Yes, Cnet is a reliable site
Try this one
Running TrendMicro HouseCall:
- Click Download HouseCall to begin. Please note that HouseCall requires a small download before it can scan your computer.
- Download it to your desktop
- Double click HousecallLauncher.exe
- Select the Full Scan option.
- Let the scan run then post the results to this thread.
Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014
ERROR MESSAGE 386
No KeyBoard Detected
Press F1 To Continue
Just a reminder that threads will be closed if no reply in 3 days.
Whoops
Sorry, I overlooked the request for me to re-run OTL. I had started the ESET virus signature download before your last post, but it was taking a long time and I had to leave. When I came home, it had automatically run and cleaned the RegZooka file it found. Sorry to get things mixed up. Here's the record....
=================================
C:\Users\Jennifer\Downloads\Installed or Processed\RegZooka_99791572834471917421.exe a variant of Win32/Adware.RegGenie application cleaned by deleting - quarantined
==================================
I'll run OTL now, then HouseCall and post the results below.
OTL Logs
OTL logfile created on: 7/2/2012 6:20:59 PM - Run 2
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\Jennifer\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: New Zealand | Language: ENZ | Date Format: d/MM/yyyy
1.80 Gb Total Physical Memory | 0.59 Gb Available Physical Memory | 32.64% Memory free
3.59 Gb Paging File | 1.53 Gb Available in Paging File | 42.51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.22 Gb Total Space | 113.97 Gb Free Space | 51.29% Space Free | Partition Type: NTFS
Computer Name: JENW-PC | User Name: Jennifer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Jennifer\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
PRC - C:\Program Files\Evernote\Evernote\Evernote.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
PRC - C:\Program Files\Evernote\Evernote\EvernoteTray.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
PRC - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
PRC - C:\Users\Jennifer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - c:\Program Files\The Monticello Corporation\MSSQL.3\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Fingerprint Sensor\AtService.exe (AuthenTec, Inc.)
PRC - C:\Program Files\TOSHIBA\TFPU\TFPUPWDBank.exe (TOSHIBA)
PRC - C:\Program Files\TOSHIBA\TFPU\TFPUTaskMonitor.exe (TOSHIBA)
PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
PRC - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
PRC - C:\Windows\System32\ThpSrv.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files\TOSHIBA\TECO\TecoService.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
PRC - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)
PRC - C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\RSelect\RSelSvc.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
PRC - C:\Program Files\LSI SoftModem\agrsmsvc.exe (LSI Corporation)
PRC - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
PRC - C:\Program Files\Apoint2K\hidfind.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files\TOSHIBA\TNROTATE\TNROTATE.exe (TOSHIBA Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Users\Jennifer\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppgooglenaclpluginchrome.dll ()
MOD - C:\Users\Jennifer\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll ()
MOD - C:\Users\Jennifer\AppData\Local\Google\Chrome\Application\20.0.1132.47\libglesv2.dll ()
MOD - C:\Users\Jennifer\AppData\Local\Google\Chrome\Application\20.0.1132.47\libegl.dll ()
MOD - C:\Users\Jennifer\AppData\Local\Google\Chrome\Application\20.0.1132.47\avutil-51.dll ()
MOD - C:\Users\Jennifer\AppData\Local\Google\Chrome\Application\20.0.1132.47\avformat-54.dll ()
MOD - C:\Users\Jennifer\AppData\Local\Google\Chrome\Application\20.0.1132.47\avcodec-54.dll ()
MOD - C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd\1.2012.606.2_0\plugin\ace.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Program Files\Evernote\Evernote\libcef.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Program Files\Evernote\Evernote\libtidy.dll ()
MOD - C:\Program Files\Evernote\Evernote\libxml2.dll ()
MOD - C:\Program Files\Evernote\Evernote\avformat-52.dll ()
MOD - C:\Program Files\Evernote\Evernote\avcodec-52.dll ()
MOD - C:\Program Files\Evernote\Evernote\avutil-50.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\TOSHIBA\TFPU\TFPUCommon.dll ()
MOD - C:\windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll ()
MOD - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll ()
MOD - C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll ()
MOD - C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll ()
MOD - C:\Program Files\TOSHIBA\TBS\NotifyTBS.dll ()
MOD - C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll ()
MOD - C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll ()
MOD - C:\Program Files\TOSHIBA\PCDiag\NotifyPCD.dll ()
========== Win32 Services (SafeList) ==========
SRV - (SBSDWSCService) -- C:\Program Files\Spybot File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (MSSQL$PTPROFESSIONAL41) SQL Server (PTPROFESSIONAL41) -- c:\Program Files\The Monticello Corporation\MSSQL.3\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (ATService) -- C:\Program Files\Fingerprint Sensor\AtService.exe (AuthenTec, Inc.)
SRV - (EvtEng) Intel(R) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV - (RegSrvc) Intel(R) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (TPCHSrv) -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation)
SRV - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV - (TOSHIBA HDD SSD Alert Service) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation)
SRV - (cfWiMAXService) -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe (TOSHIBA CORPORATION)
SRV - (TOSHIBA Bluetooth Service) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (Thpsrv) -- C:\Windows\System32\ThpSrv.exe (TOSHIBA Corporation)
SRV - (TMachInfo) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (UNS) Intel(R) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (TOSHIBA eco Utility Service) -- C:\Program Files\TOSHIBA\TECO\TecoService.exe (TOSHIBA Corporation)
SRV - (EPSON_EB_RPCV4_04) EPSON V5 Service4(04) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE (SEIKO EPSON CORPORATION)
SRV - (EPSON_PM_RPCV4_04) EPSON V3 Service4(04) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE (SEIKO EPSON CORPORATION)
SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (RSELSVC) -- C:\Program Files\TOSHIBA\RSelect\RSelSvc.exe (TOSHIBA Corporation)
SRV - (ABBYY.Licensing.FineReader.Sprint.9.0) -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
SRV - (AgereModemAudio) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe (LSI Corporation)
SRV - (ConfigFree Service) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (BcmSqlStartupSvc) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (ZTEusbser6k) -- system32\DRIVERS\ZTEusbser6k.sys File not found
DRV - (ZTEusbnmea) -- system32\DRIVERS\ZTEusbnmea.sys File not found
DRV - (ZTEusbmdm6k) -- system32\DRIVERS\ZTEusbmdm6k.sys File not found
DRV - (massfilter) -- system32\drivers\massfilter.sys File not found
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (netr73) -- C:\Windows\System32\drivers\netr73.sys (Ralink Technology, Corp.)
DRV - (Netaapl) -- C:\Windows\System32\drivers\netaapl.sys (Apple Inc.)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (ATSwpWDF) -- C:\Windows\System32\drivers\ATSwpWDF.sys (AuthenTec, Inc.)
DRV - (NETw5s32) Intel(R) -- C:\Windows\System32\drivers\netw5s32.sys (Intel Corporation)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (IntcDAud) Intel(R) -- C:\Windows\System32\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV - (Impcd) -- C:\Windows\System32\drivers\Impcd.sys (Intel Corporation)
DRV - (tosrfbd) -- C:\Windows\System32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (e1kexpress) Intel(R) -- C:\Windows\System32\drivers\e1k6232.sys (Intel Corporation)
DRV - (HECI) Intel(R) -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation)
DRV - (Tosrfusb) -- C:\Windows\System32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (TosRfSnd) -- C:\Windows\System32\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV - (Tosrfcom) -- C:\Windows\System32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (risdpcie) -- C:\Windows\System32\drivers\risdpe86.sys (REDC)
DRV - (tos_sps32) -- C:\Windows\System32\drivers\tos_sps32.sys (TOSHIBA Corporation)
DRV - (tosrfnds) -- C:\Windows\System32\drivers\tosrfnds.sys (TOSHIBA Corporation.)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (LSI Corporation)
DRV - (TVALZ) -- C:\Windows\System32\drivers\TVALZ.SYS (TOSHIBA Corporation)
DRV - (tosrfec) -- C:\Windows\System32\drivers\tosrfec.sys (TOSHIBA Corporation)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (TPM) -- C:\Windows\System32\drivers\tpm.sys (Microsoft Corporation)
DRV - (rixdpcie) -- C:\Windows\System32\drivers\rixdpe86.sys (REDC)
DRV - (rimspci) -- C:\Windows\System32\drivers\rimspe86.sys (REDC)
DRV - (Thpevm) -- C:\Windows\System32\drivers\Thpevm.sys (TOSHIBA Corporation)
DRV - (Thpdrv) -- C:\Windows\System32\drivers\thpdrv.sys (TOSHIBA Corporation)
DRV - (PGEffect) -- C:\Windows\System32\drivers\PGEffect.sys (TOSHIBA Corporation)
DRV - (TVALZFL) -- C:\Windows\System32\drivers\TVALZFL.sys (TOSHIBA Corporation)
DRV - (Tosrfhid) -- C:\Windows\System32\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV - (tosrfbnp) -- C:\Windows\System32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (tosporte) -- C:\Windows\System32\drivers\tosporte.sys (TOSHIBA Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSAU
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-985302526-3885216461-293028738-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-985302526-3885216461-293028738-1007\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\InprocServer32 File not found
IE - HKU\S-1-5-21-985302526-3885216461-293028738-1007\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-985302526-3885216461-293028738-1007\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-985302526-3885216461-293028738-1007\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSAU_enNZ398NZ398
IE - HKU\S-1-5-21-985302526-3885216461-293028738-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-985302526-3885216461-293028738-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jennifer\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jennifer\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C1CA7765-44E4-452e-9D00-A04F3D434281}: C:\Program Files\TOSHIBA\TFPU\FirefoxAddin [2010/11/06 06:12:51 | 000,000,000 | ---D | M]
[2012/05/22 20:19:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jennifer\AppData\Roaming\Mozilla\Extensions
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Jennifer\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Jennifer\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Jennifer\AppData\Local\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - Extension: Foxit Toolbar = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaoiagmlcohkmjodefppbmpjdiocmh\7.15.1.22688_0\
CHR - Extension: BIODIGITAL HUMAN = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak\0.9.5_0\
CHR - Extension: Task Timer = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomfjmibjhhfdenfkpaodhnlhkolngif\3.7.3_0\
CHR - Extension: Google Drive = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6_0\
CHR - Extension: Turn Off the Lights = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.0.0.106_0\
CHR - Extension: YouTube = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: ScreenSh00ter = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjamodcfmindeooalnaodbgbckflcfgb\1.2.0.2_0\
CHR - Extension: Google Search = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Read Later Fast = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji\1.4.6_0\
CHR - Extension: Offline Google Mail = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.18_0\
CHR - Extension: Google Calendar = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: Google Finance = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgckldmmjdbpdejkclmfnnnehhocbfp\1.1_0\
CHR - Extension: AdBlock = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.37_0\
CHR - Extension: PDF Mergy = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgecghmkcdefnknohcimkoemhaofpoha\0.4.0_0\
CHR - Extension: Cloud Reader = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd\1.0.0.0_0\
CHR - Extension: BookedIN Appointment Scheduler = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\iheobladblmphoggmehhahdfikpbilnj\1.0.15_0\
CHR - Extension: Clearly = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\iooicodkiihhpojmmeghjclgihfjdjhj\6.3337.321.633_1\
CHR - Extension: Citable = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfiabcklnnhkmkcdjjpmgghiimjkaeio\1.5_0\
CHR - Extension: Zoho Sheet = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhegddohmncgelkehhnigphmloinkinj\1.2_0\
CHR - Extension: Calc-Sheet = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jinolkpkhpfipbnbedghadcpndobgiba\1.2_0\
CHR - Extension: Universo = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\joamekpghmpmbpcjjfpmfjhenhpidmep\1.2_0\
CHR - Extension: OpenOffice Document Reader = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpcfmmdlhndnfpagbmhbbfehenapoich\3_0\
CHR - Extension: Wordmark.it = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbpdmjdjcgpciedkahfcidpojchnooij\1.12_0\
CHR - Extension: Autodesk Homestyler = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb\2.2_0\
CHR - Extension: Wave Accounting = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\knpkfcpnjfbniadmfchjpcigfhookhaa\1.9.1_0\
CHR - Extension: Skype Click to Call = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10297_0\
CHR - Extension: Sketchpad = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkllajgbhondgjjnhmmgbjndmogapinp\1.0.0.1_0\
CHR - Extension: Chrome Reader = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\lojpenhmoajbiciapkjkiekmobleogjc\1.2_0\
CHR - Extension: MagicCube FeedStore for Google Reader = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafnkhhfaadhhhdcijjnajeceeppebdg\1.1_0\
CHR - Extension: Scraper = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbigbapnjcgaffohmbkdlecaccepngjd\1.6_0\
CHR - Extension: Chat for Google = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd\1.2012.606.2_0\
CHR - Extension: RSS Subscription Extension (by Google) = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd\2.2.0_0\
CHR - Extension: Photo Collage = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiabhgfgfhoilflkoicbmnejgjjfmhcg\1_0\
CHR - Extension: Evernote Web Clipper = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\5.5.1_0\
CHR - Extension: Google Reader = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm\4.3_0\
CHR - Extension: Gmail = C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012/07/01 23:43:36 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (TFPUPWDBankBHO Class) - {030AC7B6-E7EC-40F1-8FB2-C0FD344DE0B9} - C:\Program Files\TOSHIBA\TFPU\TFPUPWDBankBHO.dll (TODO: <Company name>)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [KeePass 2 PreLoad] C:\Program Files\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TFPUPWDBankService] C:\Program Files\TOSHIBA\TFPU\TFPUPWDBank.exe (TOSHIBA)
O4 - HKLM..\Run: [TFPUService] C:\Program Files\TOSHIBA\TFPU\TFPUTaskMonitor.exe (TOSHIBA)
O4 - HKLM..\Run: [TNRotate] C:\Program Files\TOSHIBA\TNROTATE\TNROTATE.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TOSDCR] C:\Program Files\TOSHIBA\PasswordUtility\TOSDCR.exe ()
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosVolRegulator] C:\Windows\TosVolRegulator.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TUSBSleepChargeSrv] C:\Program Files\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe (TOSHIBA)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKU\S-1-5-21-985302526-3885216461-293028738-1007..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKU\S-1-5-21-985302526-3885216461-293028738-1007..\Run: [EPSON Artisan 720 Series] C:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIGYA.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-985302526-3885216461-293028738-1007..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKU\S-1-5-21-985302526-3885216461-293028738-1007..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKU\S-1-5-21-985302526-3885216461-293028738-1007..\Run: [RegZooka] "C:\Program Files\RegZooka\RegZooka.exe" File not found
O4 - HKU\S-1-5-21-985302526-3885216461-293028738-1007..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Andrew - School\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O4 - Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Jennifer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O4 - Startup: C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PersonalBrain.lnk = File not found
O4 - Startup: C:\Users\Ryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\SteveW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-985302526-3885216461-293028738-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-985302526-3885216461-293028738-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-985302526-3885216461-293028738-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 10.4.0)
O16 - DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_04)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_04)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3F64F89A-84F1-47A2-AB63-080EDA8655A0}: DhcpNameServer = 203.97.78.43 203.97.78.44 203.97.78.44 203.97.78.43
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6DF5FB4E-1F23-4127-B7ED-8A15C224BF83}: NameServer = 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B1608E79-C941-4EC6-B359-B49DCD4347C7}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 09:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/07/02 10:04:20 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/07/02 09:52:41 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Jennifer\Desktop\esetsmartinstaller_enu.exe
[2012/07/01 23:43:30 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/07/01 20:39:03 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Jennifer\Desktop\OTL.exe
[2012/07/01 20:24:28 | 000,607,260 | ---- | C] (Swearware) -- C:\Users\Jennifer\Desktop\dds.scr
[2012/07/01 20:08:13 | 000,000,000 | ---D | C] -- C:\Users\Jennifer\Desktop\DeBugging Files
[2012/07/01 13:35:49 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Jennifer\Desktop\aswMBR.exe
[2012/06/29 03:21:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012/06/29 03:21:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/06/29 03:21:38 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2012/06/29 03:15:27 | 000,000,000 | ---D | C] -- C:\windows\ERDNT
[2012/06/29 03:15:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2012/06/29 03:15:00 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2012/06/28 01:41:46 | 000,000,000 | ---D | C] -- C:\Users\Jennifer\AppData\Roaming\Malwarebytes
[2012/06/28 01:41:41 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2012/06/28 01:41:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/06/28 01:41:41 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/06/28 01:41:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/06/26 23:51:55 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging
[2012/06/26 23:43:35 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2012/06/26 23:19:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Dumps
[2012/06/26 21:37:55 | 000,000,000 | ---D | C] -- C:\Users\Jennifer\AppData\Local\Macromedia
[2012/06/23 14:38:12 | 000,000,000 | ---D | C] -- C:\Users\Jennifer\Dropbox -- Not On (BACKUP)
[2012/06/23 13:40:40 | 000,000,000 | ---D | C] -- C:\Users\Jennifer\MY BACKUPS
[2012/06/23 11:57:23 | 000,000,000 | ---D | C] -- C:\Users\Jennifer\Desktop\Temp- to Upload to Evernote
[2012/06/22 12:38:23 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups2.dll
[2012/06/22 12:38:22 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wucltux.dll
[2012/06/22 12:37:35 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapi.dll
[2012/06/22 12:37:35 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wudriver.dll
[2012/06/22 12:37:35 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups.dll
[2012/06/22 12:35:46 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuwebv.dll
[2012/06/22 12:35:45 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapp.exe
[2012/06/20 17:27:32 | 000,000,000 | ---D | C] -- C:\Users\Jennifer\AppData\Local\SpyZooka
[2012/06/16 23:26:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
[2012/06/16 23:05:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/06/16 22:59:55 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/06/16 22:58:16 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/06/14 00:30:01 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2012/06/14 00:29:59 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2012/06/14 00:29:59 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
[2012/06/14 00:29:59 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2012/06/14 00:29:58 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
[2012/06/14 00:29:58 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll
[2012/06/14 00:29:57 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
[2012/06/13 13:34:43 | 002,343,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2012/06/13 13:34:23 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpcorekmts.dll
[2012/06/13 13:34:21 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpwsx.dll
[2012/06/13 13:34:13 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdrmemptylst.exe
[2012/06/12 21:42:18 | 000,000,000 | ---D | C] -- C:\Users\Jennifer\Desktop\Backup to Evernote
[2012/06/12 21:31:10 | 000,000,000 | ---D | C] -- C:\Program Files\KeePass Password Safe 2
[2012/06/06 09:34:58 | 000,000,000 | ---D | C] -- C:\Users\Jennifer\AppData\Roaming\Spyzooka
[2012/06/06 01:45:19 | 000,000,000 | ---D | C] -- C:\Program Files\SpyZooka
[2012/06/06 00:24:41 | 000,000,000 | ---D | C] -- C:\Program Files\RegZooka
[2012/06/06 00:13:50 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Registry Cleaner
[2012/06/04 20:46:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
========== Files - Modified Within 30 Days ==========
[2012/07/02 18:19:00 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-985302526-3885216461-293028738-1004UA.job
[2012/07/02 17:59:00 | 000,000,886 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/02 17:44:00 | 000,000,920 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-985302526-3885216461-293028738-1007UA.job
[2012/07/02 17:29:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/07/02 10:59:05 | 000,000,882 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/02 09:58:23 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Jennifer\Desktop\esetsmartinstaller_enu.exe
[2012/07/02 08:56:07 | 000,017,504 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/02 08:56:07 | 000,017,504 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/02 08:46:09 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/07/02 08:46:00 | 1447,366,656 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/02 00:06:21 | 000,000,883 | ---- | M] () -- C:\Users\Jennifer\Desktop\NTREGOPT.lnk
[2012/07/01 23:43:36 | 000,000,098 | ---- | M] () -- C:\windows\System32\drivers\etc\Hosts
[2012/07/01 22:19:00 | 000,000,860 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-985302526-3885216461-293028738-1004Core.job
[2012/07/01 20:42:15 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Jennifer\Desktop\OTL.exe
[2012/07/01 20:24:28 | 000,607,260 | ---- | M] (Swearware) -- C:\Users\Jennifer\Desktop\dds.scr
[2012/07/01 19:58:00 | 262,186,676 | ---- | M] () -- C:\windows\MEMORY.DMP
[2012/07/01 18:44:00 | 000,000,868 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-985302526-3885216461-293028738-1007Core.job
[2012/07/01 13:50:17 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Jennifer\Desktop\aswMBR.exe
[2012/07/01 13:25:35 | 000,000,000 | -H-- | M] () -- C:\Users\Jennifer\Documents\Default.rdp
[2012/06/30 20:55:45 | 000,002,423 | ---- | M] () -- C:\Users\Jennifer\Desktop\Google Chrome.lnk
[2012/06/29 03:21:43 | 000,001,211 | ---- | M] () -- C:\Users\Jennifer\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2012/06/29 03:21:43 | 000,001,187 | ---- | M] () -- C:\Users\Jennifer\Desktop\Spybot - Search & Destroy.lnk
[2012/06/29 03:15:07 | 000,001,045 | ---- | M] () -- C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/06/29 03:15:00 | 000,000,846 | ---- | M] () -- C:\Users\Jennifer\Desktop\ERUNT.lnk
[2012/06/28 01:41:42 | 000,001,038 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/28 01:23:26 | 000,204,187 | ---- | M] () -- C:\ProgramData\1340803125.bdinstall.bin
[2012/06/27 07:41:12 | 000,773,830 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012/06/27 07:41:12 | 000,166,964 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012/06/27 02:34:35 | 000,001,064 | ---- | M] () -- C:\Users\Jennifer\Desktop\OpenOffice.org Writer.lnk
[2012/06/27 02:34:26 | 000,001,424 | ---- | M] () -- C:\Users\Jennifer\Desktop\Internet Explorer.lnk
[2012/06/27 02:33:56 | 000,000,972 | ---- | M] () -- C:\Users\Jennifer\Desktop\MediaMonkey.lnk
[2012/06/27 02:18:45 | 000,007,624 | -H-- | M] () -- C:\Users\Jennifer\AppData\Local\resmon.resmoncfg
[2012/06/27 01:44:35 | 000,000,385 | ---- | M] () -- C:\windows\System32\user_gensett.xml
[2012/06/27 00:59:09 | 000,249,786 | ---- | M] () -- C:\ProgramData\1340710945.bdinstall.bin
[2012/06/26 23:50:19 | 000,000,000 | -H-- | M] () -- C:\windows\System32\drivers\Msft_Kernel_avchv_01009.Wdf
[2012/06/26 21:45:30 | 000,001,256 | ---- | M] () -- C:\Users\Jennifer\Desktop\Paint.lnk
[2012/06/25 23:45:16 | 000,000,052 | ---- | M] () -- C:\windows\System32\ashttpstats.csv
[2012/06/25 23:43:57 | 000,000,121 | ---- | M] () -- C:\windows\bdagent.INI
[2012/06/25 23:19:08 | 000,000,139 | ---- | M] () -- C:\ProgramData\search_result.xml
[2012/06/25 19:29:34 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2012/06/25 19:29:34 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2012/06/16 23:05:08 | 000,001,764 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/06/14 22:33:50 | 000,437,920 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2012/06/12 21:31:11 | 000,001,074 | ---- | M] () -- C:\Users\Jennifer\Desktop\KeePass 2.lnk
[2012/06/10 14:11:23 | 000,007,334 | ---- | M] () -- C:\Users\Jennifer\New OpenDocument Text.odt
[2012/06/06 11:19:40 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012/06/06 11:19:40 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012/06/04 20:46:12 | 000,001,826 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/06/03 10:19:33 | 000,045,080 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wups2.dll
[2012/06/03 10:19:32 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wups.dll
[2012/06/03 10:19:23 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wuapi.dll
[2012/06/03 10:12:32 | 002,422,272 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wucltux.dll
[2012/06/03 10:12:13 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wudriver.dll
========== Files Created - No Company Name ==========
[2012/07/02 00:06:21 | 000,000,883 | ---- | C] () -- C:\Users\Jennifer\Desktop\NTREGOPT.lnk
[2012/07/01 13:25:35 | 000,000,000 | -H-- | C] () -- C:\Users\Jennifer\Documents\Default.rdp
[2012/06/29 03:21:43 | 000,001,211 | ---- | C] () -- C:\Users\Jennifer\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2012/06/29 03:21:43 | 000,001,187 | ---- | C] () -- C:\Users\Jennifer\Desktop\Spybot - Search & Destroy.lnk
[2012/06/29 03:15:07 | 000,001,045 | ---- | C] () -- C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/06/29 03:15:00 | 000,000,846 | ---- | C] () -- C:\Users\Jennifer\Desktop\ERUNT.lnk
[2012/06/28 01:41:42 | 000,001,038 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/28 01:23:26 | 000,204,187 | ---- | C] () -- C:\ProgramData\1340803125.bdinstall.bin
[2012/06/27 02:34:35 | 000,001,064 | ---- | C] () -- C:\Users\Jennifer\Desktop\OpenOffice.org Writer.lnk
[2012/06/27 02:34:26 | 000,001,424 | ---- | C] () -- C:\Users\Jennifer\Desktop\Internet Explorer.lnk
[2012/06/27 02:33:56 | 000,000,972 | ---- | C] () -- C:\Users\Jennifer\Desktop\MediaMonkey.lnk
[2012/06/27 01:44:35 | 000,000,385 | ---- | C] () -- C:\windows\System32\user_gensett.xml
[2012/06/27 00:59:09 | 000,249,786 | ---- | C] () -- C:\ProgramData\1340710945.bdinstall.bin
[2012/06/26 23:50:19 | 000,000,000 | -H-- | C] () -- C:\windows\System32\drivers\Msft_Kernel_avchv_01009.Wdf
[2012/06/26 21:45:30 | 000,001,256 | ---- | C] () -- C:\Users\Jennifer\Desktop\Paint.lnk
[2012/06/25 23:43:22 | 000,000,121 | ---- | C] () -- C:\windows\bdagent.INI
[2012/06/16 23:05:08 | 000,001,764 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/06/12 21:31:11 | 000,001,086 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
[2012/06/12 21:31:11 | 000,001,074 | ---- | C] () -- C:\Users\Jennifer\Desktop\KeePass 2.lnk
[2012/06/10 14:11:22 | 000,007,334 | ---- | C] () -- C:\Users\Jennifer\New OpenDocument Text.odt
[2012/06/06 11:19:40 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012/06/06 11:19:40 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012/06/04 20:46:12 | 000,001,826 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/04/12 08:42:24 | 000,007,624 | -H-- | C] () -- C:\Users\Jennifer\AppData\Local\resmon.resmoncfg
[2012/04/07 01:28:49 | 000,000,139 | ---- | C] () -- C:\ProgramData\search_result.xml
[2012/03/17 21:57:18 | 000,000,872 | -H-- | C] () -- C:\Users\Jennifer\.recently-used.xbel
[2012/03/17 16:48:33 | 000,000,051 | ---- | C] () -- C:\windows\EPART725.ini
[2012/02/20 15:05:55 | 000,066,048 | ---- | C] () -- C:\windows\System32\PrintBrmUi.exe
[2011/10/04 14:18:18 | 000,000,632 | RHS- | C] () -- C:\Users\Jennifer\ntuser.pol
[2011/09/30 20:40:10 | 000,000,129 | -H-- | C] () -- C:\Users\Jennifer\jagex_runescape_preferences2.dat
[2011/09/30 20:36:55 | 000,000,035 | -H-- | C] () -- C:\Users\Jennifer\jagex_runescape_preferences.dat
[2011/07/28 12:59:29 | 000,000,000 | -H-- | C] () -- C:\Users\Jennifer\AppData\Local\{53E59F28-031B-428E-8EB9-86DD78071963}
[2011/06/04 22:57:42 | 000,000,000 | ---- | C] () -- C:\windows\System32\imwords.dat
[2011/06/04 22:57:42 | 000,000,000 | ---- | C] () -- C:\windows\System32\im_markovian.dat
[2011/04/06 16:39:35 | 000,193,536 | -H-- | C] () -- C:\Users\Jennifer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/05 09:28:41 | 000,000,000 | ---- | C] () -- C:\windows\System32\imblacklist.dat
[2011/04/04 11:17:09 | 000,000,000 | ---- | C] () -- C:\windows\System32\pcwords2.dat
[2011/04/04 11:17:09 | 000,000,000 | ---- | C] () -- C:\windows\System32\pcwords.dat
[2011/04/04 11:17:09 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_webproxy.dat
[2011/04/04 11:17:09 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_video.dat
[2011/04/04 11:17:09 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_tabloids.dat
[2011/04/04 11:17:09 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_socialnetworks.dat
[2011/04/04 11:17:09 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_searchengines.dat
[2011/04/04 11:17:09 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_regionaltlds.dat
[2011/04/04 11:17:09 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_pornography.dat
[2011/04/04 11:17:09 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_onlineshop.dat
[2011/04/04 11:17:09 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_onlinepay.dat
[2011/04/04 11:17:09 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_onlinedating.dat
[2011/04/04 11:17:09 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_news.dat
[2011/04/04 11:17:09 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_im.dat
[2011/04/04 11:17:09 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_illegal.dat
[2011/04/04 11:17:09 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_hate.dat
[2011/04/04 11:17:09 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_games.dat
[2011/04/04 11:17:09 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_gambling.dat
[2011/04/04 11:17:09 | 000,000,000 | ---- | C] () -- C:\windows\System32\pc_drugs.dat
[2011/03/24 18:39:13 | 000,087,552 | ---- | C] () -- C:\windows\System32\cpwmon2k.dll
[2010/07/28 21:01:14 | 000,127,868 | ---- | C] () -- C:\windows\System32\igcompkrng575.bin
[2010/07/28 21:01:12 | 000,104,796 | ---- | C] () -- C:\windows\System32\igfcg575m.bin
[2010/07/28 21:01:10 | 000,870,560 | ---- | C] () -- C:\windows\System32\igkrng575.bin
[2010/07/28 20:20:56 | 000,004,096 | ---- | C] ( ) -- C:\windows\System32\IGFXDEVLib.dll
[2010/03/29 18:40:20 | 000,100,256 | ---- | C] () -- C:\Program Files\Common Files\LinkInstaller.exe
========== LOP Check ==========
[2012/05/06 15:02:26 | 000,000,000 | ---D | M] -- C:\Users\Andrew - School\AppData\Roaming\BitDefender
[2012/05/06 15:04:18 | 000,000,000 | ---D | M] -- C:\Users\Andrew - School\AppData\Roaming\Epson
[2012/05/06 15:33:21 | 000,000,000 | ---D | M] -- C:\Users\Andrew - School\AppData\Roaming\TFPU
[2011/04/25 17:37:16 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\BitDefender
[2011/04/25 17:38:19 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Hyperionics
[2011/03/01 15:54:26 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\OpenOffice.org
[2011/03/01 15:54:36 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\TFPU
[2011/06/21 09:54:43 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Thunderbird
[2011/05/14 18:13:27 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\WildTangent
[2011/06/21 09:52:16 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Workrave
[2011/12/02 12:28:32 | 000,000,000 | ---D | M] -- C:\Users\Jennifer\AppData\Roaming\.minecraft
[2012/05/23 02:40:45 | 000,000,000 | ---D | M] -- C:\Users\Jennifer\AppData\Roaming\ACD Systems
[2012/04/14 02:24:39 | 000,000,000 | ---D | M] -- C:\Users\Jennifer\AppData\Roaming\AnvSoft
[2012/07/02 08:48:37 | 000,000,000 | ---D | M] -- C:\Users\Jennifer\AppData\Roaming\Dropbox
[2011/12/07 07:40:48 | 000,000,000 | ---D | M] -- C:\Users\Jennifer\AppData\Roaming\EPSON
[2012/05/30 20:15:39 | 000,000,000 | ---D | M] -- C:\Users\Jennifer\AppData\Roaming\Foxit Software
[2012/04/13 22:56:00 | 000,000,000 | ---D | M] -- C:\Users\Jennifer\AppData\Roaming\HandBrake
[2011/04/16 22:20:38 | 000,000,000 | ---D | M] -- C:\Users\Jennifer\AppData\Roaming\Hyperionics
[2012/07/01 23:23:26 | 000,000,000 | ---D | M] -- C:\Users\Jennifer\AppData\Roaming\KeePass
[2011/10/10 20:38:03 | 000,000,000 | ---D | M] -- C:\Users\Jennifer\AppData\Roaming\Leadertech
[2012/04/14 01:36:47 | 000,000,000 | ---D | M] -- C:\Users\Jennifer\AppData\Roaming\OpenCandy
[2011/03/01 13:08:09 | 000,000,000 | ---D | M] -- C:\Users\Jennifer\AppData\Roaming\OpenOffice.org
[2011/03/10 12:49:13 | 000,000,000 | ---D | M] -- C:\Users\Jennifer\AppData\Roaming\PaperTigerApplicationData
[2012/03/22 23:37:18 | 000,000,000 | ---D | M] -- C:\Users\Jennifer\AppData\Roaming\PDF Pro 10
[2012/04/27 18:44:54 | 000,000,000 | ---D | M] -- C:\Users\Jennifer\AppData\Roaming\PersonalBrain
[2011/04/04 11:04:53 | 000,000,000 | ---D | M] -- C:\Users\Jennifer\AppData\Roaming\QuickScan
[2012/06/21 23:13:00 | 000,000,000 | ---D | M] -- C:\Users\Jennifer\AppData\Roaming\Spyzooka
[2011/02/11 19:40:03 | 000,000,000 | ---D | M] -- C:\Users\Jennifer\AppData\Roaming\TFPU
[2012/06/27 00:53:29 | 000,000,000 | ---D | M] -- C:\Users\Jennifer\AppData\Roaming\Thunderbird
[2012/04/12 08:41:34 | 000,000,000 | ---D | M] -- C:\Users\Jennifer\AppData\Roaming\toshiba
[2011/10/26 19:08:56 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\BitDefender
[2011/12/04 17:48:08 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\Hyperionics
[2011/12/04 17:48:37 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\OpenOffice.org
[2011/10/26 19:11:59 | 000,000,000 | ---D | M] -- C:\Users\Ryan\AppData\Roaming\TFPU
[2011/12/30 09:03:38 | 000,000,000 | ---D | M] -- C:\Users\SteveW\AppData\Roaming\.minecraft
[2011/10/26 19:26:39 | 000,000,000 | ---D | M] -- C:\Users\SteveW\AppData\Roaming\ACD Systems
[2011/05/05 20:13:06 | 000,000,000 | ---D | M] -- C:\Users\SteveW\AppData\Roaming\BitDefender
[2010/11/01 19:02:49 | 000,000,000 | ---D | M] -- C:\Users\SteveW\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/12/08 19:18:02 | 000,000,000 | ---D | M] -- C:\Users\SteveW\AppData\Roaming\Epson
[2011/05/05 20:14:26 | 000,000,000 | ---D | M] -- C:\Users\SteveW\AppData\Roaming\Hyperionics
[2010/11/01 19:03:55 | 000,000,000 | ---D | M] -- C:\Users\SteveW\AppData\Roaming\OpenOffice.org
[2010/09/25 17:55:53 | 000,000,000 | ---D | M] -- C:\Users\SteveW\AppData\Roaming\TFPU
[2010/12/01 23:34:24 | 000,000,000 | ---D | M] -- C:\Users\SteveW\AppData\Roaming\Tific
[2011/12/27 19:46:52 | 000,000,000 | ---D | M] -- C:\Users\SteveW\AppData\Roaming\TOSHIBA
[2010/09/29 19:23:38 | 000,000,000 | ---D | M] -- C:\Users\SteveW\AppData\Roaming\WildTangent
[2010/11/06 06:11:51 | 000,000,000 | ---D | M] -- C:\Users\SteveW\AppData\Roaming\WinBatch
[2010/09/26 20:31:19 | 000,000,000 | ---D | M] -- C:\Users\SteveW\AppData\Roaming\Wireshark
[2012/05/12 10:14:04 | 000,032,630 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
We just missed one entry by ASK and I am also including entries for BitDefender, SpyZooka and RegZooka as you stated you uninstalled them
Also, tracking cookies would not slow your system down but running a system cleaner to clean out all the temp files and Temporary Internet files will help. When we ran OTL last time it did clean all those out and will do so again this time. I am going to include a nice system cleaner for you , maybe run it twice a month or so , but after running the OTL fix there is no need to run it now
As long as you got ESET to run there really is no need to run Housecall
Open OTL.exe
- Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
Code::processes killallprocesses :OTL O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKU\S-1-5-21-985302526-3885216461-293028738-1007..\Run: [RegZooka] "C:\Program Files\RegZooka\RegZooka.exe" File not found :Services :Reg :Files C:\Program Files\Bitdefender C:\Users\Jennifer\AppData\Local\SpyZooka C:\Users\Jennifer\AppData\Roaming\Spyzooka C:\Program Files\SpyZooka C:\Program Files\RegZooka :Commands [CLEARALLRESTOREPOINTS] [emptytemp] [start explorer] [Reboot]- Then click the Run Fix button at the top. <--Not run Scan
- Let the program run unhindered, reboot when it is done
- Then post the results of the log it produces.
This cleaner is by the same author as OTL, he is a malware fighter and logs on as OldTimer, this is free and yours to keep
Download TFC to your desktop
- Close any open windows.
- Double click the TFC icon to run the program
- TFC will close all open programs itself in order to run,
- Click the Start button to begin the process.
- Allow TFC to run uninterrupted.
- The program should not take long to finish it's job
- Once its finished it should automatically reboot your machine,
- if it doesn't, manually reboot to ensure a complete clean
How are things running now, any better ?
Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014
ERROR MESSAGE 386
No KeyBoard Detected
Press F1 To Continue
Just a reminder that threads will be closed if no reply in 3 days.
HouseCall
Since it'd taken so long to download HouseCall, I went ahead and ran it anyway. It came back with no threats found (was the Quick scan). It had a little red checkbox next to conficker at the bottom, which I just read an unsettling 4 pg article about. Does that mean HouseCall (and other programs) are able to confidently scan for this?
Okay, on to your fixes. By the way, I'd like to uninstall the uTorrent and NTREGOPT which accidently got installed. Is it fine to do this after I finish with your fix?
Thanks
OTE Fix Log
TrendMicro is wanting to run on startup. Should I uninstall this?
Here's the OTE Fix Log...
================================
All processes killed
========== PROCESSES ==========
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-21-985302526-3885216461-293028738-1007\Software\Microsoft\Windows\CurrentVersion\Run\\RegZooka deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
C:\Program Files\Bitdefender folder moved successfully.
C:\Users\Jennifer\AppData\Local\SpyZooka\Reports folder moved successfully.
C:\Users\Jennifer\AppData\Local\SpyZooka folder moved successfully.
C:\Users\Jennifer\AppData\Roaming\Spyzooka\Q6620121118270 folder moved successfully.
C:\Users\Jennifer\AppData\Roaming\Spyzooka\Q6620121117440 folder moved successfully.
C:\Users\Jennifer\AppData\Roaming\Spyzooka\Q62120121113000 folder moved successfully.
C:\Users\Jennifer\AppData\Roaming\Spyzooka\Q6202012825310 folder moved successfully.
C:\Users\Jennifer\AppData\Roaming\Spyzooka\Q6202012527490 folder moved successfully.
C:\Users\Jennifer\AppData\Roaming\Spyzooka\Q6062012934580 folder moved successfully.
C:\Users\Jennifer\AppData\Roaming\Spyzooka folder moved successfully.
C:\Program Files\SpyZooka folder moved successfully.
C:\Program Files\RegZooka\Backups folder moved successfully.
C:\Program Files\RegZooka folder moved successfully.
========== COMMANDS ==========
Restore point Set: OTL Restore Point
[EMPTYTEMP]
User: All Users
User: Andrew - School
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Jennifer
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 6294580 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 6322851 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: Ryan
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: SteveW
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 533246 bytes
RecycleBin emptied: 2067639 bytes
Total Files Cleaned = 15.00 mb
OTL by OldTimer - Version 3.2.53.0 log created on 07022012_222402
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Yes, you can uninstall them both, also ESET
Housecall came back ok so looks like your on your way
Last edited by ken545; 2012-07-02 at 13:07.
Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014
ERROR MESSAGE 386
No KeyBoard Detected
Press F1 To Continue
Just a reminder that threads will be closed if no reply in 3 days.
All Done, But...
Morning to You,
Maybe this isn't a malware issue, but something with my system. Restarts seem slow to me, but it's been so long since I've had a good system, I'm not sure what it should be. As soon as I restarted, I opened up my Task Manager and looked at my performance. This computer only has 1.8 GB RAM and before I opened any programs, my Physical Memory was at 78% (now about 85% with Chrome running). I don't know what info to give you, but here's what I see:
Physical Memory
Total 1840
Cached 308
Available 345
Free 39
So, what's happened in the past is that once I get several tabs opened and a few applications running (which is how I work best), things start to deteriorate. On a positive note, through this process, I've had my computer running for extended periods of time (downloading & scanning) with only a few hangs, which is an enormous improvement. I've not yet seen the funny black screen which erases to reveal my desktop when I roll my mouse around. But, I'm heading to bed now, so it won't get much of a test until tomorrow.
Thank you so much for your help so far. Oh, my Windows message center continues to tell me I don't have virus protection. Is there a recommended program for real-time malware protection, or should I just run SpyBot and Malwarebytes daily? I suppose I could buy something if it's needed.
Where should I go to get GOOD advice (have had plenty of inconsistent advice) on safe computing habits (especially in regards to browsers, shared devices over our wifi, scanning of external drives, flexible incremental backup software that can back external to external, etc)?
I don't want to use this forum inappropriately, I just know that an ounce of prevention's worth a pound of cure, and there's SO MUCH misinformation out there.
Thanks,
Kiwikay
Hi,
I am tied up at work at the moment but late afternoon I will be back online and we can go through some security information
Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014
ERROR MESSAGE 386
No KeyBoard Detected
Press F1 To Continue
Just a reminder that threads will be closed if no reply in 3 days.
Hi,
Long day, sorry for the late reply
1. Dont ever ever use any form of File Sharing, you can infect your computer big time, the programs themselves are safe it just the files your downloading, you never know where they are coming from and some can be infected.
2. Just delete any spam email, dont even open them as some are coded and the author will know your email is valid and you will get more spam, almost 99.9 % of the links in Spam email will take you to a bogus site that can infect you.
3. Keep your Java up to date, outdated Java can let the bad guys in. Go to Start > Control Panel > Java then go to the General Tab > About and your should have Version 7 Update 5 ( which you dont ) so then go to the Update Tab and let it update, then you can go back into the Control Panel > Add Remove Programs and uninstall all older Java updates except Version 7 Update 5.
4. Malwarebytes, you have the free version which is fine but if you updated to the Pro version, it has a protection Moduale that will block bad websites from loading, the cost is minimal, a one time small fee and the program is yours, if you got rid of this computer, you could uninstall Malwarebytes and then reinstall it on your new one and use the same key code for the protection moduale, but this of course is your decision.
5. To put your mind at ease over Conflicker, you can take this quick test. Your not infected with it so not to worry
http://www.confickerworkinggroup.org...feyechart.html
6. You can keep Spybot Search and Destroy but if you update Malwarebytes than disable the Teatimer or they will conflict
- Run Spybot-S&D in Advanced Mode.
- If it is not already set to do this Go to the Mode menu select "Advanced Mode"
- On the left hand side, Click on Tools
- Then click on the Resident Icon in the List
- Uncheck "Resident TeaTimer" and OK any prompts.
- Restart your computer.<--You need to do this for it to take effect
7. Antivirus software, you only need one, more than one is overkill and can severely hamper system performance, just keep it updated and run weekly scans.
My choice would be Norton Internet Security, it contains Anti Virus, anti Malware and a Firewall
http://buy-static.norton.com/norton/...356&country=US
Or you can install the free one by Microsoft.....Microsoft Security Essentials.
http://www.microsoft.com/en-us/downl...s.aspx?id=5201
8. I dont know how old your system is but your lacking adequate memory, adding more memory is the best way to update your system, this is the site I use, you can have them scan your system and it will tell you what you have and what you can upgrade to, its a simple upgrade, if you have never been inside your computer case I am sure you can find a local high school kid to do it for you, use the Crucial memory advisor, its safe to download and run
http://www.crucial.com/?gclid=CM_fyJ...120702210839:s
9. On my system, I have Norton Internet Security, Malwarebytes Pro Version, Spybot Search and Destroy ( TeaTimer disasbled ) This is all I really need, dont listen to friends that tell you need to install this or that, you can really bog down your system if you install to much
10. Stay away from Registry cleaners, if you run it and it removes unwanted entries you will see no difference in system performance, if it removes the wrong entry of entries it can leave your system unbootable
- How did I get infected in the first place ?
Read these links and find out how to prevent getting infected again.- Tutorial for System Restore <-- Do this first to prevent yourself from being reinfected.
- WhattheTech
- Grinler BleepingComputer
- GeeksTo Go
- Dslreports
Safe Surfn
Ken
Last edited by ken545; 2012-07-02 at 23:22.
Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014
ERROR MESSAGE 386
No KeyBoard Detected
Press F1 To Continue
Just a reminder that threads will be closed if no reply in 3 days.
Posting Permissions
