper] "c:\program files (x86)\itunes\iTunesHelper.exe"
mRun: [TkBellExe] "c:\program files (x86)\common files\real\update_ob\realsched.exe" -osboot
StartupFolder: c:\users\jock\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files (x86)\erunt\AUTOBACK.EXE
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Webshots Photo Search - c:\program files (x86)\webshots\WSToolbar4IE.dll/MENUSEARCH.HTM
IE: Append to existing PDF - c:\program files (x86)\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files (x86)\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files (x86)\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files (x86)\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files (x86)\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files (x86)\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files (x86)\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files (x86)\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~2\micros~1\office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files (x86)\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files (x86)\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~2\micros~1\office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files (x86)\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~1\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~2\spybot~1\SDHelper.dll
Trusted Zone: live.com\login
Trusted Zone: xbox.com\live
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files (x86)\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~2\common~1\skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files (x86)\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files (x86)\microsoft office\office12\GrooveShellExtensions.dll
BHO-X64: ShowBarObj Class: {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - c:\program files (x86)\acer\empowering technology\edatasecurity\x64\ActiveToolBand.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
TB-X64: Acer eDataSecurity Management: {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - c:\program files (x86)\acer\empowering technology\edatasecurity\x64\eDStoolbar.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {C17590D2-ECB4-4B15-8820-F58798DCC118} - No File
TB-X64: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun-x64: [RtHDVCpl] RAVCpl64.exe
mRun-x64: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
Hosts: 127.0.0.1 www.spywareinfo.com
================= FIREFOX ===================
FF - ProfilePath - c:\users\jock\appdata\roaming\mozilla\firefox\profiles\1stpre6z.default\
FF - prefs.js: browser.search.selectedEngine - Chambers (UK)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files (x86)\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files (x86)\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files (x86)\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files (x86)\microsoft\office live\npOLW.dll
FF - plugin: c:\program files (x86)\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files (x86)\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\users\jock\appdata\local\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\windows\syswow64\macromed\flash\NPSWF32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http -
FF - user.js: network.proxy.http_port - 0
FF - user.js: network.proxy.ssl -
FF - user.js: network.proxy.ssl_port - 0
FF - user.js: network.proxy.ftp -
FF - user.js: network.proxy.ftp_port - 0
FF - user.js: network.proxy.gopher -
FF - user.js: network.proxy.gopher_port - 0
FF - user.js: network.proxy.socks_version - 5
FF - user.js: network.proxy.socks -
FF - user.js: network.proxy.socks_port - 0
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
============= SERVICES / DRIVERS ===============
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/07/13 20:18:53];c:\program files (x86)\cyberlink\powerdvd9\000.fcl [2009-5-7 146928]
R2 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-3-19 134024]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\x86\ekrn.exe [2009-3-19 731840]
R2 epfwwfp;epfwwfp;c:\windows\system32\drivers\epfwwfp.sys [2009-3-19 44944]
R2 ETService;Empowering Technology Service;c:\program files\acer\empowering technology\service\ETService.exe [2009-3-14 24576]
R2 HerculesDJControlMP3;Hercules DJ Control MP3;c:\program files\hercules\audio\dj console series\HerculesDJControlMP3.EXE [2010-8-14 20480]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\spybot - search & destroy\SDWinSec.exe [2009-4-9 1153368]
R3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 27648]
S2 .EsetTrialReset;Eset Trial Reset;c:\windows\reset.exe [2009-3-13 357182]
S2 ASTSRV;Nalpeiron Licensing Service;c:\windows\system32\astsrv.exe --> c:\windows\system32\ASTSRV.EXE [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);c:\program files (x86)\google\update\GoogleUpdate.exe [2010-3-17 136176]
S2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe --> c:\progra~1\mcafee\viruss~1\mcshield.exe [?]
S3 bsusbser;PHD USB Adapter;c:\windows\system32\drivers\bsusbser.sys [2008-1-23 113664]
S3 Bulk;HDJBulk;c:\windows\system32\drivers\HDJBulk.sys [2010-8-14 163328]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-8-20 48480]
S3 fsssvc;Windows Live Family Safety Service;c:\program files (x86)\windows live\family safety\fsssvc.exe [2010-8-9 1472352]
S3 HDJAsioK;HDJAsioK;c:\windows\system32\drivers\HDJAsioK.sys [2010-8-14 226304]
S3 HDJCtrl;HDJCtrl;c:\windows\system32\drivers\HDJCtrl.sys [2010-8-14 27648]
S3 HDJMidi;Hercules DJ Console MIDI;c:\windows\system32\drivers\HDJMidi.sys [2010-8-14 162304]
S3 ITEIO.SYS;ITEIO.SYS;c:\windows\system32\drivers\ITEIO.sys [2009-4-8 13144]
S3 leafnets;Leaf Networks Adapter;c:\windows\system32\drivers\leafnets.sys [2008-4-25 29696]
S3 McSysmon;McAfee SystemGuards;c:\progra~2\mcafee\viruss~1\mcsysmon.exe --> c:\progra~2\mcafee\viruss~1\mcsysmon.exe [?]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2009-3-14 56352]
S3 PerfHost;Performance Counter DLL Host;c:\windows\syswow64\perfhost.exe [2008-1-21 19968]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework64\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files (x86)\acer arcade live\acer homemedia connect\kernel\dms\CLMSServer.exe [2009-3-14 270422]
S4 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files (x86)\newtech infosystems\nti backup now 5\client\Agentsvc.exe [2008-3-3 16384]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe [2009-10-19 89920]
S4 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\newtech infosystems\nti backup now 5\BackupSvc.exe [2008-4-26 45056]
S4 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\newtech infosystems\nti backup now 5\SchedulerSvc.exe [2008-4-26 131072]
============== File Associations ===============
JSEFile=c:\windows\syswow64\WScript.exe "%1" %*
=============== Created Last 30 ================
2010-08-27 03:25:15 0 d-----w- C:\Archivos de programa
2010-08-24 16:33:17 0 d-----w- c:\program files (x86)\Hardcore Lives Tuner v5
2010-08-20 01:03:17 0 d-----w- c:\windows\en
2010-08-20 00:56:54 48480 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-08-19 00:20:21 0 d-----w- c:\program files (x86)\MP3Gain
2010-08-16 15:51:56 0 d-----w- c:\program files\iPod
2010-08-16 15:51:54 0 d-----w- c:\program files\iTunes
2010-08-14 20:52:48 336896 ----a-w- c:\windows\system32\HDJSeries.cpl
2010-08-14 20:52:42 92160 ----a-w- c:\windows\system32\HDJAsioCpl.dll
2010-08-14 20:52:42 77312 ----a-w- c:\windows\system32\HDJAsiou.dll
2010-08-14 20:52:42 73728 ----a-w- c:\windows\syswow64\HDJSAPI.dll
2010-08-14 20:52:42 73728 ----a-w- c:\windows\syswow64\HDJAsioCpl.dll
2010-08-14 20:52:42 66048 ----a-w- c:\windows\syswow64\HDJAsiou.dll
2010-08-14 20:52:42 27648 ----a-w- c:\windows\system32\drivers\HDJCtrl.sys
2010-08-14 20:52:42 226304 ----a-w- c:\windows\system32\drivers\HDJAsioK.sys
2010-08-14 20:52:42 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2010-08-14 20:52:42 163328 ----a-w- c:\windows\system32\drivers\HDJBulk.sys
2010-08-14 20:52:42 162304 ----a-w- c:\windows\system32\drivers\HDJMidi.sys
2010-08-14 20:52:40 0 d-----w- c:\program files\Hercules
2010-08-13 14:15:16 0 d-----w- c:\users\jock\appdata\roaming\Malwarebytes
2010-08-13 14:15:08 0 d-----w- c:\programdata\Malwarebytes
2010-08-13 14:15:07 24664 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-13 14:15:07 0 d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2010-08-13 13:44:55 0 d-----w- c:\users\jock\appdata\roaming\AVS4YOU
2010-08-13 13:43:05 0 d-----w- c:\program files (x86)\common files\AVSMedia
2010-08-13 13:42:42 974848 ----a-w- c:\windows\syswow64\mfc70.dll
2010-08-13 13:42:42 487424 ----a-w- c:\windows\syswow64\msvcp70.dll
2010-08-13 13:42:41 0 d-----w- c:\programdata\AVS4YOU
2010-08-13 13:42:41 0 d-----w- c:\program files (x86)\AVS4YOU
2010-08-10 18:44:38 49016 ----a-w- c:\windows\syswow64\sirenacm.dll
2010-08-10 18:39:02 297328 ----a-w- c:\windows\WLXPGSS.SCR
2010-08-10 04:15:58 94208 ----a-w- c:\windows\syswow64\QuickTimeVR.qtx
2010-08-10 04:15:58 69632 ----a-w- c:\windows\syswow64\QuickTime.qts
2010-08-06 12:40:45 524288 --sha-w- c:\users\jock\NTUSER.DAT{c6e3e2e0-a154-11df-a926-0021973dfa18}.TMContainer00000000000000000002.regtrans-ms
2010-08-06 12:40:44 65536 --sha-w- c:\users\jock\NTUSER.DAT{c6e3e2e0-a154-11df-a926-0021973dfa18}.TM.blf
2010-08-06 12:40:44 524288 --sha-w- c:\users\jock\NTUSER.DAT{c6e3e2e0-a154-11df-a926-0021973dfa18}.TMContainer00000000000000000001.regtrans-ms
2010-08-03 14:02:07 11584512 ----a-w- c:\windows\syswow64\shell32.dll
==================== Find3M ====================
2010-08-30 01:08:38 932108 ---ha-w- c:\windows\syswow64\mlfcache.dat
2010-08-29 12:55:51 34805 ----a-w- c:\programdata\nvModes.dat
2010-08-14 20:54:06 86016 ----a-w- c:\windows\inf\infstor.dat
2010-08-14 20:54:06 51200 ----a-w- c:\windows\inf\infpub.dat
2010-08-14 20:54:06 143360 ----a-w- c:\windows\inf\infstrng.dat
2010-06-26 06:30:12 1147904 ----a-w- c:\windows\system32\wininet.dll
2010-06-26 06:25:54 77312 ----a-w- c:\windows\system32\iesetup.dll
2010-06-26 06:25:54 132096 ----a-w- c:\windows\system32\iesysprep.dll
2010-06-26 06:05:49 916480 ----a-w- c:\windows\syswow64\wininet.dll
2010-06-26 06:05:41 1210368 ----a-w- c:\windows\syswow64\urlmon.dll
2010-06-26 06:04:40 206848 ----a-w- c:\windows\syswow64\occache.dll
2010-06-26 06:03:22 611840 ----a-w- c:\windows\syswow64\mstime.dll
2010-06-26 06:03:04 5951488 ----a-w- c:\windows\syswow64\mshtml.dll
2010-06-26 06:03:02 599040 ----a-w- c:\windows\syswow64\msfeeds.dll
2010-06-26 06:03:02 55296 ----a-w- c:\windows\syswow64\msfeedsbs.dll
2010-06-26 06:02:31 25600 ----a-w- c:\windows\syswow64\jsproxy.dll
2010-06-26 06:02:15 71680 ----a-w- c:\windows\syswow64\iesetup.dll
2010-06-26 06:02:15 1986560 ----a-w- c:\windows\syswow64\iertutil.dll
2010-06-26 06:02:15 164352 ----a-w- c:\windows\syswow64\ieui.dll
2010-06-26 06:02:15 109056 ----a-w- c:\windows\syswow64\iesysprep.dll
2010-06-26 06:02:14 55808 ----a-w- c:\windows\syswow64\iernonce.dll
2010-06-26 06:02:14 184320 ----a-w- c:\windows\syswow64\iepeers.dll
2010-06-26 06:02:14 11077120 ----a-w- c:\windows\syswow64\ieframe.dll
2010-06-26 06:02:09 387584 ----a-w- c:\windows\syswow64\iedkcs32.dll
2010-06-26 04:47:47 162816 ----a-w- c:\windows\system32\ieUnatt.exe
2010-06-26 04:25:02 133632 ----a-w- c:\windows\syswow64\ieUnatt.exe
2010-06-26 04:24:51 173056 ----a-w- c:\windows\syswow64\ie4uinit.exe
2010-06-26 04:24:17 13312 ----a-w- c:\windows\syswow64\msfeedssync.exe
2010-06-21 14:05:22 2752000 ----a-w- c:\windows\system32\win32k.sys
2010-06-18 17:48:21 50688 ----a-w- c:\windows\system32\rtutils.dll
2010-06-18 17:31:29 36864 ----a-w- c:\windows\syswow64\rtutils.dll
2010-06-11 16:39:28 343040 ----a-w- c:\windows\system32\schannel.dll
2010-06-11 16:38:10 1869824 ----a-w- c:\windows\system32\msxml3.dll
2010-06-11 16:16:20 274944 ----a-w- c:\windows\syswow64\schannel.dll
2010-06-11 16:15:06 1248768 ----a-w- c:\windows\syswow64\msxml3.dll
2010-06-08 18:00:36 4697992 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-10-28 12:17:47 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-08-04 03:44:57 9705984 ----a-w- c:\program files (x86)\DS.exe
2008-01-21 03:21:59 174 --sha-w- c:\program files\desktop.ini
2008-01-21 03:21:59 174 --sha-w- c:\program files (x86)\desktop.ini
2006-11-02 15:14:56 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 15:14:56 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 15:14:56 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 15:14:56 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 10:52:12 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 10:52:12 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 10:52:10 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 10:52:10 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2003-05-01 12:59:32 1413120 ----a-w- c:\program files (x86)\DS_PlugIn.8bf
2010-02-15 21:34:12 16384 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\temp\cookies\index.dat
2010-02-15 21:34:12 16384 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\temp\history\history.ie5\index.dat
2010-02-15 21:34:12 32768 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\temp\temporary internet files\content.ie5\index.dat
2009-12-18 17:57:38 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2009-12-18 17:57:38 32768 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2009-10-29 02:06:29 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\temp\cookies\index.dat
2009-10-29 02:06:29 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\temp\history\history.ie5\index.dat
2009-10-29 02:06:29 32768 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\temp\temporary internet files\content.ie5\index.dat
2009-12-18 17:57:38 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\cookies\index.dat
2009-10-29 02:51:49 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat
2010-05-29 13:28:39 16384 --sha-w- c:\windows\syswow64\config\systemprofile\appdata\roaming\microsoft\windows\ietldcache\index.dat
============= FINISH: 2:50:18.59 ===============
Forgot to attach the other file in zip.
My system is an acer aspire running windows vista home premium and has the windows firewall on as well as eset smart security and i occasionally run malwarebytes ccleaner and spybot s&d.
I have tried to remove firefox and re install but this has done nothing and the programs above i have ran and they fix any of the small issues that come up.
DDS LOG:
DDS (Ver_10-03-17.01) - NTFSX64
Run by Jock at 2:48:48.96 on 30/08/2010
Internet Explorer: 8.0.6001.18943 BrowserJavaVersion: 1.6.0_20
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.4094.2043 [GMT 1:00]
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
C:\Program Files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\SiteAdvisor\6172\SAService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RAVCpl64.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\mobsync.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Jock\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.co.uk/
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&s=1&o=vp64&d=0309&m=aspire_x1700
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&s=1&o=vp64&d=0309&m=aspire_x1700
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&s=1&o=vp64&d=0309&m=aspire_x1700
mLocal Page = c:\windows\syswow64\blank.htm
uInternet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,;*.local
uInternet Settings,ProxyServer = socks=
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files (x86)\adobe\/Adobe Contribute CS3/contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files (x86)\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~2\spybot~1\SDHelper.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files (x86)\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files (x86)\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files (x86)\windows live\companion\companioncore.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files (x86)\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files (x86)\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\program files (x86)\acer\empowering technology\edatasecurity\x86\eDStoolbar.dll
TB: {C17590D2-ECB4-4b15-8820-F58798DCC118} - No File
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files (x86)\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files (x86)\adobe\/Adobe Contribute CS3/contributeieplugin.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files (x86)\ask.com\GenericAskToolbar.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files (x86)\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [msnmsgr] "c:\program files (x86)\windows live\messenger\msnmsgr.exe" /background
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [ITTAgent]
mRun: [eRecoveryService]
mRun: [<NO NAME>]
mRun: [Microsoft Default Manager] "c:\program files (x86)\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [Hercules DJ Series] c:\program files\hercules\audio\dj console series\HDJSeriesCPL.exe /boot
mRun: [iTunesHelper] "c:\program files (x86)\itunes\iTunesHelper.exe"
mRun: [TkBellExe] "c:\program files (x86)\common files\real\update_ob\realsched.exe" -osboot
StartupFolder: c:\users\jock\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files (x86)\erunt\AUTOBACK.EXE
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Webshots Photo Search - c:\program files (x86)\webshots\WSToolbar4IE.dll/MENUSEARCH.HTM
IE: Append to existing PDF - c:\program files (x86)\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files (x86)\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files (x86)\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files (x86)\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files (x86)\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files (x86)\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files (x86)\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files (x86)\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~2\micros~1\office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files (x86)\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files (x86)\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~2\micros~1\office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files (x86)\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~1\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~2\spybot~1\SDHelper.dll
Trusted Zone: live.com\login
Trusted Zone: xbox.com\live
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files (x86)\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~2\common~1\skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files (x86)\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files (x86)\microsoft office\office12\GrooveShellExtensions.dll
BHO-X64: ShowBarObj Class: {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - c:\program files (x86)\acer\empowering technology\edatasecurity\x64\ActiveToolBand.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
TB-X64: Acer eDataSecurity Management: {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - c:\program files (x86)\acer\empowering technology\edatasecurity\x64\eDStoolbar.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {C17590D2-ECB4-4B15-8820-F58798DCC118} - No File
TB-X64: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun-x64: [RtHDVCpl] RAVCpl64.exe
mRun-x64: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
Hosts: 127.0.0.1 www.spywareinfo.com
================= FIREFOX ===================
FF - ProfilePath - c:\users\jock\appdata\roaming\mozilla\firefox\profiles\1stpre6z.default\
FF - prefs.js: browser.search.selectedEngine - Chambers (UK)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files (x86)\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files (x86)\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files (x86)\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files (x86)\microsoft\office live\npOLW.dll
FF - plugin: c:\program files (x86)\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files (x86)\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\users\jock\appdata\local\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\windows\syswow64\macromed\flash\NPSWF32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http -
FF - user.js: network.proxy.http_port - 0
FF - user.js: network.proxy.ssl -
FF - user.js: network.proxy.ssl_port - 0
FF - user.js: network.proxy.ftp -
FF - user.js: network.proxy.ftp_port - 0
FF - user.js: network.proxy.gopher -
FF - user.js: network.proxy.gopher_port - 0
FF - user.js: network.proxy.socks_version - 5
FF - user.js: network.proxy.socks -
FF - user.js: network.proxy.socks_port - 0
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
============= SERVICES / DRIVERS ===============
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/07/13 20:18:53];c:\program files (x86)\cyberlink\powerdvd9\000.fcl [2009-5-7 146928]
R2 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-3-19 134024]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\x86\ekrn.exe [2009-3-19 731840]
R2 epfwwfp;epfwwfp;c:\windows\system32\drivers\epfwwfp.sys [2009-3-19 44944]
R2 ETService;Empowering Technology Service;c:\program files\acer\empowering technology\service\ETService.exe [2009-3-14 24576]
R2 HerculesDJControlMP3;Hercules DJ Control MP3;c:\program files\hercules\audio\dj console series\HerculesDJControlMP3.EXE [2010-8-14 20480]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\spybot - search & destroy\SDWinSec.exe [2009-4-9 1153368]
R3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 27648]
S2 .EsetTrialReset;Eset Trial Reset;c:\windows\reset.exe [2009-3-13 357182]
S2 ASTSRV;Nalpeiron Licensing Service;c:\windows\system32\astsrv.exe --> c:\windows\system32\ASTSRV.EXE [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);c:\program files (x86)\google\update\GoogleUpdate.exe [2010-3-17 136176]
S2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe --> c:\progra~1\mcafee\viruss~1\mcshield.exe [?]
S3 bsusbser;PHD USB Adapter;c:\windows\system32\drivers\bsusbser.sys [2008-1-23 113664]
S3 Bulk;HDJBulk;c:\windows\system32\drivers\HDJBulk.sys [2010-8-14 163328]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-8-20 48480]
S3 fsssvc;Windows Live Family Safety Service;c:\program files (x86)\windows live\family safety\fsssvc.exe [2010-8-9 1472352]
S3 HDJAsioK;HDJAsioK;c:\windows\system32\drivers\HDJAsioK.sys [2010-8-14 226304]
S3 HDJCtrl;HDJCtrl;c:\windows\system32\drivers\HDJCtrl.sys [2010-8-14 27648]
S3 HDJMidi;Hercules DJ Console MIDI;c:\windows\system32\drivers\HDJMidi.sys [2010-8-14 162304]
S3 ITEIO.SYS;ITEIO.SYS;c:\windows\system32\drivers\ITEIO.sys [2009-4-8 13144]
S3 leafnets;Leaf Networks Adapter;c:\windows\system32\drivers\leafnets.sys [2008-4-25 29696]
S3 McSysmon;McAfee SystemGuards;c:\progra~2\mcafee\viruss~1\mcsysmon.exe --> c:\progra~2\mcafee\viruss~1\mcsysmon.exe [?]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2009-3-14 56352]
S3 PerfHost;Performance Counter DLL Host;c:\windows\syswow64\perfhost.exe [2008-1-21 19968]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework64\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files (x86)\acer arcade live\acer homemedia connect\kernel\dms\CLMSServer.exe [2009-3-14 270422]
S4 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files (x86)\newtech infosystems\nti backup now 5\client\Agentsvc.exe [2008-3-3 16384]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe [2009-10-19 89920]
S4 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\newtech infosystems\nti backup now 5\BackupSvc.exe [2008-4-26 45056]
S4 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\newtech infosystems\nti backup now 5\SchedulerSvc.exe [2008-4-26 131072]
============== File Associations ===============
JSEFile=c:\windows\syswow64\WScript.exe "%1" %*
=============== Created Last 30 ================
2010-08-27 03:25:15 0 d-----w- C:\Archivos de programa
2010-08-24 16:33:17 0 d-----w- c:\program files (x86)\Hardcore Lives Tuner v5
2010-08-20 01:03:17 0 d-----w- c:\windows\en
2010-08-20 00:56:54 48480 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-08-19 00:20:21 0 d-----w- c:\program files (x86)\MP3Gain
2010-08-16 15:51:56 0 d-----w- c:\program files\iPod
2010-08-16 15:51:54 0 d-----w- c:\program files\iTunes
2010-08-14 20:52:48 336896 ----a-w- c:\windows\system32\HDJSeries.cpl
2010-08-14 20:52:42 92160 ----a-w- c:\windows\system32\HDJAsioCpl.dll
2010-08-14 20:52:42 77312 ----a-w- c:\windows\system32\HDJAsiou.dll
2010-08-14 20:52:42 73728 ----a-w- c:\windows\syswow64\HDJSAPI.dll
2010-08-14 20:52:42 73728 ----a-w- c:\windows\syswow64\HDJAsioCpl.dll
2010-08-14 20:52:42 66048 ----a-w- c:\windows\syswow64\HDJAsiou.dll
2010-08-14 20:52:42 27648 ----a-w- c:\windows\system32\drivers\HDJCtrl.sys
2010-08-14 20:52:42 226304 ----a-w- c:\windows\system32\drivers\HDJAsioK.sys
2010-08-14 20:52:42 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2010-08-14 20:52:42 163328 ----a-w- c:\windows\system32\drivers\HDJBulk.sys
2010-08-14 20:52:42 162304 ----a-w- c:\windows\system32\drivers\HDJMidi.sys
2010-08-14 20:52:40 0 d-----w- c:\program files\Hercules
2010-08-13 14:15:16 0 d-----w- c:\users\jock\appdata\roaming\Malwarebytes
2010-08-13 14:15:08 0 d-----w- c:\programdata\Malwarebytes
2010-08-13 14:15:07 24664 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-13 14:15:07 0 d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2010-08-13 13:44:55 0 d-----w- c:\users\jock\appdata\roaming\AVS4YOU
2010-08-13 13:43:05 0 d-----w- c:\program files (x86)\common files\AVSMedia
2010-08-13 13:42:42 974848 ----a-w- c:\windows\syswow64\mfc70.dll
2010-08-13 13:42:42 487424 ----a-w- c:\windows\syswow64\msvcp70.dll
2010-08-13 13:42:41 0 d-----w- c:\programdata\AVS4YOU
2010-08-13 13:42:41 0 d-----w- c:\program files (x86)\AVS4YOU
2010-08-10 18:44:38 49016 ----a-w- c:\windows\syswow64\sirenacm.dll
2010-08-10 18:39:02 297328 ----a-w- c:\windows\WLXPGSS.SCR
2010-08-10 04:15:58 94208 ----a-w- c:\windows\syswow64\QuickTimeVR.qtx
2010-08-10 04:15:58 69632 ----a-w- c:\windows\syswow64\QuickTime.qts
2010-08-06 12:40:45 524288 --sha-w- c:\users\jock\NTUSER.DAT{c6e3e2e0-a154-11df-a926-0021973dfa18}.TMContainer00000000000000000002.regtrans-ms
2010-08-06 12:40:44 65536 --sha-w- c:\users\jock\NTUSER.DAT{c6e3e2e0-a154-11df-a926-0021973dfa18}.TM.blf
2010-08-06 12:40:44 524288 --sha-w- c:\users\jock\NTUSER.DAT{c6e3e2e0-a154-11df-a926-0021973dfa18}.TMContainer00000000000000000001.regtrans-ms
2010-08-03 14:02:07 11584512 ----a-w- c:\windows\syswow64\shell32.dll
==================== Find3M ====================
2010-08-30 01:08:38 932108 ---ha-w- c:\windows\syswow64\mlfcache.dat
2010-08-29 12:55:51 34805 ----a-w- c:\programdata\nvModes.dat
2010-08-14 20:54:06 86016 ----a-w- c:\windows\inf\infstor.dat
2010-08-14 20:54:06 51200 ----a-w- c:\windows\inf\infpub.dat
2010-08-14 20:54:06 143360 ----a-w- c:\windows\inf\infstrng.dat
2010-06-26 06:30:12 1147904 ----a-w- c:\windows\system32\wininet.dll
2010-06-26 06:25:54 77312 ----a-w- c:\windows\system32\iesetup.dll
2010-06-26 06:25:54 132096 ----a-w- c:\windows\system32\iesysprep.dll
2010-06-26 06:05:49 916480 ----a-w- c:\windows\syswow64\wininet.dll
2010-06-26 06:05:41 1210368 ----a-w- c:\windows\syswow64\urlmon.dll
2010-06-26 06:04:40 206848 ----a-w- c:\windows\syswow64\occache.dll
2010-06-26 06:03:22 611840 ----a-w- c:\windows\syswow64\mstime.dll
2010-06-26 06:03:04 5951488 ----a-w- c:\windows\syswow64\mshtml.dll
2010-06-26 06:03:02 599040 ----a-w- c:\windows\syswow64\msfeeds.dll
2010-06-26 06:03:02 55296 ----a-w- c:\windows\syswow64\msfeedsbs.dll
2010-06-26 06:02:31 25600 ----a-w- c:\windows\syswow64\jsproxy.dll
2010-06-26 06:02:15 71680 ----a-w- c:\windows\syswow64\iesetup.dll
2010-06-26 06:02:15 1986560 ----a-w- c:\windows\syswow64\iertutil.dll
2010-06-26 06:02:15 164352 ----a-w- c:\windows\syswow64\ieui.dll
2010-06-26 06:02:15 109056 ----a-w- c:\windows\syswow64\iesysprep.dll
2010-06-26 06:02:14 55808 ----a-w- c:\windows\syswow64\iernonce.dll
2010-06-26 06:02:14 184320 ----a-w- c:\windows\syswow64\iepeers.dll
2010-06-26 06:02:14 11077120 ----a-w- c:\windows\syswow64\ieframe.dll
2010-06-26 06:02:09 387584 ----a-w- c:\windows\syswow64\iedkcs32.dll
2010-06-26 04:47:47 162816 ----a-w- c:\windows\system32\ieUnatt.exe
2010-06-26 04:25:02 133632 ----a-w- c:\windows\syswow64\ieUnatt.exe
2010-06-26 04:24:51 173056 ----a-w- c:\windows\syswow64\ie4uinit.exe
2010-06-26 04:24:17 13312 ----a-w- c:\windows\syswow64\msfeedssync.exe
2010-06-21 14:05:22 2752000 ----a-w- c:\windows\system32\win32k.sys
2010-06-18 17:48:21 50688 ----a-w- c:\windows\system32\rtutils.dll
2010-06-18 17:31:29 36864 ----a-w- c:\windows\syswow64\rtutils.dll
2010-06-11 16:39:28 343040 ----a-w- c:\windows\system32\schannel.dll
2010-06-11 16:38:10 1869824 ----a-w- c:\windows\system32\msxml3.dll
2010-06-11 16:16:20 274944 ----a-w- c:\windows\syswow64\schannel.dll
2010-06-11 16:15:06 1248768 ----a-w- c:\windows\syswow64\msxml3.dll
2010-06-08 18:00:36 4697992 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-10-28 12:17:47 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-08-04 03:44:57 9705984 ----a-w- c:\program files (x86)\DS.exe
2008-01-21 03:21:59 174 --sha-w- c:\program files\desktop.ini
2008-01-21 03:21:59 174 --sha-w- c:\program files (x86)\desktop.ini
2006-11-02 15:14:56 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 15:14:56 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 15:14:56 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 15:14:56 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 10:52:12 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 10:52:12 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 10:52:10 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 10:52:10 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2003-05-01 12:59:32 1413120 ----a-w- c:\program files (x86)\DS_PlugIn.8bf
2010-02-15 21:34:12 16384 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\temp\cookies\index.dat
2010-02-15 21:34:12 16384 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\temp\history\history.ie5\index.dat
2010-02-15 21:34:12 32768 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\temp\temporary internet files\content.ie5\index.dat
2009-12-18 17:57:38 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2009-12-18 17:57:38 32768 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2009-10-29 02:06:29 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\temp\cookies\index.dat
2009-10-29 02:06:29 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\temp\history\history.ie5\index.dat
2009-10-29 02:06:29 32768 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\temp\temporary internet files\content.ie5\index.dat
2009-12-18 17:57:38 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\cookies\index.dat
2009-10-29 02:51:49 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat
2010-05-29 13:28:39 16384 --sha-w- c:\windows\syswow64\config\systemprofile\appdata\roaming\microsoft\windows\ietldcache\index.dat
============= FINISH: 2:50:18.59 ===============
Forgot to attach the other file in zip.