Jump to content

seabeetodd

Honorary Members
 View Profile  See their activity

  • Posts

    60

  • Joined

  • Last visited

 Content Type 

Everything posted by seabeetodd

  1. seabeetodd
    should I use a third party program to uninstall so it gets everything?
  2. seabeetodd
    I think I got everything. There were a couple more lines that had incredibar in them and I just went ahead and deleted them. Would it be ok if I just uninstalled firefox? I use Chrome anyway.
  3. seabeetodd
    RogueKiller V8.0.2 [08/31/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Todd [Admin rights] Mode : Scan -- Date : 09/06/2012 00:11:19 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 10 ¤¤¤ [RUN][sUSP PATH] HKCU\[...]\Run : MusicManager ("C:\Users\Todd\AppData\Local\Programs\Google\MusicManager\MusicManager.exe") -> FOUND [RUN][sUSP PATH] HKUS\S-1-5-21-1413658493-208379941-2510509854-1001[...]\Run : MusicManager ("C:\Users\Todd\AppData\Local\Programs\Google\MusicManager\MusicManager.exe") -> FOUND [TASK][sUSP PATH] RunAsStdUser Task : "C:\Users\Todd\AppData\Local\cheerychickenSA\bin\1.0.8.0\CheeryChickenSA.exe" -> FOUND [DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{BCF4865F-23B7-4460-81D4-294C88685033} : NameServer (216.176.95.129,216.176.95.161) -> FOUND [DNS] HKLM\[...]\ControlSet002\Services\Interfaces\{BCF4865F-23B7-4460-81D4-294C88685033} : NameServer (216.176.95.129,216.176.95.161) -> FOUND [HJPOL] HKCU\[...]\System : disableregistrytools (0) -> FOUND [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: Hitachi HDT721010SLA360 +++++ --- User --- [MBR] 4e429ab2b3be844df02191337f2bab0a [bSP] c6c33eca83b53313d44db8aa65917135 : Windows Vista/7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 942525 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1930498048 | Size: 11242 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: Maxtor 3200 USB Device +++++ --- User --- [MBR] 753957cf0bfe82d02b91cb4fca2411c7 [bSP] 2871bdccde8cdce0919fe98d2a30f585 : MBR Code unknown Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 305242 Mo User = LL1 ... OK! Error reading LL2 MBR! +++++ PhysicalDrive2: HP Photosmart Prem USB Device +++++ Error reading User MBR! User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[1].txt >> RKreport[1].txt
  4. seabeetodd
    hello, I got stuck with a toolbar and a search tab I can't get rid of. Thanks DDS.txt Attach.txt
  5. seabeetodd
    Yes, I'm sorry. When you said everything seemed fine, I assumed you didn't need me to do anything else.
  6. seabeetodd
    I guess not. Why were some files showing up as password protected during the virus scan? I don't remember doing that.
  7. seabeetodd
    I ran kaspersky again. There is no detected threats and the save function is grayed out.
  8. seabeetodd
    <p> </p> <div>ESETSmartInstaller@High as CAB hook log:</div> <div>OnlineScanner64.ocx - registred OK</div> <div>OnlineScanner.ocx - registred OK</div> <div># version=7</div> <div># iexplore.exe=8.00.7600.16385 (win7_rtm.090713-1255)</div> <div># OnlineScanner.ocx=1.0.0.6583</div> <div># api_version=3.0.2</div> <div># EOSSerial=92e70fd392fe9d48986c28909bcf5372</div> <div># end=finished</div> <div># remove_checked=false</div> <div># archives_checked=true</div> <div># unwanted_checked=true</div> <div># unsafe_checked=true</div> <div># antistealth_checked=true</div> <div># utc_time=2012-06-06 04:41:20</div> <div># local_time=2012-06-06 11:41:20 (-0600, Central Daylight Time)</div> <div># country="United States"</div> <div># lang=1033</div> <div># osver=6.1.7601 NT Service Pack 1</div> <div># compatibility_mode=512 16777215 100 0 0 0 0 0</div> <div># compatibility_mode=1024 16777215 100 0 21028360 21028360 0 0</div> <div># compatibility_mode=5893 16776574 100 94 31563083 90539597 0 0</div> <div># compatibility_mode=8192 67108863 100 0 0 0 0 0</div> <div># scanned=232943</div> <div># found=4</div> <div># cleaned=0</div> <div># scan_time=4732</div> <div>C:\ProgramData\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\_Setupx.dll<span class="Apple-tab-span" style="white-space:pre"> </span>a variant of Win32/Adware.Yontoo.B application (unable to clean)<span class="Apple-tab-span" style="white-space:pre"> </span>00000000000000000000000000000000<span class="Apple-tab-span" style="white-space:pre"> </span>I</div> <div>C:\Users\All Users\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\_Setupx.dll<span class="Apple-tab-span" style="white-space:pre"> </span>a variant of Win32/Adware.Yontoo.B application (unable to clean)<span class="Apple-tab-span" style="white-space:pre"> </span>00000000000000000000000000000000<span class="Apple-tab-span" style="white-space:pre"> </span>I</div> <div>C:\_OTL\MovedFiles\05312012_130808\C_Program Files (x86)\WhiteSmokeTranslator\WSRegistrationDictMode.exe<span class="Apple-tab-span" style="white-space:pre"> </span>probably a variant of Win32/WhiteSmoke application (unable to clean)<span class="Apple-tab-span" style="white-space:pre"> </span>00000000000000000000000000000000<span class="Apple-tab-span" style="white-space:pre"> </span>I</div> <div>C:\_OTL\MovedFiles\05312012_130808\C_Program Files (x86)\WhiteSmokeTranslator\html\english\dictClientDic\index.html<span class="Apple-tab-span" style="white-space:pre"> </span>HTML/WhiteSmoke application (unable to clean)<span class="Apple-tab-span" style="white-space:pre"> </span>00000000000000000000000000000000<span class="Apple-tab-span" style="white-space:pre"> </span>I</div> <div> </div> <div> </div> <div> </div> <div> </div> <div>the Kaspersky wasn't finished running when I left, and when I got back the window was closed (probably someone in my family) and I can't find any log files anywhere. Would you like me to run it again? I did notice that it encountered a few files that it said were password protected and I thought that was strange. I noticed some were .rar files. Sorry for the mixup.</div> <div> </div>
  9. seabeetodd
    Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.06.20.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 Todd :: TODD-PC [administrator] 6/20/2012 11:34:52 AM mbam-log-2012-06-20 (11-34-52).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 219677 Time elapsed: 2 minute(s), 2 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) I know it found something during the scan, i went back and checked and couldn't find anything.
  10. seabeetodd
    My son tried downloading a bunch of call of duty hacks. I ran Malwarebytes anti-malware and it found and quarantined an item, but I couldn't find it in the vault afterwards. I just want to make sure there is nothing else. . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7601.17514 Run by Todd at 11:49:30 on 2012-06-20 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8119.6768 [GMT -5:00] . AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k HPService C:\Windows\system32\WUDFHost.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Windows\SysWOW64\schtasks.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\taskeng.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Windows\ehome\ehRecvr.exe C:\Windows\ehome\mcGlidHost.exe C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Users\Todd\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Todd\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Todd\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Todd\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Todd\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Todd\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Todd\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Todd\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Todd\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Todd\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\AVG\AVG2012\avgcfgex.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun: [Family Tree Builder Update] C:\Users\Todd\MyHeritage\Bin\FTBCheckUpdates.exe StartupFolder: C:\Users\Todd\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{BCF4865F-23B7-4460-81D4-294C88685033} : NameServer = 216.176.95.129,216.176.95.161 TCP: Interfaces\{F57E66B0-60C0-49C0-B8B6-44854D1F37EA} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{F57E66B0-60C0-49C0-B8B6-44854D1F37EA}\D496C6C6562713 : DhcpNameServer = 97.64.168.12 97.64.183.165 Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO-X64: HP Print Enhancer - No File BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll BHO-X64: AVG Do Not Track - No File BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll BHO-X64: HP Smart BHO Class - No File EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun-x64: [Family Tree Builder Update] C:\Users\Todd\MyHeritage\Bin\FTBCheckUpdates.exe . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Todd\AppData\Roaming\Mozilla\Firefox\Profiles\14k63ll8.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.search.selectedEngine - . ---- FIREFOX POLICIES ---- FF - user.js: extensions.autoDisableScopes - 14 FF - user.js: security.csp.enable - false FF - user.js: extensions.incredibar_i.ms_url_id - FF - user.js: extensions.incredibar_i.upn2 - 6R8ujcUcmh FF - user.js: extensions.incredibar_i.upn2n - 92824439394731701 FF - user.js: extensions.incredibar_i.productid - 26 FF - user.js: extensions.incredibar_i.installerproductid - 26 FF - user.js: extensions.incredibar_i.did - 10658 FF - user.js: extensions.incredibar_i.ppd - FF - user.js: extensions.incredibar_i.newTab - false FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6R8ujcUcmh&loc=IB_TB&i=26&search= FF - user.js: extensions.incredibar_i.id - 780e0ab90000000000000626824725b7 FF - user.js: extensions.incredibar_i.instlDay - 15488 FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1414:49:36 FF - user.js: extensions.incredibar_i.prtnrId - Incredibar FF - user.js: extensions.incredibar_i.prdct - incredibar FF - user.js: extensions.incredibar_i.aflt - orgnl FF - user.js: extensions.incredibar_i.smplGrp - none FF - user.js: extensions.incredibar_i.tlbrId - base FF - user.js: extensions.incredibar_i.instlRef - FF - user.js: extensions.incredibar_i.dfltLng - FF - user.js: extensions.incredibar_i.excTlbr - false . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys --> C:\Windows\system32\DRIVERS\avgidsha.sys [?] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?] R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288] R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-6-21 85560] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-24 13336] R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-1-27 226624] R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-5-30 3048136] R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys --> C:\Windows\system32\DRIVERS\avgidsdrivera.sys [?] R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\avgidsfiltera.sys --> C:\Windows\system32\DRIVERS\avgidsfiltera.sys [?] R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;C:\Windows\system32\drivers\HCW85BDA.sys --> C:\Windows\system32\drivers\HCW85BDA.sys [?] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-4-30 5106744] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-4-5 158856] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-5-30 257696] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudbus.sys --> C:\Windows\system32\DRIVERS\ssudbus.sys [?] S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2012-06-20 16:08:48 955840 ----a-w- C:\Windows\System32\npDeployJava1.dll 2012-06-20 16:08:48 839096 ----a-w- C:\Windows\System32\deployJava1.dll 2012-06-19 14:51:09 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-19 14:50:56 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-19 14:50:42 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-19 14:50:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-19 14:42:44 -------- d-----w- C:\Users\Todd\AppData\Roaming\MyHeritage 2012-06-19 14:42:44 -------- d-----w- C:\ProgramData\MyHeritage 2012-06-19 14:42:20 454656 ----a-w- C:\Windows\SysWow64\PaintX.dll 2012-06-19 14:42:20 372736 ----a-w- C:\Windows\SysWow64\ijl15.dll 2012-06-19 14:42:20 118784 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL 2012-06-19 14:42:19 608448 ----a-w- C:\Windows\SysWow64\comctl32.ocx 2012-06-19 14:42:19 137000 ----a-w- C:\Windows\SysWow64\msmapi32.ocx 2012-06-19 14:42:19 -------- d-----w- C:\Users\Todd\AppData\Roaming\The Complete Genealogy Reporter - FTB 2012-06-19 14:42:10 -------- d-----w- C:\Users\Todd\MyHeritage 2012-06-08 16:51:52 -------- d-----w- C:\$RECYCLE.BIN 2012-06-06 15:18:56 -------- d-----w- C:\Program Files (x86)\ESET 2012-06-05 18:11:48 -------- d-----w- C:\Program Files (x86)\Oracle 2012-06-05 18:11:18 772504 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2012-06-05 17:54:04 -------- d-----w- C:\Program Files (x86)\VS Revo Group 2012-05-30 18:59:30 4966600 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll 2012-05-30 17:02:03 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe 2012-05-30 16:37:55 388096 ----a-r- C:\Users\Todd\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-05-30 16:37:55 -------- d-----w- C:\Program Files (x86)\Trend Micro 2012-05-30 16:08:07 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-05-28 19:49:03 -------- d-----w- C:\Program Files (x86)\1ClickDownload 2012-05-26 04:00:43 -------- d-----w- C:\ProgramData\blekko toolbars 2012-05-26 04:00:35 -------- d-----w- C:\Users\Todd\AppData\Local\blekkotb_031 2012-05-26 04:00:34 -------- d-----w- C:\ProgramData\Tarma Installer 2012-05-26 04:00:34 -------- d-----w- C:\ProgramData\Anti-phishing Domain Advisor . ==================== Find3M ==================== . 2012-05-30 17:02:08 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-15 04:01:31 1188864 ----a-w- C:\Windows\System32\wininet.dll 2012-05-15 03:03:54 981504 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-05-15 01:32:33 3146752 ----a-w- C:\Windows\System32\win32k.sys 2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll 2012-04-28 15:12:15 644496 ----a-w- C:\Users\Todd\EBOOT.BIN 2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll 2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2012-04-20 03:45:41 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2012-04-20 03:16:44 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-04-19 09:50:26 28480 ----a-w- C:\Windows\System32\drivers\avgidsha.sys 2012-04-07 12:31:40 3216384 ----a-w- C:\Windows\System32\msi.dll 2012-04-07 11:26:29 2342400 ----a-w- C:\Windows\SysWow64\msi.dll 2012-04-04 23:47:02 687504 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-04-04 20:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys . ============= FINISH: 11:49:48.65 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 3/1/2010 1:00:41 PM System Uptime: 6/20/2012 2:06:36 AM (9 hours ago) . Motherboard: MSI | | IONA Processor: Intel® Core i5 CPU 650 @ 3.20GHz | CPU 1 | 3201/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 920 GiB total, 790.702 GiB free. D: is FIXED (NTFS) - 11 GiB total, 1.585 GiB free. E: is CDROM (CDFS) F: is Removable G: is Removable H: is Removable I: is Removable K: is Removable N: is FIXED (NTFS) - 298 GiB total, 195.667 GiB free. . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Photosmart Prem C410 series Device ID: ROOT\MULTIFUNCTION\0000 Manufacturer: HP Name: Photosmart Prem C410 series PNP Device ID: ROOT\MULTIFUNCTION\0000 Service: . ==== System Restore Points =================== . RP271: 6/11/2012 11:11:42 AM - Scheduled Checkpoint RP272: 6/14/2012 3:00:28 AM - Windows Update RP273: 6/16/2012 1:20:10 AM - HPSF Restore Point RP274: 6/19/2012 9:50:25 AM - Windows Update RP275: 6/20/2012 11:08:23 AM - Installed Java 7 Update 5 (64-bit) RP276: 6/20/2012 11:10:48 AM - Removed Java 7 Update 4 . ==== Installed Programs ====================== . Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Reader X (10.1.3) Adobe Shockwave Player 11.5 AnswerWorks 5.0 English Runtime Apple Application Support Apple Software Update BufferChm C410 Command & Conquer™ Red Alert™ 3 Compatibility Pack for the 2007 Office system CyberLink DVD Suite Deluxe D3DX10 Destinations DeviceDiscovery DirectX for Managed Code Update (Summer 2004) DocProc DVD Menu Pack for HP MediaSmart Video ESET Online Scanner v3 Fax ffdshow [rev 2527] [2008-12-19] Google Chrome Google Talk Plugin GPBaseService2 Hewlett-Packard ACLM.NET v1.1.1.0 HiJackThis HP Advisor HP Customer Experience Enhancements HP Games HP MediaSmart Demo HP MediaSmart DVD HP MediaSmart Music/Photo/Video HP MediaSmart/TouchSmart Netflix HP Odometer HP Photo Creations HP Remote Solution HP Setup HP Support Assistant HP Support Information HP Update HPAppStudio HPPhotoGadget HPProductAssistant HPSSupply Hulu Desktop Intel® Rapid Storage Technology Internet TV for Windows Media Center JavaFX 2.1.0 Junk Mail filter update LabelPrint LG USB Modem driver LightScribe System Software Malwarebytes Anti-Malware version 1.61.0.1400 MarketResearch Microsoft Office PowerPoint Viewer 2007 (English) Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft VC9 runtime libraries Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Works Microsoft WSE 3.0 Runtime Microsoft® Winter Fun Pack 2004 for Windows® XP MotoHelper 2.0.45 Driver 5.0.0 MotoHelper MergeModules Movie Theme Pack for HP MediaSmart Video Mozilla Firefox 9.0.1 (x86 en-US) MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyHeritage Family Tree Builder Netflix in Windows Media Center NVIDIA PhysX OF Dragon Rising OpenOffice.org 3.2 Origin PictureMover Power2Go PowerDirector PS_AIO_07_C410_SW_Min Quicken 2010 QuickTransfer Realtek High Definition Audio Driver Recovery Manager Revo Uninstaller 1.94 RLPrintPlugin Scan Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Skype Click to Call Skype™ 5.9 SmartWebPrinting SolutionCenter SpeechRedist Status Steam The Sims Medieval The Sims™ 3 The Sims™ 3 Pets Toolbox TrayApp Unified Remote Unreal Tournament 3 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update Installer for WildTangent Games App Verizon V CAST Media Manager Visual C++ 8.0 Runtime Setup Package (x64) Visual Studio 2008 x64 Redistributables WebReg WildTangent Games App (HP Games) Winamp Winamp Detector Plug-in Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR 4.20 beta 2 (32-bit) WolfQuest Zoo Tycoon 2 - Ultimate Collection . ==== Event Viewer Messages From Past Week ======== . 6/19/2012 12:29:57 PM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found. . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.