Solved google redirect for windows 7 64bit

jabdude84 · 2010/10/25

[Resolved] google redirect for windows 7 64bit

I have been plagued by the google redirect virus for about a month or so. I have ran malwarebytes and spybot nothing seems to work. I attempted to run combofix but it doesn't work for windows 7 64bit. Please, your help would be greatly appreciated.

broni · 2010/10/25

Welcome aboard

Please, read this post, then post the requested log(s).

jabdude84 · 2010/10/26

DDS (Ver_10-10-21.02) - NTFS_AMD64
Run by dabradfords at 7:28:58.99 on Tue 10/26/2010
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3999.2159 [GMT -4:00]

SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
C:\Program Files\LSI SoftModem\agr64svc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\iWin Games\iWinTrusted.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\dabradfords\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Java\jre6\bin\jucheck.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\PrintIsolationHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\dabradfords\Desktop\dds.scr
C:\Windows\system32\conhost.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.comcast.net/
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
uSearch Bar = hxxp://www.google.com
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
mSearch Bar = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
uURLSearchHooks: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyn1.dll
uURLSearchHooks: H - No File
mURLSearchHooks: P2P Energy Toolbar: {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files (x86)\P2P_Energy\tbP2P_.dll
mURLSearchHooks: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyn1.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: P2P Energy Toolbar: {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files (x86)\P2P_Energy\tbP2P_.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\IPSBHO.DLL
BHO: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyn1.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: hpBHO Class: {abd3b5e1-b268-407b-a150-2641dab8d898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll
TB: P2P Energy Toolbar: {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files (x86)\P2P_Energy\tbP2P_.dll
TB: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyn1.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {9055B55A-8C44-4895-9E9A-3389683E0E89} - No File
{555d4d79-4bd2-4094-a395-cfc534424a05}
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [PlayNC Launcher]
uRun: [SansaDispatch] C:\Users\dabradfords\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
uRun: [<NO NAME>]
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe "
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [PCSnapShot] "C:\SUBLIME\AUDIO_TS\PCSnapShot\PCSS.exe "
mRun: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam "
mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover "
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe "
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe "
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe "
mRun: [PCSnapShot] "C:\SUBLIME\AUDIO_TS\PCSnapShot\PCSS.exe "
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe "
mRun: [VERIZONDM] "C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe" /P VERIZONDM
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files\Logitech\SetPoint\SetPoint.exe
uPolicies-system: WallpaperStyle = 2
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
dPolicies-system: WallpaperStyle = 2
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxp://h20364.www2.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB
DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} - hxxp://www.gamehouse.com/games/gamehouse/ghplayer.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\CoIEPlg.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe "
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB-X64: {2BAE58C2-79F9-45D1-A286-81F911301C3A} - No File
TB-X64: {7B13EC3E-999A-4B70-B9CB-2617B8323822} - No File
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB-X64: {9055B55A-8C44-4895-9E9A-3389683E0E89} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun-x64: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
mRun-x64: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
mRun-x64: [IgfxTray] C:\Windows\system32\igfxtray.exe
mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe
mRun-x64: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
mRun-x64: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

================= FIREFOX ===================

FF - ProfilePath - C:\Users\DABRAD~1\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.comcast.net/
FF - prefs.js: network.proxy.type - 0
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
FF - component: C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
FF - component: C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Users\dabradfords\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

---- FIREFOX POLICIES ----
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgbaam7a8h ", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--fiqz9s ", true); // Traditional
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--fiqs8s ", true); // Simplified
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--j6w193g ", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgberp4a5d4ar ", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgberp4a5d4a87g ", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgbqly7c0a67fbc ", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgbqly7cvafr ", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--kpry57d ", true); // Traditional
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--kprw13d ", true); // Simplified

============= SERVICES / DRIVERS ===============

R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\0308000.029\SymEFA64.sys [2010-5-12 402992]
R1 BHDrvx64;Symantec Heuristics Driver;C:\Windows\System32\drivers\N360x64\0308000.029\BHDrvx64.sys [2010-5-12 334384]
R1 ccHP;Symantec Hash Provider;C:\Windows\System32\drivers\N360x64\0308000.029\cchpx64.sys [2010-5-12 583296]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20101025.001\IDSviA64.sys [2010-10-19 476720]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2009-8-25 89600]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2009-7-8 30520]
R2 iWinTrusted;iWinTrusted;C:\Program Files (x86)\iWin Games\iWinTrusted.exe [2009-11-24 78104]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe [2010-5-12 117640]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-8-29 1153368]
R2 sprtsvc_verizondm;SupportSoft Sprocket Service (verizondm);C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe [2010-9-2 206120]
R2 tgsrvc_verizondm;SupportSoft Repair Service (verizondm);C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe [2010-9-2 185640]
R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-8-9 228408]
R3 enecir;ENE CIR Receiver;C:\Windows\System32\drivers\enecir.sys [2009-6-29 70656]
R3 EraserUtilDrv11010;EraserUtilDrv11010;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11010.sys [2010-10-23 132656]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2009-12-28 139264]
R3 SYMNDISV;Symantec Network Filter Driver;C:\Windows\System32\drivers\N360x64\0308000.029\symndisv.sys [2010-5-12 56880]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]
R3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\System32\drivers\WSDPrint.sys [2009-7-13 23040]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-12-25 135664]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe --> C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [?]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 rcmirror;rcmirror;C:\Windows\System32\drivers\rcmirror.sys [2008-10-9 5120]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-11-17 294400]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-4-19 50688]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-5-18 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]

=============== Created Last 30 ================

2010-10-25 15:09:57 -------- d-----w- C:\Program Files (x86)\Frontline Registry Cleaner
2010-10-22 14:14:00 -------- d-----w- C:\Users\DABRAD~1\AppData\Local\Citrix
2010-10-22 14:13:57 103720 ----a-w- C:\Users\dabradfords\GoToAssistDownloadHelper.exe
2010-10-22 13:36:26 8724992 ----a-w- C:\Windows\VzInHomeAgentInstaller.msi
2010-10-22 13:32:54 -------- d-----w- C:\Users\DABRAD~1\AppData\Local\SupportSoft
2010-10-22 13:32:26 -------- d-----w- C:\Program Files (x86)\VERIZONDM
2010-10-22 13:32:18 10118144 ----a-w- C:\Windows\VerizonDM.msi
2010-10-22 13:31:57 -------- d-----w- C:\Program Files (x86)\Verizon
2010-10-22 13:31:57 -------- d-----w- C:\Program Files (x86)\Common Files\SupportSoft
2010-10-22 11:49:02 -------- d-----w- C:\Program Files (x86)\PC Tools Security
2010-10-21 18:07:01 -------- d-----w- C:\Users\DABRAD~1\AppData\Roaming\Malwarebytes
2010-10-21 18:06:52 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2010-10-21 18:06:51 -------- d-----w- C:\PROGRA~3\Malwarebytes
2010-10-21 18:06:50 24664 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-10-21 18:06:49 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-10-18 18:53:51 12872 ----a-w- C:\Windows\System32\bootdelete.exe
2010-10-18 18:48:51 19528 ----a-w- C:\Windows\System32\drivers\hitmanpro35.sys
2010-10-18 18:48:50 -------- d-----w- C:\Program Files\Hitman Pro 3.5
2010-10-18 18:48:18 -------- d-----w- C:\PROGRA~3\Hitman Pro
2010-10-18 09:32:59 7935824 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{9EF6D89D-BC66-4B2C-AABE-2BE7656E4231}\mpengine.dll
2010-10-17 13:59:51 -------- d-----w- C:\Program Files (x86)\Common Files\iS3
2010-10-17 13:59:51 -------- d-----w- C:\PROGRA~3\STOPzilla!
2010-10-07 18:24:45 243712 ----a-w- C:\Windows\System32\drivers\ks.sys
2010-10-07 18:24:45 184832 ----a-w- C:\Windows\System32\drivers\usbvideo.sys
2010-10-07 13:37:47 -------- d-----w- C:\PROGRA~3\PC Tools
2010-10-07 02:39:34 -------- d-----w- C:\Program Files\iPod
2010-10-07 02:39:33 -------- d-----w- C:\Program Files\iTunes
2010-10-07 02:39:33 -------- d-----w- C:\Program Files (x86)\iTunes
2010-10-07 02:35:31 -------- d-----w- C:\Program Files\Bonjour
2010-10-07 02:35:31 -------- d-----w- C:\Program Files (x86)\Bonjour
2010-09-29 11:22:15 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2010-09-29 11:22:15 2048 ----a-w- C:\Windows\System32\tzres.dll
2010-09-29 11:20:36 13312 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll
2010-09-29 11:20:36 13312 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll
2010-09-26 15:45:39 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%

==================== Find3M ====================

2010-09-08 15:17:46 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2010-09-08 15:17:46 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2010-08-21 06:29:47 558592 ----a-w- C:\Windows\System32\spoolsv.exe
2010-07-29 06:30:34 82944 ----a-w- C:\Windows\SysWow64\iccvid.dll

============= FINISH: 7:29:57.60 ===============

jabdude84 · 2010/10/26

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-10-21.02)

Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 11/27/2009 10:35:19 PM
System Uptime: 10/25/2010 7:46:18 AM (24 hours ago)

Motherboard: Quanta | | 3627
Processor: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz | CPU | 2100/800mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 220 GiB total, 127.438 GiB free.
D: is FIXED (NTFS) - 13 GiB total, 2.127 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Officejet 6500 E709n
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Officejet 6500 E709n
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:

Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Officejet J4680 series
Device ID: ROOT\MULTIFUNCTION\0002
Manufacturer: HP
Name: Officejet J4680 series
PNP Device ID: ROOT\MULTIFUNCTION\0002
Service:

Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Photosmart C6300 series
Device ID: ROOT\MULTIFUNCTION\0001
Manufacturer: HP
Name: Photosmart C6300 series
PNP Device ID: ROOT\MULTIFUNCTION\0001
Service:

==== System Restore Points ===================

RP143: 10/5/2010 12:16:09 PM - Windows Update
RP144: 10/7/2010 2:24:14 PM - Windows Update
RP145: 10/10/2010 8:55:08 AM - Windows Update
RP146: 10/17/2010 9:59:02 AM - Installed STOPzilla. Available with Windows Installer version 1.2 and later.
RP147: 10/17/2010 10:11:32 AM - StopZILLA! Restore Point.
RP148: 10/18/2010 5:32:36 AM - Windows Update
RP149: 10/18/2010 7:33:50 AM - Removed STOPzilla. Available with Windows Installer version 1.2 and later.
RP150: 10/25/2010 2:07:50 PM - Scheduled Checkpoint

==== Installed Programs ======================

Accounts and Budget Freeware V6.0
Acrobat.com
Activate Norton Online Backup
ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.4
Advertising Center
Apple Application Support
Apple Software Update
Artist Colony
Ask Toolbar
AutoSave Essentials
Avanquest update
AviSynth 2.5
Bee Garden
Big Fish Games: Game Manager
BitTornado 0.3.17
BufferChm
C6300
Cake Mania: Lights, Camera, Action!
Chocolatier
Choice Guard
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
CyberLink DVD Suite
Destinations
DeviceDiscovery
Dragon Age: Origins
DVD Decrypter (Remove Only)
DVD Shrink 3.2
EA Download Manager
EA Download Manager UI
Farm Frenzy 3: American Pie
Fiona Finch and the Finest Flowers
Frontline Registry Cleaner
GEAR driver installer for x86 and x64
Google Chrome
Google Earth
Google Update Helper
GPBaseService2
Great Adventures: Lost in Mountains
Homepage Protection
HP Advisor
HP Customer Experience Enhancements
HP Games
HP MediaSmart DVD
HP MediaSmart Internet TV
HP MediaSmart Live TV
HP MediaSmart Movie Themes
HP MediaSmart Music/Photo/Video
HP MediaSmart SlingPlayer
HP MediaSmart Software Notebook Demo
HP MediaSmart Webcam
HP Quick Launch Buttons
HP Setup
HP Support Assistant
HP Update
HP User Guides 0154
HP Wireless Assistant
HPAsset component for HP Active Support Library
HPPhotoGadget
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPProductAssistant
HPSSupply
IDT Audio
iWin Games (remove only)
Java(TM) 6 Update 17
Jessica's Cupcake Cafe
Junk Mail filter update
LabelPrint
Life Quest â„¢
LightScribe System Software
Logitech SetPoint
Mall-a-Palooza
Malwarebytes' Anti-Malware
MarketResearch
Microsoft Live Search Toolbar
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server Compact 3.5 SP1 English
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Works
Microsoft WSE 3.0 Runtime
Mozilla Firefox (3.6.11)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyInvoices & Estimates Deluxe
NCsoft Launcher
Nero 7 Ultra Edition
Nero 9 Lite
Nero ControlCenter
Nero Installer
Nero Online Upgrade
Nero StartSmart
neroxml
Norton 360
NVIDIA PhysX
P2P_Energy Toolbar
Power2Go
PowerDirector
PowerRecover
PS_AIO_04_C6300_Software_Min
QLBCASL
QuickTime
Realtek 8136 8168 8169 Ethernet Driver
Realtek USB 2.0 Card Reader
Restaurant Empire (remove only)
Safari
Sansa Updater
Scan
Security Update for 2007 Microsoft Office System (KB2277947)
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2251419)
SlingBoxWatchYourTVAnyWhere
Slingo Mystery (remove only)
Slingo Mystery: Who's Gold
SolutionCenter
Spa Mania 2
Spelling Dictionaries Support For Adobe Reader 9
Spybot - Search & Destroy
Status
Tango
The Simsâ„¢ 3
The Simsâ„¢ 3 Ambitions
The Simsâ„¢ 3 High-End Loft Stuff
Toolbox
TrayApp
Unity Web Player
UnloadSupport
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Verizon Download Manager
Videora iPod Converter 5.04
Vz In Home Agent
Walmart Photo Manager
WebReg
Wheel of Fortune 2
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Live Writer
WinMX Music
YouTube Downloader App 2.03
Zynga Toolbar

==== Event Viewer Messages From Past Week ========

10/22/2010 9:42:57 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.28. The computer with the IP address 192.168.1.2 did not allow the name to be claimed by this computer.
10/22/2010 9:32:44 AM, Error: Service Control Manager [7030] - The SupportSoft Repair Service (verizondm) service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
10/22/2010 9:32:42 AM, Error: Service Control Manager [7030] - The SupportSoft Sprocket Service (verizondm) service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
10/22/2010 9:30:30 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AutoSave
10/22/2010 9:29:24 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\Drivers\AutoSave.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
10/22/2010 7:30:05 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
10/22/2010 10:36:59 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.2.17. The computer with the IP address 192.168.2.8 did not allow the name to be claimed by this computer.
10/22/2010 10:21:29 PM, Error: BROWSER [8009] - The browser was unable to promote itself to master browser. The computer that currently believes it is the master browser is COMPUTER-PC.
10/20/2010 7:24:11 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPSLPSVC service.
10/20/2010 6:28:12 PM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.100 with the system having network hardware address 00-24-8D-6F-6E-76. Network operations on this system may be disrupted as a result.
10/19/2010 10:36:31 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.

==== End Of File ===========================

broni · 2010/10/26

Download Malwarebytes' Anti-Malware (aka MBAM): http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================

Download SUPERAntiSpyware Free for Home Users:
http://www.superantispyware.com/

Double-click SUPERAntiSpyware.exe and use the default settings for installation.

An icon will be created on your desktop. Double-click that icon to launch the program.

If asked to update the program definitions, click "Yes ". If not, update the definitions before scanning by selecting "Check for Updates ". (If you encounter any problems while downloading the updates, manually download and unzip them from here: http://www.superantispyware.com/definitions.html.)

Close SUPERAntiSpyware.

Restart computer in Safe Mode.
To enter Safe Mode, restart computer, and keep tapping F8 key, until menu appears; pick Safe Mode; you'll see "Safe Mode" in all four corners of your screen

Open SUPERAntiSpyware.

Under "Configuration and Preferences ", click the Preferences button.

Click the Scanning Control tab.

Under Scanner Options make sure the following are checked (leave all others unchecked):

Close browsers before scanning.

Terminate memory threats before quarantining.

Click the "Close" button to leave the control center screen.

Back on the main screen, under "Scan for Harmful Software" click Scan your computer.

On the left, make sure you check C:\Fixed Drive.

On the right, under "Complete Scan ", choose Perform Complete Scan.

Click "Next" to start the scan. Please be patient while it scans your computer.

After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK ".

Make sure everything has a checkmark next to it and click "Next ".

A notification will appear that "Quarantine and Removal is Complete ". Click "OK" and then click the "Finish" button to return to the main menu.

If asked if you want to reboot, click "Yes ".

To retrieve the removal information after reboot, launch SUPERAntispyware again.

Click Preferences, then click the Statistics/Logs tab.

Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.

Copy and paste the Scan Log results in your next reply with a new HijackThis log.

Click Close to exit the program.

Post SUPERAntiSpyware log.

================================================================

Download MBRCheck to your desktop

Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
It will show a black screen with some data on it.
Enter N to exit.
A report called MBRcheckxxxx.txt will be on your desktop
Open this report and post its content in your next reply.

jabdude84 · 2010/10/26

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4904

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

10/26/2010 8:42:52 PM
mbam-log-2010-10-26 (20-42-52).txt

Scan type: Quick scan
Objects scanned: 157844
Time elapsed: 5 minute(s), 58 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

jabdude84 · 2010/10/26

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 10/26/2010 at 09:53 PM

Application Version : 4.44.1000

Core Rules Database Version : 5761
Trace Rules Database Version: 3573

Scan type : Complete Scan
Total Scan Time : 00:46:02

Memory items scanned : 399
Memory threats detected : 0
Registry items scanned : 16198
Registry threats detected : 4
File items scanned : 35151
File threats detected : 284

Adware.IWinGames
(x86) HKU\S-1-5-21-3872927468-958290746-4205243385-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8CA5ED52-F3FB-4414-A105-2E3491156990}
(x86) HKCR\CLSID\{8CA5ED52-F3FB-4414-A105-2E3491156990}

Adware.Gamevance
(x86) HKU\S-1-5-21-3872927468-958290746-4205243385-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BEAC7DC8-E106-4C6A-931E-5A42E7362883}
(x86) HKCR\CLSID\{BEAC7DC8-E106-4C6A-931E-5A42E7362883}

Adware.Tracking Cookie
C:\Users\dabradfords\AppData\Roaming\Microsoft\Windows\Cookies\dabradfords@atdmt[2].txt
ads2.msads.net [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
asset2.countrylife.joyeurs.com [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
cache.specificmedia.com [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
cdn.media.theview.tv [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
cdn4.specificclick.net [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
convoad.technoratimedia.com [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
core.insightexpressai.com [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
i.adultswim.com [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
ia.media-imdb.com [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
img-cdn.mediaplex.com [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
media-att.pictela.net [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
media.ign.com [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
media.mtvnservices.com [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
media.oldnavyweekly.com [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
media.scanscout.com [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
media1.break.com [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
media1.clubpenguin.com [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
mediaforgews.com [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
msnbcmedia.msn.com [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
nakedjuice.com [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
objects.tremormedia.com [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
s0.2mdn.net [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
secure-us.imrworldwide.com [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
serving-sys.com [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
sftrack.searchforce.net [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
spe.atdmt.com [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
static.2mdn.net [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
udn.specificclick.net [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
www.countryinns.com [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
www.naiadsystems.com [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
www.nakedjuice.com [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
www.pornotube.com [ C:\Users\dabradfords\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V88Q75AA ]
C:\Users\dabradfords\AppData\Roaming\Microsoft\Windows\Cookies\Low\dabradfords@caloriecount.about[2].txt
.caloriecount.about.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.caloriecount.about.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.caloriecount.about.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.caloriecount.about.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.caloriecount.about.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
ads.zeusclicks.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.mediabrandsww.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.advertise.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.interclick.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.interclick.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.a1.interclick.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.a1.interclick.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.a1.interclick.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.pointroll.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.pointroll.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.interclick.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.a1.interclick.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.interclick.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.specificmedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.imrworldwide.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.imrworldwide.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.collective-media.net [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
n-traffic.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.pointroll.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.legolas-media.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.a1.interclick.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.chitika.net [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.eyewonder.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
click.mediadome.ru [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.adxpose.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
in.getclicky.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
caloriecount.about.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.amex-insights.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
bridge2.admarketplace.net [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.admarketplace.net [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.edgeadx.net [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
stats.gamestop.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.lucidmedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.lucidmedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.lucidmedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.legolas-media.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.lucidmedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
findarticles.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.findarticles.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.findarticles.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.findarticles.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.findarticles.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.findarticles.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
pluckit.demandmedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.lfstmedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.lfstmedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.lfstmedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.pornoinside.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.pornoinside.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
www.petadoptiontracker.org [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.www.petadoptiontracker.org [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.www.petadoptiontracker.org [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
gotacha.rotator.hadj7.adjuggler.net [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
gotacha.rotator.hadj7.adjuggler.net [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
advertising.sheknows.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
www.campusexplorer.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
hit.deckstats.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.petfinder.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.petfinder.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
dc.tremormedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.media6degrees.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.lucidmedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
www.googleadservices.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
www.googleadservices.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.technoratimedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.technoratimedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.technoratimedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.technoratimedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.collective-media.net [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.collective-media.net [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.mediaforge.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.mediaforge.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
www.sexyandfunny.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.sexyandfunny.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.sexyandfunny.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.stats.complex.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.stats.complex.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.collective-media.net [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
www.googleadservices.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.steelhousemedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.steelhousemedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
sdesapio-conversiontracker.appspot.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
sdesapio-conversiontracker.appspot.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
sdesapio-conversiontracker.appspot.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
sdesapio-conversiontracker.appspot.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
click.scour.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
www.googleadservices.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.adnetxchange.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.adnetxchange.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.legolas-media.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.legolas-media.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.discounttire.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.discounttire.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.discounttire.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
www.discounttire.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.discounttiredirect.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.discounttiredirect.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.discounttiredirect.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.adnetxchange.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.bizrate.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
sdesapio-conversiontracker.appspot.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
www.icityfind.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
www.plomedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
www.findstuff.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.reddoorsubshop.click4ameal.net [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.reddoorsubshop.click4ameal.net [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
www.qsstats.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
www.qsstats.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.tracking.realtor.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.invitemedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.specificmedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
tracking.hostgator.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
parentmediagroup.go2jump.org [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
www.hardly****ed.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.hardly****ed.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.hardly****ed.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
hardly****ed.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.adxpansion.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
superioradnetwork.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
www.googleadservices.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.steelhousemedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
www.googleadservices.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.collective-media.net [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.postclicks.net [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.steelhousemedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.steelhousemedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.steelhousemedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
s07.flagcounter.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
www.googleadservices.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.questionmarket.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.revsci.net [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.revsci.net [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.revsci.net [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.content.yieldmanager.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.bs.serving-sys.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.serving-sys.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
banner.adchemy.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
banner.adchemy.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
banner.adchemy.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.ru4.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.ru4.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.tribalfusion.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.trafficmp.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.trafficmp.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.trafficmp.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.questionmarket.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.revsci.net [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.revsci.net [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.revsci.net [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.content.yieldmanager.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.247realmedia.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
.insightexpressai.com [ C:\Users\dabradfords\AppData\Roaming\Mozilla\Firefox\Profiles\y5pw7b2o.default\cookies.sqlite ]
cdn4.specificclick.net [ C:\Users\danielle\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\72LPDMH3 ]
core.insightexpressai.com [ C:\Users\danielle\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\72LPDMH3 ]
ia.media-imdb.com [ C:\Users\danielle\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\72LPDMH3 ]
objects.tremormedia.com [ C:\Users\danielle\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\72LPDMH3 ]
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\danielle@atdmt[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\danielle@advertising[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\danielle@interclick[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\danielle@casalemedia[2].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\danielle@server.cpmstar[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\danielle@247realmedia[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\danielle@bs.serving-sys[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\danielle@realmedia[2].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\danielle@ad.wsod[2].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\danielle@2o7[2].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\danielle@content.yieldmanager[3].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\danielle@oasn04.247realmedia[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\danielle@mediaplex[2].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\danielle@serving-sys[2].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\danielle@ad.yieldmanager[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\danielle@apmebf[2].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\danielle@fastclick[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\danielle@a1.interclick[2].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\danielle@eaeacom.112.2o7[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@247realmedia[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@mediaplex[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@advertising[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@ads.undertone[2].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@realmedia[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@revsci[2].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@atwola[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@pointroll[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@network.realmedia[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@www.burstbeacon[2].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@ads.addynamix[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@bs.serving-sys[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@ad.wsod[2].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@burstnet[2].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@adbrite[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@trafficmp[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@www.burstnet[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@electronicarts.112.2o7[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@ads.bridgetrack[2].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@oasn04.247realmedia[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@eyewonder[2].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@questionmarket[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@serving-sys[2].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@ad.yieldmanager[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@tribalfusion[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@apmebf[2].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@tacoda[2].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@fastclick[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@at.atwola[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@statse.webtrendslive[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@burstbeacon[2].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@sales.liveperson[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@ads.pointroll[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@media6degrees[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@atdmt[1].txt
C:\Users\danielle\AppData\Roaming\Microsoft\Windows\Cookies\Low\danielle@content.yieldmanager[3].txt

jabdude84 · 2010/10/26

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: Quanta
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP Pavilion dv6 Notebook PC
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 247):
0x02C11000 \SystemRoot\system32\ntoskrnl.exe
0x031ED000 \SystemRoot\system32\hal.dll
0x00BC5000 \SystemRoot\system32\kdcom.dll
0x00C8A000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00CCE000 \SystemRoot\system32\PSHED.dll
0x00CE2000 \SystemRoot\system32\CLFS.SYS
0x00D40000 \SystemRoot\system32\CI.dll
0x00EC0000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00F64000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00F73000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x00FCA000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x00FD3000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x00E00000 \SystemRoot\system32\DRIVERS\pci.sys
0x00E33000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x00E40000 \SystemRoot\system32\DRIVERS\isapnp.sys
0x00E49000 \SystemRoot\system32\DRIVERS\mpio.sys
0x00E73000 \SystemRoot\System32\drivers\partmgr.sys
0x00E88000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00E91000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00E9D000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x00C00000 \SystemRoot\System32\drivers\volmgrx.sys
0x00EB2000 \SystemRoot\system32\DRIVERS\intelide.sys
0x00FDD000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x00FED000 \SystemRoot\system32\DRIVERS\aliide.sys
0x00FF4000 \SystemRoot\system32\DRIVERS\amdide.sys
0x00C5C000 \SystemRoot\system32\DRIVERS\cmdide.sys
0x00C64000 \SystemRoot\System32\drivers\mountmgr.sys
0x0100D000 \SystemRoot\system32\DRIVERS\msdsm.sys
0x01033000 \SystemRoot\system32\DRIVERS\nvraid.sys
0x0105C000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x0108C000 \SystemRoot\system32\DRIVERS\pciide.sys
0x01093000 \SystemRoot\system32\DRIVERS\viaide.sys
0x0109B000 \SystemRoot\system32\DRIVERS\iaStorV.sys
0x0127B000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x01397000 \SystemRoot\system32\DRIVERS\atapi.sys
0x013A0000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x013CA000 \SystemRoot\system32\DRIVERS\lsi_sas.sys
0x01200000 \SystemRoot\system32\DRIVERS\storport.sys
0x01262000 \SystemRoot\system32\DRIVERS\msahci.sys
0x013E7000 \SystemRoot\system32\DRIVERS\HpSAMD.sys
0x0148B000 \SystemRoot\system32\DRIVERS\adp94xx.sys
0x01506000 \SystemRoot\system32\DRIVERS\adpahci.sys
0x0155C000 \SystemRoot\system32\DRIVERS\adpu320.sys
0x0158B000 \SystemRoot\system32\DRIVERS\amdsata.sys
0x015A9000 \SystemRoot\system32\DRIVERS\amdsbs.sys
0x015F0000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x01400000 \SystemRoot\system32\DRIVERS\arc.sys
0x01419000 \SystemRoot\system32\DRIVERS\arcsas.sys
0x016AE000 \SystemRoot\system32\DRIVERS\elxstor.sys
0x01735000 \SystemRoot\system32\DRIVERS\iirsp.sys
0x01746000 \SystemRoot\system32\DRIVERS\lsi_fc.sys
0x01765000 \SystemRoot\system32\DRIVERS\lsi_sas2.sys
0x01778000 \SystemRoot\system32\DRIVERS\lsi_scsi.sys
0x01797000 \SystemRoot\system32\DRIVERS\megasas.sys
0x01600000 \SystemRoot\system32\DRIVERS\MegaSR.sys
0x017A3000 \SystemRoot\system32\DRIVERS\nfrd960.sys
0x017B3000 \SystemRoot\system32\DRIVERS\nvstor.sys
0x01823000 \SystemRoot\system32\DRIVERS\ql2300.sys
0x01AE2000 \SystemRoot\system32\DRIVERS\ql40xx.sys
0x01B41000 \SystemRoot\system32\DRIVERS\SiSRaid2.sys
0x01B4F000 \SystemRoot\system32\DRIVERS\sisraid4.sys
0x01B67000 \SystemRoot\system32\DRIVERS\stexstor.sys
0x01B71000 \SystemRoot\system32\DRIVERS\vsmraid.sys
0x01B9B000 \SystemRoot\system32\drivers\fltmgr.sys
0x01BE7000 \SystemRoot\system32\drivers\fileinfo.sys
0x01A00000 \SystemRoot\system32\drivers\N360x64\0308000.029\SYMEFA64.SYS
0x01C4C000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01A67000 \SystemRoot\System32\Drivers\msrpc.sys
0x01C00000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01E29000 \SystemRoot\System32\Drivers\cng.sys
0x01E9C000 \SystemRoot\System32\drivers\pcw.sys
0x01EAD000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01EB7000 \SystemRoot\system32\drivers\ndis.sys
0x020E5000 \SystemRoot\system32\drivers\NETIO.SYS
0x02145000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x02203000 \SystemRoot\System32\drivers\tcpip.sys
0x02170000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x021BA000 \SystemRoot\system32\DRIVERS\wd.sys
0x02000000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x0204C000 \SystemRoot\System32\Drivers\spldr.sys
0x02054000 \SystemRoot\system32\DRIVERS\sbp2port.sys
0x02071000 \SystemRoot\System32\drivers\rdyboost.sys
0x020AB000 \SystemRoot\System32\Drivers\mup.sys
0x020BD000 \SystemRoot\System32\drivers\hwpolicy.sys
0x020C6000 \SystemRoot\system32\DRIVERS\hpdskflt.sys
0x021C2000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01FA9000 \SystemRoot\system32\DRIVERS\disk.sys
0x03613000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x0363D000 \SystemRoot\System32\Drivers\N360x64\0308000.029\SRTSP64.SYS
0x04411000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20101026.002\EX64.SYS
0x01FBF000 \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
0x045CF000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20101026.002\ENG64.SYS
0x036BB000 \SystemRoot\system32\drivers\N360x64\0308000.029\SRTSPX64.SYS
0x045EF000 \SystemRoot\System32\Drivers\Null.SYS
0x045F8000 \SystemRoot\System32\Drivers\Beep.SYS
0x04400000 \SystemRoot\System32\drivers\vga.sys
0x01E00000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x01C1A000 \SystemRoot\System32\drivers\watchdog.sys
0x037F1000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x01FF5000 \SystemRoot\system32\drivers\rdpencdd.sys
0x01C2A000 \SystemRoot\system32\drivers\rdprefmp.sys
0x01C33000 \SystemRoot\System32\Drivers\Msfs.SYS
0x01DEF000 \SystemRoot\System32\Drivers\Npfs.SYS
0x019C7000 \SystemRoot\system32\DRIVERS\tdx.sys
0x01C3E000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x01434000 \SystemRoot\System32\Drivers\N360x64\0308000.029\SYMTDI.SYS
0x01AC5000 \SystemRoot\System32\Drivers\N360x64\0308000.029\SYMNDISV.SYS
0x01800000 \SystemRoot\System32\Drivers\N360x64\0308000.029\SYMFW.SYS
0x046CB000 \SystemRoot\system32\drivers\afd.sys
0x04755000 \SystemRoot\System32\DRIVERS\netbt.sys
0x0479A000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x047A3000 \SystemRoot\system32\DRIVERS\pacer.sys
0x047C9000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x047DF000 \SystemRoot\system32\DRIVERS\SymIMv.sys
0x047EA000 \SystemRoot\system32\DRIVERS\netbios.sys
0x0461D000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x04638000 \SystemRoot\system32\DRIVERS\termdd.sys
0x0464C000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x0469D000 \SystemRoot\system32\drivers\nsiproxy.sys
0x046A9000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x04838000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20101025.001\IDSvia64.sys
0x048B3000 \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
0x04929000 \SystemRoot\System32\drivers\discache.sys
0x04938000 \SystemRoot\System32\Drivers\dfsc.sys
0x04956000 \SystemRoot\System32\Drivers\N360x64\0308000.029\ccHPx64.sys
0x049E9000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x04AB3000 \SystemRoot\System32\Drivers\N360x64\0308000.029\BHDrvx64.sys
0x04B0A000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x04B30000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x04B46000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x05285000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
0x04C21000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x04D15000 \SystemRoot\System32\drivers\dxgmms1.sys
0x04D5B000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x04D68000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x04DBE000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x04DCF000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x05AB1000 \SystemRoot\system32\DRIVERS\bcmwl664.sys
0x05D8C000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x05A00000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x05A1E000 \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
0x05A2A000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x05A39000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x05A82000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x05A84000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x05A93000 \SystemRoot\system32\DRIVERS\enecir.sys
0x05DE5000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x05DF0000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x04DF3000 \SystemRoot\system32\DRIVERS\Accelerometer.sys
0x04C00000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x0598D000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x059A3000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x04C10000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x059C7000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x05200000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x0521B000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x0523C000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x05DF9000 \SystemRoot\system32\DRIVERS\swenum.sys
0x04B4B000 \SystemRoot\system32\DRIVERS\ks.sys
0x05256000 \SystemRoot\system32\DRIVERS\circlass.sys
0x05268000 \SystemRoot\system32\DRIVERS\umbus.sys
0x04B8E000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x04BE8000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x04A00000 \SystemRoot\system32\DRIVERS\stwrt64.sys
0x011B9000 \SystemRoot\system32\DRIVERS\portcls.sys
0x04A7B000 \SystemRoot\system32\DRIVERS\drmk.sys
0x0527A000 \SystemRoot\system32\drivers\ksthunk.sys
0x06E69000 \SystemRoot\system32\DRIVERS\agrsm64.sys
0x06F9A000 \SystemRoot\system32\drivers\modem.sys
0x06FA9000 \SystemRoot\system32\drivers\IntcHdmi.sys
0x06FD0000 \SystemRoot\system32\DRIVERS\hidir.sys
0x06FE1000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x06E00000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x06E09000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x06E17000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x00080000 \SystemRoot\System32\win32k.sys
0x06E24000 \SystemRoot\System32\drivers\Dxapi.sys
0x06E30000 \SystemRoot\System32\Drivers\crashdmp.sys
0x06E3E000 \SystemRoot\system32\DRIVERS\monitor.sys
0x036CF000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x06E4C000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x04A9D000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x04800000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x02AB1000 \SystemRoot\System32\Drivers\usbvideo.sys
0x00490000 \SystemRoot\System32\TSDDD.dll
0x00680000 \SystemRoot\System32\cdd.dll
0x00840000 \SystemRoot\System32\ATMFD.DLL
0x02ADF000 \SystemRoot\system32\drivers\luafv.sys
0x02B02000 \SystemRoot\system32\drivers\WudfPf.sys
0x02B23000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x02B38000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x02B8B000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x02B9E000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x02BB6000 \SystemRoot\system32\DRIVERS\vwifimp.sys
0x032F6000 \SystemRoot\system32\drivers\HTTP.sys
0x033BE000 \SystemRoot\system32\DRIVERS\bowser.sys
0x033DC000 \SystemRoot\System32\drivers\mpsdrv.sys
0x03200000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x0322D000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x0327B000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x02A00000 \SystemRoot\system32\drivers\peauth.sys
0x0329E000 \SystemRoot\System32\Drivers\secdrv.SYS
0x032A9000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x032D6000 \SystemRoot\System32\drivers\tcpipreg.sys
0x07C5B000 \SystemRoot\System32\DRIVERS\srv2.sys
0x07CC3000 \SystemRoot\System32\DRIVERS\srv.sys
0x07DE2000 \SystemRoot\system32\DRIVERS\WSDPrint.sys
0x76E80000 \Windows\System32\ntdll.dll
0x48510000 \Windows\System32\smss.exe
0xFF1A0000 \Windows\System32\apisetschema.dll
0xFFF10000 \Windows\System32\autochk.exe
0xFF0C0000 \Windows\System32\usp10.dll
0xFF0B0000 \Windows\System32\nsi.dll
0xFEEA0000 \Windows\System32\ole32.dll
0xFEE20000 \Windows\System32\shlwapi.dll
0xFECF0000 \Windows\System32\wininet.dll
0xFEC10000 \Windows\System32\advapi32.dll
0xFEBC0000 \Windows\System32\Wldap32.dll
0xFEB50000 \Windows\System32\gdi32.dll
0xFDDC0000 \Windows\System32\shell32.dll
0xFDBE0000 \Windows\System32\setupapi.dll
0xFDB90000 \Windows\System32\ws2_32.dll
0xFDB10000 \Windows\System32\difxapi.dll
0xFD9E0000 \Windows\System32\rpcrt4.dll
0xFD780000 \Windows\System32\iertutil.dll
0x76D60000 \Windows\System32\kernel32.dll
0xFD6E0000 \Windows\System32\clbcatq.dll
0xFD6B0000 \Windows\System32\imm32.dll
0xFD530000 \Windows\System32\urlmon.dll
0xFD510000 \Windows\System32\imagehlp.dll
0x77050000 \Windows\System32\psapi.dll
0xFD500000 \Windows\System32\lpk.dll
0xFD460000 \Windows\System32\msvcrt.dll
0xFD380000 \Windows\System32\oleaut32.dll
0xFD2E0000 \Windows\System32\comdlg32.dll
0xFD1D0000 \Windows\System32\msctf.dll
0xFD1B0000 \Windows\System32\sechost.dll
0x77040000 \Windows\System32\normaliz.dll
0x76C60000 \Windows\System32\user32.dll
0xFD190000 \Windows\System32\devobj.dll
0xFD020000 \Windows\System32\crypt32.dll
0xFCFB0000 \Windows\System32\KernelBase.dll
0xFCF70000 \Windows\System32\cfgmgr32.dll
0xFCF30000 \Windows\System32\wintrust.dll
0xFCE90000 \Windows\System32\comctl32.dll
0xFCE80000 \Windows\System32\msasn1.dll
0x74C30000 \Windows\SysWOW64\normaliz.dll

Processes (total 96):
0 System Idle Process
4 System
316 C:\Windows\System32\smss.exe
452 csrss.exe
520 C:\Windows\System32\wininit.exe
532 csrss.exe
568 C:\Windows\System32\services.exe
592 C:\Windows\System32\lsass.exe
600 C:\Windows\System32\lsm.exe
708 C:\Windows\System32\winlogon.exe
748 C:\Windows\System32\svchost.exe
828 C:\Windows\System32\svchost.exe
960 C:\Windows\System32\svchost.exe
992 C:\Windows\System32\svchost.exe
1020 C:\Windows\System32\svchost.exe
364 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe
1044 C:\Windows\System32\svchost.exe
1096 C:\Windows\System32\hpservice.exe
1284 C:\Windows\System32\svchost.exe
1376 C:\Windows\System32\wlanext.exe
1384 C:\Windows\System32\conhost.exe
1492 C:\Windows\System32\spoolsv.exe
1520 C:\Windows\System32\svchost.exe
1596 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
1632 C:\Program Files\LSI SoftModem\agr64svc.exe
1656 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1684 C:\Program Files (x86)\Bonjour\mDNSResponder.exe
1720 C:\Windows\SysWOW64\svchost.exe
1748 C:\Program Files (x86)\iWin Games\iWinTrusted.exe
1776 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
1872 C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
1932 C:\Windows\System32\svchost.exe
1980 C:\Windows\System32\svchost.exe
2004 C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
1216 C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe
1248 C:\Windows\System32\svchost.exe
1556 C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe
1072 C:\Windows\System32\taskhost.exe
2124 C:\Windows\System32\dwm.exe
2140 C:\Windows\explorer.exe
2572 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
2608 C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
2984 PrintIsolationHost.exe
1128 C:\Windows\System32\svchost.exe
3100 C:\Windows\System32\svchost.exe
3328 C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
3584 C:\Windows\System32\taskeng.exe
3672 C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
3680 C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
3996 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
3268 C:\Windows\System32\svchost.exe
3720 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
3708 C:\Program Files\IDT\WDM\sttray64.exe
3632 C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
916 C:\Windows\System32\igfxtray.exe
3804 C:\Windows\System32\hkcmd.exe
3812 C:\Windows\System32\igfxpers.exe
3956 C:\Windows\System32\SearchIndexer.exe
3948 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
436 C:\Windows\System32\igfxsrvc.exe
1964 C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
3864 C:\Users\dabradfords\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
4120 C:\Windows\System32\StikyNot.exe
4200 C:\Program Files\Windows Media Player\wmpnetwk.exe
4276 C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
4300 C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
4400 C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
4412 C:\SUBLIME\AUDIO_TS\PCSnapShot\PCSS.exe
4596 C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
4612 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
4624 WmiPrvSE.exe
4732 C:\Program Files\Logitech\SetPoint\SetPoint.exe
4744 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
4808 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
4860 C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
4920 C:\Program Files (x86)\Java\jre6\bin\jusched.exe
5084 C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
5112 C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
3728 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
4492 C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
3052 C:\Program Files (x86)\iTunes\iTunesHelper.exe
1536 C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe
908 C:\Windows\System32\svchost.exe
5988 C:\Program Files\iPod\bin\iPodService.exe
5996 C:\Users\dabradfords\Desktop\sas\SUPERAntiSpyware.exe
5324 C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
5656 C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
148 C:\Windows\System32\svchost.exe
5876 C:\Windows\System32\wuauclt.exe
4556 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
5728 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
5028 C:\Windows\System32\audiodg.exe
5072 C:\Windows\System32\SearchProtocolHost.exe
5776 C:\Windows\System32\SearchFilterHost.exe
512 C:\Users\dabradfords\Downloads\MBRCheck.exe
936 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`0c800000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000037`0a700000 (NTFS)

PhysicalDrive0 Model Number: TOSHIBAMK2555GSX, Rev: FG002C

Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: BC6EABF51F00E85E6427C92381380843A3168C8F

Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

broni · 2010/10/26

Your MBR seems to be infected.

Please download NTBR by noahdfear and save it to your Desktop.
File size: 2.44 MB (2,565,432 bytes)

Place a blank CD in your CD drive.

Double click on NTBR_CD.exe file and a folder of the same name will appear.

Open the folder and double click on BurnItCD.cmd file. If your CD drive will open, simply close it back.

Follow the prompts to burn the CD.

Now you will need to set the CD-Rom as first boot device if it isn't already (if you don't know how to do it, see HERE)

If you have any questions about this step, ask before you proceed. If you enter the BIOS and are unsure if you have carried out the step correctly, there should be an option to exit without keeping changes, so you won't do any harm.

Insert the newly created CD into your infected PC and reboot your computer.

Once you have rebooted please press Enter when prompted to continue booting from CD - you have a whole 15 seconds to do this!

Read the warning and then continue as prompted.

You first need to select your keyboard layout - press Enter for English.

Next you want to select the appropriate tool. Enter 1 to choose 1. MBRWORK

On the following screen enter 5 to select Install Standard MBR code.

Enter 2 to overwrite the infected MBR Code with the Windows 7 MBR code.

When asked to confirm please do so.

Afterwards, please enter E to leave MBRWORK, then 6 to leave the bootable CD.

Eject the disc and then press ctrl+alt+del to reboot the PC.

Once rebooted, run MBRCheck again and post its log.

broni · 2010/10/31

Are you still out there?

jabdude84 · 2010/10/31

yes, sorry i haven't responded I have had some family issues at home. Im trying to get that last part done this evening.

jabdude84 · 2010/10/31

I downloaded the NTBR and it will not allow me to run it a message pops up saying it installed incorecctly.

jabdude84 · 2010/10/31

ok let me correct that it downloaded and i have a file on my desktop that says NTBR_CD but if i click on it or attempt to run it it does nothing.

jabdude84 · 2010/10/31

ok let me correct myself once again lol. I figured it out and have it burned to a disk but when i reboot and attempt to boot from disc it allows me to set the language then it says unable to find cd rom and tells me to reboot again.

broni · 2010/10/31

I need to know exact error message, you're getting.

jabdude84 · 2010/10/31

Can't open CD driver CDRCACH SHSUCDX can't install
Error: failure loading; unable to find CD rom drive

broni · 2010/10/31

I see.
We'll use different way to do it.

If you have Vista/7 DVD...

start with step 2

If you don't have Vista/7 DVD...

1. Create Vista/7 Recovery Disc.

Option 1 :
Vista: http://www.c4consulting.com.au/soluctions/vista/VISTA SOLUCTIONS.htm
Windows 7: http://www.guidingtech.com/3816/system-repair-recovery-disc-windows-7/

Option 2:
Download Vista Recovery Disc iso image: http://neosmart.net/blog/2008/windows-vista-recovery-disc-download/
Download Windows 7 Recovery Disc iso image: http://neosmart.net/blog/2009/windows-7-system-repair-discs/
Burn it to CD, or DVD: http://neosmart.net/wiki/display/G/Burning+ISO+Images+to+a+CD+or+DVD

2. Boot from created disk.

Vista users. At first screen click on Repair your computer:

Windows 7 users. At first screen click on Install now:

Select your language and click next:

Click the button for "Use recovery tools ":

The following applies to both, Vista and Windows 7 users.

This will bring you to a new screen where the repair process will look for all Windows Vista/7 installations on your computer. When done you will be presented with the System Recovery Options dialog box:

After this, it will present you with a list of options including startup repair, system restore and command prompt:

Select Command Prompt

Type in:
bootrec /FixMbr (<--- there is a "space" after "bootrec ")
and then press Enter

Once completed then type Exit, press Enter and restart computer.

Post fresh MBRCheck log.

jabdude84 · 2010/10/31

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: Quanta
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP Pavilion dv6 Notebook PC
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 249):
0x02C4B000 \SystemRoot\system32\ntoskrnl.exe
0x02C02000 \SystemRoot\system32\hal.dll
0x00BC2000 \SystemRoot\system32\kdcom.dll
0x00C08000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00C4C000 \SystemRoot\system32\PSHED.dll
0x00C60000 \SystemRoot\system32\CLFS.SYS
0x00CBE000 \SystemRoot\system32\CI.dll
0x00EB7000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00F5B000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00F6A000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x00FC1000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x00FCA000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x00E00000 \SystemRoot\system32\DRIVERS\pci.sys
0x00E33000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x00E40000 \SystemRoot\system32\DRIVERS\isapnp.sys
0x00E49000 \SystemRoot\system32\DRIVERS\mpio.sys
0x00E73000 \SystemRoot\System32\drivers\partmgr.sys
0x00E88000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00E91000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00E9D000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x00D7E000 \SystemRoot\System32\drivers\volmgrx.sys
0x00FD4000 \SystemRoot\system32\DRIVERS\intelide.sys
0x00FDC000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x00FEC000 \SystemRoot\system32\DRIVERS\aliide.sys
0x00FF3000 \SystemRoot\system32\DRIVERS\amdide.sys
0x00DDA000 \SystemRoot\system32\DRIVERS\cmdide.sys
0x00DE2000 \SystemRoot\System32\drivers\mountmgr.sys
0x0109C000 \SystemRoot\system32\DRIVERS\msdsm.sys
0x010C2000 \SystemRoot\system32\DRIVERS\nvraid.sys
0x010EB000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x0111B000 \SystemRoot\system32\DRIVERS\pciide.sys
0x01122000 \SystemRoot\system32\DRIVERS\viaide.sys
0x0129C000 \SystemRoot\system32\DRIVERS\iaStorV.sys
0x014DA000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x015F6000 \SystemRoot\system32\DRIVERS\atapi.sys
0x01400000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x0142A000 \SystemRoot\system32\DRIVERS\lsi_sas.sys
0x01447000 \SystemRoot\system32\DRIVERS\storport.sys
0x014A9000 \SystemRoot\system32\DRIVERS\msahci.sys
0x014B4000 \SystemRoot\system32\DRIVERS\HpSAMD.sys
0x01200000 \SystemRoot\system32\DRIVERS\adp94xx.sys
0x0112A000 \SystemRoot\system32\DRIVERS\adpahci.sys
0x013BA000 \SystemRoot\system32\DRIVERS\adpu320.sys
0x0127B000 \SystemRoot\system32\DRIVERS\amdsata.sys
0x01180000 \SystemRoot\system32\DRIVERS\amdsbs.sys
0x014CB000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x011C7000 \SystemRoot\system32\DRIVERS\arc.sys
0x011E0000 \SystemRoot\system32\DRIVERS\arcsas.sys
0x01000000 \SystemRoot\system32\DRIVERS\elxstor.sys
0x013E9000 \SystemRoot\system32\DRIVERS\iirsp.sys
0x01619000 \SystemRoot\system32\DRIVERS\lsi_fc.sys
0x01638000 \SystemRoot\system32\DRIVERS\lsi_sas2.sys
0x0164B000 \SystemRoot\system32\DRIVERS\lsi_scsi.sys
0x0166A000 \SystemRoot\system32\DRIVERS\megasas.sys
0x01676000 \SystemRoot\system32\DRIVERS\MegaSR.sys
0x0171A000 \SystemRoot\system32\DRIVERS\nfrd960.sys
0x0172A000 \SystemRoot\system32\DRIVERS\nvstor.sys
0x0185B000 \SystemRoot\system32\DRIVERS\ql2300.sys
0x01755000 \SystemRoot\system32\DRIVERS\ql40xx.sys
0x01800000 \SystemRoot\system32\DRIVERS\SiSRaid2.sys
0x0180E000 \SystemRoot\system32\DRIVERS\sisraid4.sys
0x01826000 \SystemRoot\system32\DRIVERS\stexstor.sys
0x01830000 \SystemRoot\system32\DRIVERS\vsmraid.sys
0x017B4000 \SystemRoot\system32\drivers\fltmgr.sys
0x01600000 \SystemRoot\system32\drivers\fileinfo.sys
0x01A9D000 \SystemRoot\system32\drivers\N360x64\0308000.029\SYMEFA64.SYS
0x01C19000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01B04000 \SystemRoot\System32\Drivers\msrpc.sys
0x01DBC000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01B62000 \SystemRoot\System32\Drivers\cng.sys
0x01DD6000 \SystemRoot\System32\drivers\pcw.sys
0x01DE7000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01EA5000 \SystemRoot\system32\drivers\ndis.sys
0x01F97000 \SystemRoot\system32\drivers\NETIO.SYS
0x01E00000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x02002000 \SystemRoot\System32\drivers\tcpip.sys
0x01E2B000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01E75000 \SystemRoot\system32\DRIVERS\wd.sys
0x01A00000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x01E7D000 \SystemRoot\System32\Drivers\spldr.sys
0x01E85000 \SystemRoot\system32\DRIVERS\sbp2port.sys
0x01A4C000 \SystemRoot\System32\drivers\rdyboost.sys
0x01C00000 \SystemRoot\System32\Drivers\mup.sys
0x01FF7000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01DF1000 \SystemRoot\system32\DRIVERS\hpdskflt.sys
0x0229E000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x022D8000 \SystemRoot\system32\DRIVERS\disk.sys
0x03613000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x0363D000 \SystemRoot\System32\Drivers\N360x64\0308000.029\SRTSP64.SYS
0x04424000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20101031.002\EX64.SYS
0x022FC000 \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
0x04400000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20101031.002\ENG64.SYS
0x045E2000 \SystemRoot\system32\drivers\N360x64\0308000.029\SRTSPX64.SYS
0x045F6000 \SystemRoot\System32\Drivers\Null.SYS
0x036BB000 \SystemRoot\System32\Drivers\Beep.SYS
0x036C2000 \SystemRoot\System32\drivers\vga.sys
0x02332000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x037EF000 \SystemRoot\System32\drivers\watchdog.sys
0x02357000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x02360000 \SystemRoot\system32\drivers\rdpencdd.sys
0x02369000 \SystemRoot\system32\drivers\rdprefmp.sys
0x02372000 \SystemRoot\System32\Drivers\Msfs.SYS
0x0237D000 \SystemRoot\System32\Drivers\Npfs.SYS
0x0238E000 \SystemRoot\system32\DRIVERS\tdx.sys
0x023AC000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x02200000 \SystemRoot\System32\Drivers\N360x64\0308000.029\SYMTDI.SYS
0x0224C000 \SystemRoot\System32\Drivers\N360x64\0308000.029\SYMNDISV.SYS
0x0225C000 \SystemRoot\System32\Drivers\N360x64\0308000.029\SYMFW.SYS
0x046E6000 \SystemRoot\system32\drivers\afd.sys
0x04770000 \SystemRoot\System32\DRIVERS\netbt.sys
0x047B5000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x047BE000 \SystemRoot\system32\DRIVERS\pacer.sys
0x047E4000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x04600000 \SystemRoot\system32\DRIVERS\SymIMv.sys
0x0460B000 \SystemRoot\system32\DRIVERS\netbios.sys
0x04637000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x04652000 \SystemRoot\system32\DRIVERS\termdd.sys
0x04666000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x046B7000 \SystemRoot\system32\drivers\nsiproxy.sys
0x046C3000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x048FB000 \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20101028.001\IDSvia64.sys
0x04976000 \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
0x04800000 \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
0x04825000 \SystemRoot\System32\drivers\discache.sys
0x04834000 \SystemRoot\System32\Drivers\dfsc.sys
0x04852000 \SystemRoot\System32\Drivers\N360x64\0308000.029\ccHPx64.sys
0x048E5000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x04A16000 \SystemRoot\System32\Drivers\N360x64\0308000.029\BHDrvx64.sys
0x04A6D000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x04A93000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x04AA9000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x05264000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
0x04AAE000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x0596C000 \SystemRoot\System32\drivers\dxgmms1.sys
0x059B2000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x05200000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x059BF000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x059D0000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x04CA4000 \SystemRoot\system32\DRIVERS\bcmwl664.sys
0x04F7F000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x04FD8000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x04C00000 \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
0x04C0C000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x04C1B000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x04C64000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x04C66000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x04C75000 \SystemRoot\system32\DRIVERS\enecir.sys
0x04C92000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x04FF6000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x059F4000 \SystemRoot\system32\DRIVERS\Accelerometer.sys
0x04BA2000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x04BB2000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x04BC8000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x05256000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x023B9000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x0461A000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x01BD5000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x0227E000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x04C9D000 \SystemRoot\system32\DRIVERS\swenum.sys
0x05A36000 \SystemRoot\system32\DRIVERS\ks.sys
0x05A79000 \SystemRoot\system32\DRIVERS\circlass.sys
0x05A8B000 \SystemRoot\system32\DRIVERS\umbus.sys
0x05A9D000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x05AF7000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x05B0C000 \SystemRoot\system32\DRIVERS\stwrt64.sys
0x05B87000 \SystemRoot\system32\DRIVERS\portcls.sys
0x05BC4000 \SystemRoot\system32\DRIVERS\drmk.sys
0x05BE6000 \SystemRoot\system32\drivers\ksthunk.sys
0x06A5D000 \SystemRoot\system32\DRIVERS\agrsm64.sys
0x06B8E000 \SystemRoot\system32\drivers\modem.sys
0x06B9D000 \SystemRoot\system32\drivers\IntcHdmi.sys
0x06BC4000 \SystemRoot\system32\DRIVERS\hidir.sys
0x06BD5000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x06BEE000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x06A00000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x06A0E000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x00070000 \SystemRoot\System32\win32k.sys
0x06A1B000 \SystemRoot\System32\drivers\Dxapi.sys
0x036D0000 \SystemRoot\system32\DRIVERS\udfs.sys
0x06A27000 \SystemRoot\System32\Drivers\crashdmp.sys
0x06A35000 \SystemRoot\system32\DRIVERS\monitor.sys
0x06A43000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x05A00000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x02A53000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x02B6F000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x02B82000 \SystemRoot\System32\Drivers\usbvideo.sys
0x00410000 \SystemRoot\System32\TSDDD.dll
0x00760000 \SystemRoot\System32\cdd.dll
0x00900000 \SystemRoot\System32\ATMFD.DLL
0x02BB0000 \SystemRoot\system32\drivers\luafv.sys
0x02BD3000 \SystemRoot\system32\drivers\WudfPf.sys
0x02A00000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x03724000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x02A15000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x02A28000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x03048000 \SystemRoot\system32\drivers\HTTP.sys
0x03110000 \SystemRoot\system32\DRIVERS\bowser.sys
0x0312E000 \SystemRoot\System32\drivers\mpsdrv.sys
0x03146000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x03173000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x031C1000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x031E4000 \SystemRoot\system32\DRIVERS\vwifimp.sys
0x03E01000 \SystemRoot\system32\drivers\peauth.sys
0x03EA7000 \SystemRoot\System32\Drivers\secdrv.SYS
0x03EB2000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x03EDF000 \SystemRoot\System32\drivers\tcpipreg.sys
0x03EF1000 \SystemRoot\System32\DRIVERS\srv2.sys
0x03F58000 \SystemRoot\System32\DRIVERS\srv.sys
0x03777000 \SystemRoot\system32\drivers\spsys.sys
0x77080000 \Windows\System32\ntdll.dll
0x47690000 \Windows\System32\smss.exe
0xFF3A0000 \Windows\System32\apisetschema.dll
0xFF020000 \Windows\System32\autochk.exe
0xFF320000 \Windows\System32\gdi32.dll
0xFF240000 \Windows\System32\oleaut32.dll
0xFF1F0000 \Windows\System32\Wldap32.dll
0xFF1E0000 \Windows\System32\nsi.dll
0x76F80000 \Windows\System32\user32.dll
0xFF1C0000 \Windows\System32\sechost.dll
0xFEF60000 \Windows\System32\iertutil.dll
0xFEE90000 \Windows\System32\usp10.dll
0xFECB0000 \Windows\System32\setupapi.dll
0xFEC10000 \Windows\System32\msvcrt.dll
0xFEB70000 \Windows\System32\comdlg32.dll
0xFEAF0000 \Windows\System32\shlwapi.dll
0xFE8E0000 \Windows\System32\ole32.dll
0xFE760000 \Windows\System32\urlmon.dll
0xFE630000 \Windows\System32\wininet.dll
0xFE610000 \Windows\System32\imagehlp.dll
0xFE5C0000 \Windows\System32\ws2_32.dll
0x77250000 \Windows\System32\psapi.dll
0x76E60000 \Windows\System32\kernel32.dll
0xFE4E0000 \Windows\System32\advapi32.dll
0xFE440000 \Windows\System32\clbcatq.dll
0xFE330000 \Windows\System32\msctf.dll
0xFD5A0000 \Windows\System32\shell32.dll
0xFD470000 \Windows\System32\rpcrt4.dll
0xFD440000 \Windows\System32\imm32.dll
0xFD3C0000 \Windows\System32\difxapi.dll
0xFD3B0000 \Windows\System32\lpk.dll
0x77240000 \Windows\System32\normaliz.dll
0xFD310000 \Windows\System32\comctl32.dll
0xFD2F0000 \Windows\System32\devobj.dll
0xFD180000 \Windows\System32\crypt32.dll
0xFD110000 \Windows\System32\KernelBase.dll
0xFD0D0000 \Windows\System32\cfgmgr32.dll
0xFD090000 \Windows\System32\wintrust.dll
0xFD080000 \Windows\System32\msasn1.dll
0x75060000 \Windows\SysWOW64\normaliz.dll

Processes (total 98):
0 System Idle Process
4 System
316 C:\Windows\System32\smss.exe
456 csrss.exe
512 C:\Windows\System32\wininit.exe
524 csrss.exe
556 C:\Windows\System32\winlogon.exe
616 C:\Windows\System32\services.exe
624 C:\Windows\System32\lsass.exe
632 C:\Windows\System32\lsm.exe
744 C:\Windows\System32\svchost.exe
824 C:\Windows\System32\svchost.exe
912 C:\Windows\System32\svchost.exe
952 C:\Windows\System32\svchost.exe
996 C:\Windows\System32\svchost.exe
112 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe
676 C:\Windows\System32\audiodg.exe
1068 C:\Windows\System32\svchost.exe
1124 C:\Windows\System32\hpservice.exe
1196 C:\Windows\System32\svchost.exe
1288 C:\Windows\System32\wlanext.exe
1296 C:\Windows\System32\conhost.exe
1380 C:\Windows\System32\spoolsv.exe
1512 C:\Windows\System32\svchost.exe
1600 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
1640 C:\Program Files\LSI SoftModem\agr64svc.exe
1680 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1736 C:\Program Files (x86)\Bonjour\mDNSResponder.exe
1772 C:\Windows\SysWOW64\svchost.exe
1860 C:\Program Files (x86)\iWin Games\iWinTrusted.exe
1892 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
1924 C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
1952 C:\Windows\System32\svchost.exe
1984 C:\Windows\System32\svchost.exe
2032 C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
1468 C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe
1560 C:\Windows\System32\svchost.exe
1672 C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe
2420 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
2580 C:\Windows\System32\taskhost.exe
2688 C:\Windows\System32\dwm.exe
2728 C:\Windows\explorer.exe
2920 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
2960 C:\Program Files\IDT\WDM\sttray64.exe
3000 C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
3020 C:\Windows\System32\igfxtray.exe
3028 C:\Windows\System32\hkcmd.exe
3064 C:\Windows\System32\igfxpers.exe
2176 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
1832 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
2272 C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
2804 C:\Users\dabradfords\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
2884 C:\Windows\System32\StikyNot.exe
2312 C:\Windows\System32\igfxsrvc.exe
508 C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
1044 C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
2992 C:\SUBLIME\AUDIO_TS\PCSnapShot\PCSS.exe
3164 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
3204 C:\Program Files\Logitech\SetPoint\SetPoint.exe
3260 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
3304 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
3312 C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
3324 C:\Program Files (x86)\Java\jre6\bin\jusched.exe
3396 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
3600 PrintIsolationHost.exe
3732 C:\Program Files (x86)\iTunes\iTunesHelper.exe
3768 C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe
4064 C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
3708 C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
4244 C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
4536 C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
5060 C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
5116 WmiPrvSE.exe
4780 C:\Windows\System32\svchost.exe
4756 C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
4220 C:\Windows\System32\SearchIndexer.exe
5288 C:\Windows\System32\svchost.exe
5332 C:\Windows\System32\svchost.exe
5352 C:\Program Files\iPod\bin\iPodService.exe
5720 C:\Windows\System32\taskeng.exe
5788 C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
5872 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
6016 C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
6028 C:\Program Files\Windows Media Player\wmpnetwk.exe
4112 C:\Windows\System32\SearchProtocolHost.exe
5608 C:\Windows\System32\svchost.exe
5500 C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
2616 C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
5868 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
3140 C:\Windows\System32\sppsvc.exe
1972 C:\Windows\System32\svchost.exe
1392 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
5128 C:\Windows\System32\SearchFilterHost.exe
3464 WmiPrvSE.exe
3104 C:\Windows\System32\wuauclt.exe
5464 C:\Users\dabradfords\Downloads\MBRCheck.exe
688 C:\Windows\System32\conhost.exe
2724 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`0c800000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000037`0a700000 (NTFS)

PhysicalDrive0 Model Number: TOSHIBAMK2555GSX, Rev: FG002C

Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79

Done!

broni · 2010/10/31

Good job

Is redirection still there?
If so, what browser is affected?

Download OTL to your Desktop.

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

Under the Custom Scan box paste this in:

netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop

Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.

Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

jabdude84 · 2010/10/31

OTL Extras logfile created on: 10/31/2010 10:13:22 PM - Run 1
OTL by OldTimer - Version 3.2.17.2 Folder = C:\Users\dabradfords\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 65.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 219.97 Gb Total Space | 123.65 Gb Free Space | 56.21% Space Free | Partition Type: NTFS
Drive D: | 12.72 Gb Total Space | 2.13 Gb Free Space | 16.72% Space Free | Partition Type: NTFS
Drive E: | 164.85 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: DABRADFORDS-PC | User Name: dabradfords | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll ",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll ",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1 ",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll ",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll ",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1 "
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{104FB32A-7CE3-4C4B-B2AA-70C613FF9DFA}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F86416014FF}" = Java(TM) 6 Update 14 (64-bit)
"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{85A42FF0-F0D0-44A3-B226-C124D6E8B1D5}" = HP 3D DriveGuard
"{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A336F8B0-7ADD-48E8-98A2-296040C1EC3F}" = MobileMe Control Panel
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{E5A24F8D-40E1-45CB-B509-81186D795735}" = HP Photosmart C6300 All-In-One Driver Software 13.0 Rel. 4
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"FFE7D41DF3C645075BB149E21988B63996C34187" = ENE CIR Receiver Driver
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"LSI Soft Modem" = LSI HDA Modem
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{10085090-E71D-4A54-9E32-44AB37A4CCC6}" = AutoSave Essentials
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1D601240-1E3C-11DE-8C30-0800200C9A66}" = Walmart Photo Manager
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20ACB2F8-3BCA-45A8-80A2-9D3CB5C25F43}" = Safari
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 17
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2D4E1F8A-901B-4BBD-B311-B6E56059066E}" = Microsoft Live Search Toolbar
"{2EA45803-BEB7-46C4-9ADC-46A5F9E7BB77}" = GEAR driver installer for x86 and x64
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4313E16C-811B-469F-8815-6EB98085F8B2}" = SlingBoxWatchYourTVAnyWhere
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{50C078F9-CBA1-4AD9-8C3B-BC5E1A59B44B}" = MyInvoices & Estimates Deluxe
"{543BDDCD-E230-4F37-881B-4900B833BBD7}" = C6300
"{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{705B639E-FAAF-40D7-AD58-C445321C7C3F}" = LightScribe System Software
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims™ 3 High-End Loft Stuff
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7BDD6642-76D6-49F7-9157-6100E5C75B97}" = Vz In Home Agent
"{82A213BD-B6AA-4281-A2D3-59D51893CC56}" = HP MediaSmart Software Notebook Demo
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CE9B20A-6C15-48A3-99A5-02C9A3E389EF}" = PS_AIO_04_C6300_Software_Min
"{8f5286b0-f659-4f76-8c09-f0c9196b6474}" = Nero 9 Lite
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9055B55A-8C44-4895-9E9A-3389683E0E89}" = Tango
"{90F6051D-A69F-4159-9203-7E20430E1056}" = HP MediaSmart SlingPlayer
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Ambitions
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.4
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B51605BF-6326-4553-AE96-6D7F1813D5F5}" = HP User Guides 0154
"{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}" = HP Advisor
"{B60DCA15-56A3-4D2D-8747-22CF7D7B588B}" = HP Support Assistant
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Activate Norton Online Backup
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{C9FB868B-2086-4EE2-BD4F-BFBA36B131F4}" = NCsoft Launcher
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CF097717-F174-4144-954A-FBC4BF301033}" = Nero 7 Ultra Edition
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DF802C05-4660-418c-970C-B988ADB1D316}" = Microsoft Live Search Toolbar
"{E17141A6-211D-5854-61D9-69827A430D82}" = EA Download Manager UI
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup
"{F54E5D65-CB60-4A31-A71B-BCFB0FA0076D}" = Verizon Download Manager
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"Accounts and Budget Freeware V6.0_is1" = Accounts and Budget Freeware V6.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AviSynth" = AviSynth 2.5
"BFG-Artist Colony" = Artist Colony
"BFG-Bee Garden" = Bee Garden
"BFGC" = Big Fish Games: Game Manager
"BFG-Cake Mania - Lights, Camera, Action" = Cake Mania: Lights, Camera, Action!
"BFG-Chocolatier" = Chocolatier
"BFG-Farm Frenzy 3 - American Pie" = Farm Frenzy 3: American Pie
"BFG-Fiona Finch and the Finest Flowers" = Fiona Finch and the Finest Flowers
"BFG-Great Adventures - Lost in Mountains" = Great Adventures: Lost in Mountains
"BFG-Jessica's Cupcake Cafe" = Jessica's Cupcake Cafe
"BFG-Life Quest" = Life Quest ™
"BFG-Mall-a-Palooza" = Mall-a-Palooza
"BFG-Slingo Mystery - Who's Gold" = Slingo Mystery: Who's Gold
"BFG-Spa Mania 2" = Spa Mania 2
"BFG-Wheel of Fortune 2" = Wheel of Fortune 2
"BitTornado" = BitTornado 0.3.17
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"EA Download Manager" = EA Download Manager
"Frontline Registry Cleaner1.25" = Frontline Registry Cleaner
"Google Chrome" = Google Chrome
"Homepage Protection" = Homepage Protection
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}" = HP MediaSmart Internet TV
"iWinArcade" = iWin Games (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"N360" = Norton 360
"P2P_Energy Toolbar" = P2P_Energy Toolbar
"Restaurant Empire" = Restaurant Empire (remove only)
"Slingo Mystery" = Slingo Mystery (remove only)
"Videora iPod Converter" = Videora iPod Converter 5.04
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinMX Music" = WinMX Music
"YouTube Downloader App" = YouTube Downloader App 2.03
"Zynga Toolbar" = Zynga Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Sansa Updater" = Sansa Updater
"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Log in or Sign up

Solved google redirect for windows 7 64bit

jabdude84 Inactive Thread Starter

broni Moderator Malware Analyst

jabdude84 Inactive Thread Starter

jabdude84 Inactive Thread Starter

broni Moderator Malware Analyst

jabdude84 Inactive Thread Starter

jabdude84 Inactive Thread Starter

jabdude84 Inactive Thread Starter

broni Moderator Malware Analyst

broni Moderator Malware Analyst

jabdude84 Inactive Thread Starter

jabdude84 Inactive Thread Starter

jabdude84 Inactive Thread Starter

jabdude84 Inactive Thread Starter

broni Moderator Malware Analyst

jabdude84 Inactive Thread Starter

broni Moderator Malware Analyst

jabdude84 Inactive Thread Starter

broni Moderator Malware Analyst

jabdude84 Inactive Thread Starter

Share This Page

Log in or Sign up

Solved google redirect for windows 7 64bit

jabdude84 Inactive Thread Starter

broni Moderator Malware Analyst

jabdude84 Inactive Thread Starter

jabdude84 Inactive Thread Starter

broni Moderator Malware Analyst

jabdude84 Inactive Thread Starter

jabdude84 Inactive Thread Starter

jabdude84 Inactive Thread Starter

broni Moderator Malware Analyst

broni Moderator Malware Analyst

jabdude84 Inactive Thread Starter

jabdude84 Inactive Thread Starter

jabdude84 Inactive Thread Starter

jabdude84 Inactive Thread Starter

broni Moderator Malware Analyst

jabdude84 Inactive Thread Starter

broni Moderator Malware Analyst

jabdude84 Inactive Thread Starter

broni Moderator Malware Analyst

jabdude84 Inactive Thread Starter

Share This Page

Useful Searches